I use Cathy to keep a database of my discs , now can’t use the program.
what can I do?
for info go here
http://www.nonags.com/software.asp?id=546
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently over 30 different scanners. You can’t do this with the file in the chest, you will need to move it out.
- Upload to VirusTotal - Multi engine on-line virus scanner and report the findings of these files here. If any are detected by multiple scanners send example to avast, see below.
If it is indeed a false positive, add it to the exclusions lists: Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and false positive/undetected malware in the subject.
Or you can also email from the chest to Alwil Software. No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.
4 out of 32 say its virus
now what?
http://img232.imageshack.us/img232/7312/virusscan432ty4.jpg
By whoman at 2008-01-23
did a full scan and found another virus elsewhere, cleaned it then
downloaded the latest cathy.exe file and viola , no virus in it so far and works good.
maybe it was just a forced update by the author.?
thanks for the ideas, DavidR !!! and your help
No problem, glad I could help. Welcome to the forums.
I would say the jury is out on the original detection, the trojan-gen detection by avast could be using a generic signature to detect more than a single piece of malware and this may be a false positive.
One of the other detections is ‘suspicious file,’ which could indicate a heuristic detection that could also be subject to false detection.
You should send a sample to avast as a possible false positive (though as you say the latest one isn’t an issue) for analysis as you have had it for a while when it wasn’t detected, so a VPS update now detects it. This is a reasonable indication it may be an FP as so few detect it on virus total.