Author Topic: Boot virus detected on partial disk image, false positive? (Read 2009 times)

1234ava · « **on:** April 27, 2015, 03:13:23 PM »

Avast Free detected WXY-B boot virus on a Macrium Reflect image file of mine. I suspect a false positive though.
I gather WXY-B infects the mbr and the 1st partition boot sector, but there was no 1st partition in my image. It wasn't a full disk image: it had just the disk's mbr and two final partitions, including an unformatted partition. See screenshot below, the imaged partitions are on the far right hand side.

Besides, other Reflect images I created on the very same day, containing the same disk mbr but some other partitions on it, were NOT detected as infected with WXY-B.

Pondus · « **Reply #1 on:** April 27, 2015, 03:33:51 PM »

have you tested file at www.virustotal.com ? .... if tested before, click rescan for a fresh result
post link to scan result here

1234ava · « **Reply #2 on:** April 27, 2015, 04:20:29 PM »

It's a disk image file sized over 1 GB, so I cannot upload it to VirusTotal.

Pondus · « **Reply #3 on:** April 27, 2015, 04:29:38 PM »

report it here https://support.avast.com -> avast virus lab and you will get instructions how to send it to the lab so they can check it

1234ava · « **Reply #4 on:** April 27, 2015, 08:00:43 PM »

Done, thanks!

1234ava · « **Reply #5 on:** May 06, 2015, 06:49:47 PM »

Avast Virus team examined my disk image file and confirmed it is safe, no boot virus, just like I thought.

Author Topic: Boot virus detected on partial disk image, false positive? (Read 2009 times)

1234ava

Boot virus detected on partial disk image, false positive?

Pondus

Re: Boot virus detected on partial disk image, false positive?

1234ava

Re: Boot virus detected on partial disk image, false positive?

Pondus

Re: Boot virus detected on partial disk image, false positive?

1234ava

Re: Boot virus detected on partial disk image, false positive?

1234ava

Re: Boot virus detected on partial disk image, false positive?