Author Topic: New Trojen-gen detection  (Read 7558 times)

0 Members and 1 Guest are viewing this topic.

Pavel Baudis

  • Guest
New Trojen-gen detection
« on: November 28, 2003, 05:02:37 PM »
Hi all,

We have added another huge bunch of Trojan-gen detection into today's update. I would like to ask you to check for the possible false alarms and to send the such files to virus@avast.com e-mail address.

Thank you very much for your cooperation ;)

Pavel

Offline .: Mac :.

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5093
Re:New Trojen-gen detection
« Reply #1 on: November 28, 2003, 07:10:22 PM »
I found a trojan but I double checked with F-Secure no false positives  :)
« Last Edit: November 28, 2003, 07:10:53 PM by MacLover2000 »
"People who are really serious about software should make their own hardware." - Alan Kay

FransH

  • Guest
Re:New Trojen-gen detection
« Reply #2 on: November 28, 2003, 08:22:42 PM »
After the last update today Avast warns me for Win95:Matyas in C:\windows\system32\pav.sig and Win32:Kuang2 in C:\windows\system32\activescan\imscan.dll Both files are installed after I did an onlinescan with panda antivirus> So I think both warnings are false positive.
Also found another false positive: Win32: Trojan-gen {UPX} in H:\Software\Software\wrar320nl\Default.sfx. Neither Panda or Norton online scanning gives me infected files warning on this file.

Before the update there was no problem with any of this files, so I think you have to look carefull to this update.

Otherwise thanks for the great program.

Frans

Pavel Baudis

  • Guest
Re:New Trojen-gen detection
« Reply #3 on: November 29, 2003, 12:10:07 AM »
After the last update today Avast warns me for Win95:Matyas in C:\windows\system32\pav.sig and Win32:Kuang2 in C:\windows\system32\activescan\imscan.dll Both files are installed after I did an onlinescan with panda antivirus> So I think both warnings are false positive.

Well, this is pretty old and welll known false positive. It is Panda's fault - they do have parts of the viruses in the data files unencrypted, which causes many false alarms by other AV programs. It has been also discussed in the Virus Bulletin magazine some monhts ago...

Also found another false positive: Win32: Trojan-gen {UPX} in H:\Software\Software\wrar320nl\Default.sfx. Neither Panda or Norton online scanning gives me infected files warning on this file.

Well - this really sounds like a new FP. Can you please send it to the mail address mentioned above? Thanks in advance!

Pavel

FransH

  • Guest
Re:New Trojen-gen detection
« Reply #4 on: November 29, 2003, 11:49:33 AM »

Hi Pavel

I did send you the file this morning to the email adres. I'm curious if it's a false positive?

Thanks in advance,

Frans

satdoxter

  • Guest
Re:New Trojen-gen detection
« Reply #5 on: November 30, 2003, 07:02:43 PM »
Lot's of Winrar sfx files are recogniced as UPX! trojan i think it's a false positive and i allready submitted one of them

notmyown

  • Guest
Re:New Trojen-gen detection
« Reply #6 on: December 01, 2003, 03:46:13 AM »
Avast! is trying to tell me that a file in C:\System Volume Information\-_restore... is infected.
Of course, after "restore" there is a bunch of numbers and letters that look like a registry key, and I don't really feel like typing it out.
It's telling me Win32:Trogan-gen. {UPX!}

Thx.