Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Franciscano on December 24, 2004, 02:20:13 AM
-
Hello,
Avast find virus:
Win32:Trojan-gen. {Other}
C:\Windows\system32\explorer.exe
What I make?
I have AMD Duron 800/20GB/258 RAM/WinXP Pro/SP1
-
Just delete it. Do this in safe mode.
The file mimics system file name,but its in the wrong place.
-
When installing a flight simulator add on "Ready for Pushback" from CD (boxed version, German), AVAST 4.5 report "Win-Trojan-gen.(UPX).
When the CD is scanned, AVAST reports this Trojan on most of the .exe files. Is it likely that an original CD is really infected?
-
Welcome to the forums,
If you are getting a virus warning that you believe is a false positive, then if you can zip and password protect ('virus', will do) the suspect file and send it to virus @ avast.com (no spaces).
Give a brief outline of the problem, the fact that you believe it to be a false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.
You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner Jotti - Multi Engine Scanner (http://virusscan.jotti.dhs.org) if any other scanners here detect them it is less likely to be a false positive.
Also see (Mini Sticky) False Positives (http://forum.avast.com/index.php?board=2;action=display;threadid=7779)
Merry Christmas
-
Hi DavidR,
Thanx for yr suggestions.
I'm afraid I can't copy the subject files from the CD. I always get a message that it's not r/o or in use. Maybe it's some kind of copy protection.
What next?
I have tried, as per your suggestion, www.virusscan.jotti.dhs.org bit I get the message "Board closed until further notice. "
The CD "Ready for Pushback" is marked: "German localized version published and distributed by ProfiSoft under license to Vmax Flight Systems." The product no. is: 4008140778533
I get the following warnings:
VPS Version: 0452-2, 23.12.2004
Win32:Trojan-gen. {UPX!}
H:\ADD_ONS\RFP_V2_Addons.exe
H:\CSC\CSC.exe
H:\Documentation\RFP_V2_DOC.exe
H:\RFP_V2\RFP_V2_06_CD.exe
H:\VIDEOS\RFP_V2_VIDEOS.exe
Any suggestions?
???
Best wishes,
Charles
-
You are trying the wrong website. It is http://virusscan.jotti.dhs.org/ (http://virusscan.jotti.dhs.org/)
-
My fault Eddy, for some reason my URL paste was wrong or got converted incorrectly.
-
Ok -- thanks.
I now get the messge "The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file".
I do use ZoneAlarm Pro ... tried deactivating it ... but still get same message.
Any suggestions?
Best wishes,
Charles
-
I do use ZoneAlarm Pro ... tried deactivating it ... but still get same message.
Many things comes to my mind. Did you pay for ZA? If not you can get all kinds of strange things. If you did, ZA is known for some strange things. Disabling it will not solve anything. Removing and reinstalling will (if it is ZA who is causing troubles)
-
Hi Eddy,
Yes -- ZA Pro is the paid version ...
As I said it's only these files that cannot but uploaded. They cannot even be copied from the CD. I expect it may be some kind of copy protection mechanism that is causing the false positive (if it is a false positive).
Anyway, I still don't know how to send the files to AVAST if they cannot be copied, ziped or uploaded.
Have there been any other similar reports re software from ProfiSoft?
-
Anyway, I still don't know how to send the files to AVAST if they cannot be copied, ziped or uploaded.
Can't you add the file to the Chest and, from there, send to Alwil?
-
No -- AVAST says that it cannot process the file. See enclosed screen shot.