Author Topic: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)  (Read 6429 times)

0 Members and 1 Guest are viewing this topic.

cadremis

  • Guest
Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« on: January 28, 2010, 05:29:36 PM »
Inifox 1.2 is a legitime program developed to make fire fox faster by the people of infospyware, they help a lot of people to get rid of malware and they recomend Avast Free antivirus.

http://www.infospyware.com/herramientas/inifox/

I guess this is a False Positive.

I'm sending the file thru Avast to Alwill team so they can verify it.

rm

cadremis

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #1 on: January 28, 2010, 05:33:18 PM »
I forgot to add this.

cazoza

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #2 on: January 28, 2010, 06:37:27 PM »
Hi friend! Well, i have submited the sample to avast, lets see if they fix the FP. Take care!

cadremis

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #3 on: January 28, 2010, 07:31:55 PM »
Cazoza,
I did too form the virus chest... hope they will fix it soon since it really since a FP to me

edmuser

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #4 on: January 28, 2010, 11:36:54 PM »
Since "we make Firefox faster" is an obvious nonsense-line meant to lure in foolish users, I'd tend to believe that it's an accurate positive.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #5 on: January 29, 2010, 12:51:11 AM »
Cazoza,
I did too form the virus chest... hope they will fix it soon since it really since a FP to me

Why not conform the detection or otherwise using virustotal whilst waiting:
Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

- Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect\* That will stop the File System Shield scanning any file you put in that folder. Now enter the chest again and Extract the file to the Suspect folder and upload it to VT.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

ibell63

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #6 on: January 29, 2010, 01:54:48 AM »
Seeing as the OP is not around I sent the file (entire zip file) into VirusTotal.

Of note, avast 5.0.377 also detects this as Win32:Malware-gen, so I had to disable the shields for a minute to download it, but was very sure to not run it (or even decompress it)

Here are the results:

https://www.virustotal.com/analisis/a281596d99fed5ec2d33947e1cdeb4f20a4009128581ad9a50720c950a87a716-1264726350
« Last Edit: January 29, 2010, 02:04:52 AM by ibell63 »

Offline calcu007

  • Avast Evangelist
  • Poster
  • ***
  • Posts: 482
  • I'm lamma!
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #7 on: January 29, 2010, 02:08:20 AM »
It appears to be suspicious file, detected by other Antivirus too
Asus Intel i7 8GB RAM , Win 8.1 64 bit, Avast IS

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #8 on: January 29, 2010, 02:46:39 AM »
Well the detections are either generic (.gen or -gen), or Heuristic (Sus, Suspect or Heur.), So it was correct to send it to avast for further analysis.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

cadremis

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #9 on: January 29, 2010, 03:24:34 AM »
People who made this little program to make firefox run faster said in that page that other antivirus programs started to detect it as malware and that they were letting the antivirus makers know that this is a legitim program.

As far as I know when I was running Avast 4.8 never bother me saying it was malware till now my sister had Avira before I installed Avast 5 and never poped up saying it was malware and that little program really made firefox start faster.

I saw the virustotal results I still refuse to think it is true, hope Avast team get back to us saying if it is really malware or not.

Tks.rm

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #10 on: January 29, 2010, 04:27:45 AM »
The virustotal results should be used as a guide, as I have mentioned in the past, Generic or Heuristic detections are more prone to misdetection.

So we/you we will have to await the results of the avast analysis - Periodically scan the file from inside Chest, after VPS updates, when it is no longer detected you can restore the file/ to their original location/s.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Jack 1000

  • Guest
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #11 on: January 29, 2010, 06:41:01 AM »
Is the procedure the same for sending suspicious files for testing the same in version 5 as for version 4?  Can you use the E-Mail Subject Line: Suspected File Test or False Positive Test and submit it as a zip file to:

virus@avast.com

Jack

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Avast 5.0.394 is detectig Inifox 1.2 as Win32:Malware-gen (FP)
« Reply #12 on: January 29, 2010, 03:46:17 PM »
As I said in another topic, the email process is a pain in the rear as you have to zip and password protect the file to prevent possible intercept on route to avast. The subject is crucial as they are filtered so if you just ad-lib it then it may not be filtered and lose priority (false positive or undetected malware being the two general terms in the subject).

Emails is a bit prehistoric especially so when there is an integrated means of uploading the suspect/fp files from the chest and the form completion avoids any ambiguity.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security