[Resolved] Found Something Bad

Avast Free Antivirus / Premium Security
1

The report:
C:\WINDOWS\SYSTEM32\APISlice.dll
Severity: High
Threat: WIN32MALWARE
Action: Moved to chest.
Sorry I don’t know how to do screen captures.
What is this? I am glad avast caught it. And for a change I was not looking for trouble…it found me.

2

what do you have as a firewall ?

3

Window firewall.

4

Did you submit the item in the Chest to Avast for analysis. If you right click the file in the chest what options does it show…if any ???

5

I don’t believe there is any need to submit it to avast as it is fairly clear that it is a good detection, see http://www.virustotal.com/file-scan/report.html?id=fc3b5e2c9e3338e6b722dacf49bdc819a0f3504ffca43882300e2c356fb2b38c-1293831396, where 16 of 43 scanners find something in it.

There is no rush to delete anything from the chest, a protected area where it can do no harm. Anything that you send to the chest you should leave there for a few weeks. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.

6

Hey DavidR: What is the general process as I have not had a virus with Avast installed as yet. ;D
Is it typical to run with Virus Total first( before thinking of submitting to Avast)? Or not. ???

7

There is only a need to submit to avast of you believe it to be a false positive detection. and before you can do that it needs to be confirmed at somewhere like virustotal.

8

Thanks :wink:

9

Use Snipping Tool to capture screen shots
http://windows.microsoft.com/en-US/windows-vista/Use-Snipping-Tool-to-capture-screen-shots

10

No. When I right clicked nothing happened.

11

How do you re-scan an item in the Virus Chest?

12

No worries, I wasn’t sure as I have not had to submit anything from the Virus Chest. And as DavidR mentioned, there isn’t any need in any case.
Like everyone else…I live and learn :-\

13

Went to virustotal and no waiting for results.

14

What does 16/43 means a good detection?

15

I would say yes, that is conclusive enough to call it a good detection.

16

Thanks to all. Once again I learned something new. You guys rock!

17

I too had a full scan report this as a high risk item. This file has been on the PC since 2/2007 according to the properties information. When I tried to move it to the chest, I get this message: Error: Access is denied(5). This is on an Acer laptop, and I purchased it 12/2006. Is it possible this is an Acer API? There is one that runs every time the computer is booted.

18

probably it’s a false positive. what’s the file name?

DJBone

19

Is Acer eDataSecurity Management on that acer laptop.

I reported the same file : http://forum.avast.com/index.php?topic=68836.0

I’m not using Acer eDataSecurity Management (disabled) on this particular acer laptop. And I din’t get the message: Error: Access is denied(5) when moving the file to the chest.