Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: vsub on June 01, 2013, 06:53:01 PM

Title: What file from archive is infected
Post by: vsub on June 01, 2013, 06:53:01 PM
Is there is a way to find which file from archive is infected.

This is probably false positive but I have SFX archive which is more than 3 years old and no change were done to it since then.

3 months ago I made a complete scan using 8.0 1482.45(using maximum sensitivity on everything(including boot time scan))and avast didn't find anything(it never suggested that the archive contains any kind of mailware till now)

3 months ago till now,avast was uninstalled,the pc didn't have network connection and no new files were copied.Now after I installed the newest version and did a quick scan,avast said that the SFX archive contains Win32:Malware-gen

I also have the archive contents in a folder in the same directory as the SFX archive(they exist there from even longer time than the SFX archive which I create and no change is done to any of the files)but avast don't say anything when I scan the folder.

It's just weird...I even extracted the SFX archive in a virtual machine,create a new SFX archive with the files and when I scan it,avast didn't say anything.
Why this is happening?
Title: Re: What file from archive is infected
Post by: igor on June 02, 2013, 12:03:20 AM
What is the full line of the result (where avast! says it's infected)? It contains the name of the file inside of the archive.
Title: Re: What file from archive is infected
Post by: vsub on June 02, 2013, 12:15:32 AM
The only name it shows is the SFX archive name...like the archive itself is the virus,not something from it side it.

If I delete all of the files from it in the virtual machine and then try to scan it,avast says that the file is Win32:Malware-gen
SFX archive with nothing inside