Author Topic: Chaos Intellect  (Read 3574 times)

0 Members and 1 Guest are viewing this topic.

Offline PARoss

  • Newbie
  • *
  • Posts: 1
Chaos Intellect
« on: July 27, 2007, 07:28:15 PM »
I'm trying to download a program related to Chaos Intellect (http://www.chaossoftware.com/programs/chaos/utilities/AddressSwiper.exe). They tell me that it has been checked for viruses, but I'm getting a "Trojan Horse Was Fount!" message:

Win32:Killav-K [Trj]
C:\Program Files\Chaos Software\Address Swiper\~GLH0004.TMP

I'm told it is a false positive. How can I make sure?

Phil

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83348
  • No support PMs thanks
Re: Chaos Intellect
« Reply #1 on: July 27, 2007, 09:15:25 PM »
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 30 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can't do this with the file in the chest, you will need to move it out.

If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions) and Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.

If a false positive:
Send the sample to virus@avast.com zipped and password protected with password in email body and false positive/undetected malware in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro