Author Topic: Avast reports MiME family virus/worm with Windows Live Messenger  (Read 2501 times)

0 Members and 1 Guest are viewing this topic.

Offline timread

  • Newbie
  • *
  • Posts: 2
Avast reports MiME family virus/worm with Windows Live Messenger
« on: November 08, 2006, 12:38:43 AM »
I've just got repeated Avast virus detections against the file 'members.stg\xx', which is nested in my Windows Live Contacts folder in my profile (where xx is a 2 or 3-digit number). The full path is C:\Documents and Settings\username\Local Settings\Application Data\Microsoft\Windows Live Contacts\*LiveMessengerUsername*\real\members.stg

Nothing I choose to do allows me to fix the virus detection, or dismiss it - i.e. Move/Rename, Delete, or Move to Chest. I'm just wondering if this is a false positive? I get the warning every time I sign out of Windows Live Messenger (having previously signed into Live Messenger). I have scanned the folder with Trend Micro's House Call and it does not detect a virus.

Is there anything I'm doing wrong, or can do here? I have Avast 4.7.892 Home, with the latest VPS file dated today.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Avast reports MiME family virus/worm with Windows Live Messenger
« Reply #1 on: November 08, 2006, 01:06:39 AM »
To know if a file is a false positive, please submit it to JOTTI or VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the 'a' blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button...
You can use wildcards like * and ?. But be carefull, you should 'exclude' that many files that let your system in danger.
The best things in life are free.

Offline timread

  • Newbie
  • *
  • Posts: 2
Re: Avast reports MiME family virus/worm with Windows Live Messenger
« Reply #2 on: November 09, 2006, 11:41:22 PM »
JOTTI says it's clean. VirusTotal says it's clean on all engines apart from Avast:

Avast   4.7.892.0   11.09.2006   MiME family.

Thanks for the tip on adding it as an exclusion. I've submitted the file to Avast as you suggested.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Avast reports MiME family virus/worm with Windows Live Messenger
« Reply #3 on: November 10, 2006, 01:31:03 AM »
I've submitted the file to Avast as you suggested.
Thanks  ;)
The best things in life are free.