Adobe Golive file - Win32:Warezov-BXI [Wrm] - since iAVS update on 24th May?

Hello there,

Since updating the iAVS database on the 24th May 2007 (which I do every day) Avast has reported this file below as a virus.

C:\Program Files\Adobe\Adobe Golive CS\GoImage.dll

virus - Win32:Warezov-BXI [Wrm]


vps version - 000743-3, 24/05/2007

I have tried a full system scan and no other files are infected, but evertime I install golive again after completely uninstalling Avast reports the same virus.

Is this a false alarm?

Hello Hdice,

Easy to tell if you upload the file in question to either virusscan.jotti.org/de or http://www.virustotal.com/en/indexf.html
If more than one of the scanners flag the uploaded file GoImage.dll as malware you have to reconsider, else it is certainly a FP.

polonus

Both of the scanners you mention above dont let me upload the file, saying - 0kb uploaded.

I tried sending the file via outlook express to the virustotal.com email scan instead but outlook said it couldnt find the file??

Doesn’t make any sense?

Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.

If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions) and Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.

Send the sample to virus@avast.com zipped and password protected with password in email body and false positive/undetected malware in the subject. Or you can also add the file to the User Files (File, Add) section of the avast chest where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest.

Also see False Positives, how to report it to avast! and what to do to exclude them until the problem is corrected.

If the file is not into Chest like David said, can you disable avast while sending it?

ah ha! avast was stopping the upload… thanks a lot guys for your help. Both scanners said that only Avast found it to be infected. Sounds like a false alarm …that goodness… :slight_smile: Ill check out the report false positives section and email it to help.

Cheers :slight_smile:

No problem, welcome to the forums.

As you know know the avast chest is a protected area so nothing can get in ‘or out.’