« previous next »
Pages: [1]   Go Down

Author Topic: Why is Winamp Agent triggering an Avast warning on startup?  (Read 4741 times)

0 Members and 1 Guest are viewing this topic.

Offline audiodrome

  • Jr. Member
  • **
  • Posts: 47
Why is Winamp Agent triggering an Avast warning on startup?
« on: April 28, 2011, 03:07:43 AM »
In the past month or so I've noticed that when my computer starts up and the taskbar items start to load, Winamp Agent (Winamp\winampa.exe) will trigger an Avast pop-up warning saying that it is a potentially dangerous file and that I should open it in the sandbox. What is this all about? Winamp Agent has been on my computer for years!

Here is the Avast Sandbox Log:

3/28/11 6:58:37 AM   Autosandbox candidate: C:\Program Files\Winamp\winampa.exe
   [Source: ]
   [Opened by: C:\WINDOWS\Explorer.EXE]
    --> Result: Sandboxing (based on user's decision).

4/21/11 2:55:48 PM   Autosandbox candidate: C:\WINDOWS\SoftwareDistribution\Download\Install\Silverlight.exe
   [Source: ]
   [Opened by: C:\WINDOWS\system32\wuauclt.exe]
    --> Result: Not sandboxing (because the file is trusted).

4/26/11 12:42:10 AM   Autosandbox candidate: C:\Program Files\Winamp\winampa.exe
   [Source: ]
   [Opened by: C:\WINDOWS\Explorer.EXE]
    --> Result: Sandboxing (based on user's decision).

4/26/11 2:15:51 AM   Autosandbox candidate: C:\Program Files\Winamp\winampa.exe
   [Source: ]
   [Opened by: C:\WINDOWS\Explorer.EXE]
    --> Result: Sandboxing (based on user's decision).

4/27/11 8:15:44 PM   Autosandbox candidate: C:\Program Files\Winamp\winampa.exe
   [Source: ]
   [Opened by: C:\WINDOWS\Explorer.EXE]
    --> Result: Sandboxing (based on user's decision).
Logged

Nesivos

  • Guest
Re: Why is Winamp Agent triggering an Avast warning on startup?
« Reply #1 on: April 28, 2011, 06:02:49 AM »
winampa.exe is known to be malware depending on what directory it is in. It is also known to be subject to remote loop-related exploits.

It appears that it is located in the correct directory on your system where you wouldn't normally find the malicious version of winampa.exe. 

In your case it could be a false positive (FP) with regard to auto-sandbox.

You could try uploading it here and see what the results are.

http://www.virustotal.com/index.html

You could also scan the file using Avast and Malwarebytes.
Logged

jafTwo

  • Guest
Re: Why is Winamp Agent triggering an Avast warning on startup?
« Reply #2 on: May 01, 2011, 01:14:30 AM »
For the past few days, when I reboot my winXP x64 computer, I get the same type of message.  They are: an Avast pop-up warning saying that it is a potentially dangerous file and that I should open it in the sandbox.  The program try to open a file is generally IntelliType Pro 8 or Find and Run Robot.  But why would Intellitype be trying to open Sam2.exe (the game, Serious Sam 2?)  I don't have it assigned to a key.

Also, if I choose "Run Normally" and check the "remember this setting", the same thing happens at the next reboot.

I've run a full deep scan and two malware/spyware apps. without any errors.  More of a nuisance than anything else, but quite puzzling.
Logged
Pages: [1]   Go Up
« previous next »