Author Topic: Virus found (Read 16170 times)

Sojourner · « **Reply #15 on:** November 01, 2004, 08:04:54 PM »

I have had Window Washer for many months, no new downloads, and I got the same mysterious virus warning Friday morning; I just put it in the chest, ran another scan and all has been well!

Eddy · « **Reply #16 on:** November 01, 2004, 08:05:15 PM »

Yup, looks like a false positive to me.

Just wondering, could this be a part of the Windows Washer that checks for updates?

Lisandro · « **Reply #17 on:** November 01, 2004, 08:27:49 PM »

Quote from: Sojourner on November 01, 2004, 08:04:54 PM

I have had Window Washer for many months, no new downloads, and I got the same mysterious virus warning Friday morning; I just put it in the chest, ran another scan and all has been well!

It's a false positive, for sure.

Tipton · « **Reply #18 on:** November 01, 2004, 10:02:02 PM »

Quote from: Eddy on November 01, 2004, 08:05:15 PM

Yup, looks like a false positive to me.

Just wondering, could this be a part of the Windows Washer that checks for updates?

Eddy, you can download a free trial of window washer at this link!
http://www.webroot.com/downloads/

Download it from the "try it" section to the right. Then you can play around with the file that Avast flags. I am not sure what its function is as far as how window washer performs.

Tipton

Tipton · « **Reply #19 on:** November 01, 2004, 10:10:00 PM »

Quote from: whocares on November 01, 2004, 06:43:40 PM

ArchiveScanning for RightClick-Scan (AshQuick) would be available in the PRO-version or
via a tweak found in the USER's FAQs:
http://forum.avast.com/index.php?board=9;action=display;threadid=4818;start=15

Am I to understand that unless I have the pro version, I can only do a limeted right click and scan on files? I am still a bit concerned that I can right click and scan my Window washer 5 exe on my storage drive, and Avast finds it clean. However, it finds a false positive when I run the exe. I would really like to be able to find this stuff before running the file.

Tipton

whocares · « **Reply #20 on:** November 01, 2004, 10:25:25 PM »

AFAIK many Installer-EXEs from commercial files are somehow encrypted, so that even with full thorough/archiv and whatever enabled, avast or other AV's may not be able to access all files in it to scan

Incidently, what happens if you scan the WindowWasher-Installer from with avast main-Scanner (folder-scan, thorough and archiv-scan) ??

But your WindowWasher-DLL sure seems to have some backdoor-like functionality: other AV's (e.g. RAV) alert to the file, too.

see GOOGLE:
ReadME

anyway submit it to avast and ask for reconsidering

Tipton · « **Reply #21 on:** November 01, 2004, 10:31:18 PM »

Quote from: whocares on November 01, 2004, 10:25:25 PM

AFAIK many Installer-EXEs from commercial files are somehow encrypted, so that even with full thorough/archiv and whatever enabled, avast or other AV's may not be able to access all files in it to scan

Incidently, what happens if you scan the WindowWasher-Installer from with avast main-Scanner (folder-scan, thorough and archiv-scan) ??

But your WindowWasher-DLL sure seems to have some backdoor-like functionality: other AV's (e.g. RAV) alert to the file, too.

see GOOGLE:
ReadME

anyway submit it to avast and ask for reconsidering

Yeah, I read through those threads before posting. The virus found in the threads goes by a different name than what Avast is finding. I am not worried about it, because my system is not acting abnormal, and many people run window washer.

Tipton

whocares · « **Reply #22 on:** November 01, 2004, 10:37:13 PM »

Oh well..

WW seems to be simple installer archive

*** have you tried the USER-FAQ_Tweak with deftask.xml for ashquick ? **

Anyway: are you sure you didn't have avast shield running during JOTTI-Scan ?
Weird, as your file (or something) seems to have been uploaded...
--> but I get this:

File: Internet.dll Status:
POSSIBLY INFECTED/MALWARE (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
Packers detected:

Avast (and only avast!) says:
Win32:StartPage-057 (4.73 seconds taken)

The "Note" is a bit hard on alwil, but:
you're not alone there, guys...

--> "RAV-Online: Internet.dll - Backdoor:Win32/Ferat.1_0 -> Suspicious"

Eddy · « **Reply #23 on:** November 01, 2004, 10:38:33 PM »

Quote

Eddy, you can download a free trial of window washer at this link!

