Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: WildWestGuy on October 23, 2010, 11:31:46 PM

Title: Virus - Avast! didnt catch
Post by: WildWestGuy on October 23, 2010, 11:31:46 PM
This is a new Virus that Avast! didnt catch - It was hidden as a DivX codec as you needed to install.
Both Avast! Home Free and Immunet Protect Free missed this.... :'(

Results:
http://www.virustotal.com/file-scan/report.html?id=a593ccf0ae9e3fb4990a16fc8c0573f18a43064e5e1a2d6872136bf0103e89ba-1287806999
Title: Re: Virus - Avast! didnt catch
Post by: Pondus on October 23, 2010, 11:52:06 PM
Posting VT result`s will not help detecting it, what helps is if you send the sample(s) to avast!...


But i think this is an False Positive.....


sigcheck:
publisher....: DivX, Inc.
copyright....: (c) Copyright 2000 - 2010 DivX, Inc.
product......: DivX Setup
description..: DivX Setup
original name: DivXSetup.exe
internal name: DivXSetup
file version.: 2.0.4.2
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
Title: Re: Virus - Avast! didnt catch
Post by: The Dude 321 on October 24, 2010, 07:29:05 AM
Posting VT result`s will not help detecting it, what helps is if you send the sample(s) to avast!...


But i think this is an False Positive.....


sigcheck:
publisher....: DivX, Inc.
copyright....: (c) Copyright 2000 - 2010 DivX, Inc.
product......: DivX Setup
description..: DivX Setup
original name: DivXSetup.exe
internal name: DivXSetup
file version.: 2.0.4.2
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

I agree with you, the scanners that named it as a virus have very high false positive rates.
Title: Re: Virus - Avast! didnt catch
Post by: WildWestGuy on October 24, 2010, 11:55:40 AM
its not a false positive.... I launched a film that I got from a friend - I opened Windows Media Player and it said that I need divX codec - I assumed it was a virus. I clicked "download" and it leads me to a blank site with just a download?

How can a blank page, give me an .exe without "welcome" sign or something, also - The url were wrong after divX website.
Regards,
WildWestGuy  ;D