Avast WEBforum
Other => General Topics => Topic started by: debanjan on May 21, 2010, 09:52:06 AM
-
Dear members,
I am using
Microsoft Windows XP
Media Center Edition
Version 2002
Service Pack 3
Intel(R) Core(TM)2 CPU
T5200 @ 1.60GHz
1.60 GHz,
1.99GB of RAM
Yesterday I performed a boot scan with avast antivirus home edition version 5.0.545.
Avast found two malwares but both of them were system files i.e. they were shipped with this product(Windows XP).
The found malwares were :-
dodo.exe---this file was found in Program Files/EASY Internet Sign UP
and another
was a trial version of a game which was sold with this product by HP.(Since the computer is manufactured by HP).
I know (and am sure) that none of them are malwares but avast has stored them into the virus chest.What can I do so that they are removed from the virus chest and ignored by avast antivirus on further scans?
I have already submitted it to the virus lab.
Second question, Does Avast antivirus has false positives during scan???
-
I am roughly 99.99% sure dodo.exe = malware
But if you really want it.....
1) Right click on the file in the virus chest and put it back to the original location.
2) Add the file to the exclusion list
I don't recommend this, but if that is what you want....
-
Get yourself a second opinion before restoring the files from chest..!!
Use free Mbam: http://www.malwarebytes.org/mbam.php
And yes, every AV has FPs sometimes, but avast rather seldom.
asyn
-
dodo.exe probably isn't a file you should think about keeping on your system.
http://spywarefiles.prevx.com/RRIJIJ1178088/DODO.EXE.html (http://spywarefiles.prevx.com/RRIJIJ1178088/DODO.EXE.html)
-
thank you everybody for your feedback. I am very grateful to all of you.
Than you all once again.
-
I have checked it(dodo.exe) thrice with mbam (MalwareBytes Anti-Malware) but everytime it was reported to be clean by mbam.
I also checked the other file which avast termed as malware and surprisingly found that also to be clean.
Now I am in a dilemma, which one should I believe,,,avast or mbam.
Have U guys any idea about this.
Please help.
-
Believe avast!
Please do not post in Red
http://www.spycheck.co.uk/genera.php?processfile=dodo.exe&dir=d&pag=42
http://wakoopa.com/executables/dodo-exe
http://www.virus-com.com/viruscom/viruscom_53112.html
http://www.google.ca/#hl=en&source=hp&q=dodo.exe+virus&aq=1&aqi=g2&aql=&oq=dodo.e&gs_rfai=&fp=ea751a29922b4b99
-
Hi debanjan,
Backdoor.Fluxay.47 - dodo.exe - dodo
dodo.exe is a process that is registered as Backdoor.Fluxay.47. Such files, which usually end up becoming a spyware or viruses when landing in your PC often differ from the original file that is not a threat, because they are located in other directories and have a different digital signature. To determine whether this is a real threat or not, to undertake a review with the tool of detection like virustotal.com (upload dodo.exe there). What are the results?
It is cloaked malware, re: http://www.prevx.com/filenames/1099703743611420141-X1/227.EXE.html
& http://spywarefiles.prevx.com/RRIJIJ1178088/DODO.EXE.html
The file "dodo.exe" is known to be created under the following filenames:
This file can also be found at following location(s) (can also be found with different file name(s)):
%systemdrive%\documents and settings\dodo.exe
This filename is associated with the Malware groups:
Trojan-Downloader
This file was found in the following Malware families by analysis team:
Trojan-Downloader.Losabel.bt
ype : Trojan-Downloader
Symptoms of Losabel.bt Re: http://www.spywarelib.com/remove--Trojan-Downloader-Losabel-bt.html
polonus