I am always cleaning my systems manually (not exactly true since I got a script which I have written for my systems to automate some things). Much more effective than any excisting application. It does ofcourse require knowledge on how applications work and where to find "trash"

As I have told/explained in another thread on this board. Those applications which claim to clean your system are not very good in doing their job. It depends a lot of what you have installed, what settings and things like that. In the past I have tested several of those applications and the best they did was removing about 80% of all the garbage. Don't get me wrong, I am not saying they are not usefull. They sure can be of help to "novice" users (with all respect) But they all promise to do more than they are actually are doing.

example:
They do remove temp files which are used/caused buy Internet Explorer, but they leave temp files from Opera on your system.

Another example:
None of them remove the "trash" that is on a system left by the security updates from windows update. (security patches/updates and such) Or at least give you the option to remove it.

I admit that it will take time and effort to learn how a OS and applications are working and it won't be easy to many people to learn/understand it. But manually cleaning a system is and likely will be the best solution as long as you have the knowledge for it.

Tipton · « **Reply #24 on:** November 01, 2004, 10:42:35 PM »

Quote from: Eddy on November 01, 2004, 10:38:33 PM

Quote
Eddy, you can download a free trial of window washer at this link!
I am always cleaning my systems manually (not exactly true since I got a script which I have written for my systems to automate some things). Much more effective than any excisting application. It does ofcourse require knowledge on how applications work and where to find "trash"

As I have told/explained in another thread on this board. Those applications which claim to clean your system are not very good in doing their job. It depends a lot of what you have installed, what settings and things like that. In the past I have tested several of those applications and the best they did was removing about 80% of all the garbage. Don't get me wrong, I am not saying they are not usefull. They sure can be of help to "novice" users (with all respect) But they all promise to do more than they are actually are doing.

example:
They do remove temp files which are used/caused buy Internet Explorer, but they leave temp files from Opera on your system.

Another example:
None of them remove the "trash" that is on a system left by the security updates from windows update. (security patches/updates and such) Or at least give you the option to remove it.

I admit that it will take time and effort to learn how a OS and applications are working and it won't be easy to many people to learn/understand it. But manually cleaning a system is and likely will be the best solution as long as you have the knowledge for it.

I only suggested installing window washer to study the .dll file that Avast is flagging.

Tipton

Tipton · « **Reply #25 on:** November 01, 2004, 11:46:04 PM »

Quote from: whocares on November 01, 2004, 10:25:25 PM

Incidently, what happens if you scan the WindowWasher-Installer from with avast main-Scanner (folder-scan, thorough and archiv-scan) ??

Absolutely nothing! Avast is not able to find this false positive, unless the exe is ran. This is quite disturbing for me, because that is the only reason I have an AV installed on my system.......to right click and scan downloaded files from the internet. Yes I had scan within archives enabled!

Tipton

Eddy · « **Reply #26 on:** November 01, 2004, 11:52:33 PM »

Quote

This is quite disturbing for me, because that is the only reason I have an AV installed on my system

Looks like it is time you set your prioriyties about securtiy for your system apropiatly imho.

Tipton · « **Reply #27 on:** November 01, 2004, 11:58:40 PM »

Quote from: Eddy on November 01, 2004, 11:52:33 PM

Quote
This is quite disturbing for me, because that is the only reason I have an AV installed on my system
Looks like it is time you set your prioriyties about securtiy for your system apropiatly imho.

Meaning what? Find a different AV that can scan inside exe's?

Tipton

Eddy · « **Reply #28 on:** November 02, 2004, 12:14:02 AM »

No, I ment that security for a system is a lot more than just installing a av and use it with the standard settings and rely on it to pretect your system from every harmfull thing.

Security starts with the knowledge of the user, not with the system, applications or harware.

Tipton · « **Reply #29 on:** November 02, 2004, 12:19:06 AM »

Quote from: Eddy on November 02, 2004, 12:14:02 AM

No, I ment that security for a system is a lot more than just installing a av and use it with the standard settings and rely on it to pretect your system from every harmfull thing.

Security starts with the knowledge of the user, not with the system, applications or harware.

Well if you are implying that all I do is run an AV on my system with minimum settings, you are very wrong. I have many layers of security protection. I have Avast set as strict as I can, without having to go inside and hack it up myself to get it to be more secure. Not many people can say that they have never had a virus. I can say that.....except for this silly false positive that Avast has found in my window washer software.

Tipton