« previous next »
Pages: [1]   Go Down

Author Topic: Is this a false positive?  (Read 1980 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
Is this a false positive?
« on: April 20, 2012, 08:25:20 PM »
Not deteced by avast: hxtp://zulu.zscaler.com/submission/show/88f372e7ad0bd8ccca27a54dc4bcd750-1334873194
VT results: hxtps://www.virustotal.com/file/811f95fda81fa0c8651ba74ac431db24e29850093a68d36b0aa7eb6c76483452/analysis/
htxp://free-download-game.com/downloads/warblade_v1_DEMO.exe redirects to htxp://www.free-download-game.com/downloads/warblade_v1_DEMO.exe
DrWeb's URL checker detects it as Trojan.DownLoader1.64455
Checking: htxp://www.free-download-game.com/downloads/warblade_v1_DEMO.exe
Engine version: 7.0.1.2210
Total virus-finding records: 2804536
File size: 6.57 MB
File MD5: 1fe297aa1683018721f99c1ce4e77466

htxp://www.free-download-game.com/downloads/warblade_v1_DEMO.exe infected with Trojan.DownLoader1.64455

Is this a false positive because of the packers being used?
 F-Prot packer identifier
 UPX, 7Z
PEiD packer identifier
 Armadillo v1.71

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »