When I try to download any game from iWin.com Avast pops up a big warning and prevents the download - but Symantec and McAfee allow it on my other machines.
Thanks for reporting the false positive.
Can you send a sample to virus (at) avast (dot) com for analysis?
Generally they correct the false positives very soon.
I did send a ticket in to Avast through the website on Friday and the ticket was closed with no comment visible to me. I re-opened the ticket and sent in the same message that I shared on this forum.
I’m not sure if it was a file or url that was the issue as the error message did not give a file name like I expected. The file name may be: iWinGamesHookIE.dll
Which is commonly seen as generic adware but not flagged as malicious.
I ran that file through the VirusTotal site and it passed on some software and failed with others.
The Avast version that site has is very old. It showed:
Avast 4.8.1195.0 2008.08.18 Win32:AdMedia-J
I will send the file in the ticket I have open with Avast.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
The actual version of avast isn’t critical (in this case) the critical part is the date under Version as this is the virus signature date and that is today’s date.
It isn’t the BHO it is detecting, it is the file you are uploading not a BHO (registry string) to VT, I uploaded the iWinGamesHookIE.dll file. VT hasn’t got a clue how the file might be called.
Thanks for the tip on how to send this in to Avast support!
I received this note from Avast today:
Hello David,
Please accept our apologies for our false alarm message. Our virus specialists have been working on the problem and our virus definitions have now been updated.
Please therefore update your virus database, which should prevent any recurrence of this problem.
You are honoured to receive a direct reply, two down (as GData uses two scanners one of them being avast) only 23 other detections of the original 25 from VT to correct ;D
I have to say I have never seen a detections with so many VT hits being confirmed as a false positive.
While avast has fixed this as a FP, you should be aware that sites such as iWin are ad supported and as such, you likely to “aquire” some kind of ad generator.