Author Topic: DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P (Read 3732 times)

iroc9555 · « **on:** April 08, 2013, 02:13:21 AM »

DMXLauncher.exe was detected by FSS as Win32:Evo-gen [Susp] when I openned WinPatrol. See image

Since Avast! does not have an ignore accion, I sent it to the Chest. I rescanned it there, but it says " No virus ". Funny ha! Restore the file to send to VT.

VT results:
https://www.virustotal.com/es/file/a36819a62ceb40efe23ac4cb01f3d50a317aecc1443bd257def4fe7481d221e4/analysis/1365378702/

While doing this Avast! detected it again thru FF. I submited the file to Avast! lab as a F/P. Restored the file and excluded it from detection.

iroc9555 · « **Reply #1 on:** April 09, 2013, 01:49:09 AM »

Ok I excluded the file in FSS and BS, and Avast! still FSS found it

I believe, in System Restore and sent the whole .exe to Avast! Chest.

08/04/2013 12:08:54 C:\System Volume Information\_restore{C93A7264-03D8-483A-8AF4-E1E03C0454AA}\RP190\A0038299.exe [L] Win32:Evo-gen [Susp] (0)
File was successfully moved to chest...

08/04/2013 13:13:51 C:\System Volume Information\_restore{C93A7264-03D8-483A-8AF4-E1E03C0454AA}\RP190\A0038313.exe [L] Win32:Evo-gen [Susp] (0)
File was successfully moved to chest...

and Avast! did not even bother to alert me

It was my mail Virus Alert that informed me about it

The funny thing is that if I scan the file in the Chest or the folder with Scan from Windows Explorer, nothing is detected.

mchain · « **Reply #2 on:** April 09, 2013, 10:58:12 AM »

hi iroc9555,

http://systemexplorer.net/file-database/file/dmxlauncher-exe
http://systemexplorer.net/file-database/file/dmxlauncher-exe/96077

Above might help you out.

More file listing are available @ systemexplorer, might give you an idea or two. I think this to be a context issue: directory location, etc., more than anything else.

true indian · « **Reply #3 on:** April 09, 2013, 11:31:45 AM »

Quote from: iroc9555 on April 09, 2013, 01:49:09 AM

The funny thing is that if I scan the file in the Chest or the folder with Scan from Windows Explorer, nothing is detected.

Because evo-gen at current point is only a real time technology and is not bid to the on-demand scanner

iroc9555 · « **Reply #4 on:** April 10, 2013, 12:06:33 AM »

Quote from: mchain on April 09, 2013, 10:58:12 AM

hi iroc9555,

http://systemexplorer.net/file-database/file/dmxlauncher-exe
http://systemexplorer.net/file-database/file/dmxlauncher-exe/96077

Above might help you out.

More file listing are available @ systemexplorer, might give you an idea or two. I think this to be a context issue: directory location, etc., more than anything else.

Thanks mchain.

I am sure that my file is legit. I have DeLL Media Experience with Roxio\Cine player (Sonic Solution). Its MD5 and SHA256 checked out OK. I do not even know why they have it as a 100% threat in your first link. BTW Avast! has been detecting a lot of DeLL and HP programs lately.

http://www.winpatrol.com/db/pluscloud/dmxlauncher.html?dmxlauncher.exe&2&10&0&0&0&1&643&1051&1014

It has not been modified since 2006, well not until Avast! detected it anyways. It usually was detected by BS and I had it as a trusted process in Avast! v.6 and v.7. Avast! 8 did not detected it until last week, but it was FSS which did it and not BS.

Quote from: true indian on April 09, 2013, 11:31:45 AM

Because evo-gen at current point is only a real time technology and is not bid to the on-demand scanner

Thanks true indian.

***** There goes another restore point*****

Come on Avast!... 3 days and still waiting for a VPS or fix exclusion.

Author Topic: DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P (Read 3732 times)

iroc9555

DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P

iroc9555

Re: DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P

mchain

Re: DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P

true indian

Re: DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P

iroc9555

Re: DMXLauncher.exe by Dell detected as Win32:Evo-gen F/P