Author Topic: [Resolved] Found Something Bad  (Read 7633 times)

0 Members and 1 Guest are viewing this topic.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
[Resolved] Found Something Bad
« on: January 01, 2011, 01:58:20 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.
« Last Edit: January 01, 2011, 06:24:37 PM by Para-Noid »
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

marc-d-l

  • Guest
Re: Found Something Bad
« Reply #1 on: January 01, 2011, 02:13:41 AM »
what do you have as a firewall ?

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #2 on: January 01, 2011, 03:24:16 AM »
what do you have as a firewall ?
Window firewall.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7170
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #3 on: January 01, 2011, 03:24:16 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show...if any ???

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Found Something Bad
« Reply #4 on: January 01, 2011, 03:55:29 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7170
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #5 on: January 01, 2011, 04:11:26 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

 Hey DavidR: What is the general process as I have not had a virus with Avast installed as yet. ;D
Is it typical to run with Virus Total first( before thinking of submitting to Avast)? Or not. ???
« Last Edit: January 01, 2011, 04:13:42 AM by schmidthouse »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Found Something Bad
« Reply #6 on: January 01, 2011, 04:56:03 AM »
There is only a need to submit to avast of you believe it to be a false positive detection. and before you can do that it needs to be confirmed at somewhere like virustotal.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7170
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #7 on: January 01, 2011, 05:03:23 AM »
There is only a need to submit to avast of you believe it to be a false positive detection. and before you can do that it needs to be confirmed at somewhere like virustotal.

Thanks ;)

YoKenny

  • Guest
Re: Found Something Bad
« Reply #8 on: January 01, 2011, 05:07:30 AM »

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #9 on: January 01, 2011, 05:12:03 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show...if any ???
No. When I right clicked nothing happened.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #10 on: January 01, 2011, 05:17:29 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
How do you re-scan an item in the Virus Chest?
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline schmidthouse

  • VIRUS FREE A Long Time
  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7170
  • When you think you know, Think Again
Re: Found Something Bad
« Reply #11 on: January 01, 2011, 05:17:53 AM »
The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don't know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble...it found me.

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show...if any ???
No. When I right clicked nothing happened.

No worries, I wasn't sure as I have not had to submit anything from the Virus Chest. And as DavidR mentioned, there isn't any need in any case.
Like everyone else....I live and learn :-\

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #12 on: January 01, 2011, 05:31:22 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
Went to virustotal and no waiting for results.
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: Found Something Bad
« Reply #13 on: January 01, 2011, 05:33:11 AM »
I don't believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
What does 16/43 means a good detection?
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Gargamel360

  • Guest
Re: Found Something Bad
« Reply #14 on: January 01, 2011, 05:39:29 AM »
I would say yes, that is conclusive enough to call it a good detection.