Suspected false alarm for the Trojan Horse "Direct-372 [Trj]."

[Peter Swinkels]

Hello,

My Avast! virus scanner is giving what I suspect to be a false alarm for the Trojan Horse "Direct-372 [Trj]." It does this whenever I try to access a file on my harddisk called dcompaud.exe, which is part of the MS-DOS game King's Quest VI. Avast! also gives a warning when I try to access the same file on my original King's Quest Collection cd, so I suspect it's a false alarm. What should I do to make sure this is a false warning, and if so, properly report this to Alwil Software?

[Lisandro]

What should I do to make sure this is a false warning, and if so, properly report this to Alwil Software?

To know if a file is a false positive, please submit it to JOTTI or VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the 'a' blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button...
You can use wildcards like * and ?. But be carefull, you should 'exclude' that many files that let your system in danger.
After that, please, periodically check it - scan it into Chest, right clicking the file -  there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected as being infected then you can also remove it from the Exclusion list.

This link is a tutorial on how to help correct a virus detection that you believe to be false:
http://forum.avast.com/index.php?topic=25009.msg204838#msg204838

[Peter Swinkels]

None of the scanners at VirusTotal found a virus, so I sent the file to avast@virus.com.

[BJ_GeOrgE]

u did the right thing by sending the file to alwil..they usually remove the false alarm in their next vps update..