Author Topic: UPX false positives  (Read 4381 times)

0 Members and 1 Guest are viewing this topic.

NoWhereMan

  • Guest
UPX false positives
« on: January 15, 2006, 05:00:24 PM »
Hi,

I really love Avast Home Edition, and I always suggest it to all of my friends. It's installed on the totality of my pcs, and has completely replaced any yellow (*erm*) Internet Security (*cough* ;D) suite.

Today I was scanning my sistem and I found it was reporting many trojans; first I removed them; then I discovered they were just UPX packed executables.

Can I suggest the team, as UPX is afaik opensource, to implement an autounpack-feature, so that the engine can read the unpacked executable sign?
 
I used to work with Multimedia Builder ( www.mediachance.com ) a multimedia authoring tool: the player is UPXed; today the scanner was reporting all of my compiled files as trojans  :P

In order to make this piece of software even better, the best of the best in malware retrieving and removing, and a must-have to everybody, I hope you'll be able to do something about this.

best wishes,

NoWhereMan

CharleyO

  • Guest
Re: UPX false positives
« Reply #1 on: January 15, 2006, 05:03:40 PM »
***

Welcome to the forums, NoWhereMan!    :)

Hopefully, one of the Avast team members can help you solve that problem soon.    :)


***

NoWhereMan

  • Guest
Re: UPX false positives
« Reply #2 on: January 15, 2006, 05:10:51 PM »
thanx :)

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11811
    • AVAST Software
Re: UPX false positives
« Reply #3 on: January 15, 2006, 05:18:29 PM »
Such an unpacker is, of course, implemented - but it has nothing to do with the false positive presence or absence.
What is the exact name of the virus reported, and what is the exact filename? Can you submit the file to virus@avast.com, preferably packed by ZIP or RAR, protected with a password?

NoWhereMan

  • Guest
Re: UPX false positives
« Reply #4 on: January 15, 2006, 05:47:47 PM »
Maybe the file I have is compiled with an older version of the player; sending