Avast scan is saying the file located at C:\Windows\svcdns.exe is infected with Win32:Evo-gen. I followed the excellent info on downloading the various tools to obtain the necessary basic logs. Please see attached. Not sure if you need any other info. Thanks in advance for any assistance!!
First submission 2013-04-19 20:12:31 UTC ( 1 year, 4 months ago )
well that sure seems infected …
but this file info make it look legit? … however Norman detection name Obfuscated_L may indicate that the file is not what it seems to be
CopyrightCopyright Apple Inc. 1989-2012
Publisher ?????????????
Product QuickTime
Original name QTOLibrary.dll
Internal name QuickTimeLibrary
File version 7.7.2 (1680.56)
Description QuickTime Library
Signature verification Certificate out of its validity period
Signers
[+] ?????????????
[+] WoSign Class 3 Code Signing CA
[+] Certification Authority of WoSign
[+] StartCom Certification Authority
upload and report it here http://www.avast.com/contact-form.php and ask if this detection is good
give link to this topic in case they want to reply here
Although this is all a very new world to me, I get the idea of obfuscation. I submitted the file to http://www.avast.com/contact-form.php as you suggested.
How long would one normally need to wait for a response?? I’m wondering if I should avoid completely using this computer so as to now cause any further damage. Also wondering if I should disconnect internet / wifi from this computer. Or any other practical steps??