Banker-ABA - False Positve ???

Since this morning Avast finds a Trj on my system

Scanned the complete system with different scanner and used
some “online-scanner”:;

Scan results
File: ccnt5Setup.exe
Date: 12/20/2005 14:25:51 (CET)

AntiVir 6.33.0.61/20051220 found nothing
Avast 4.6.695.0/20051220 found [Win32:Banker-ABA]
AVG 718/20051220 found nothing
Avira 6.33.0.61/20051220 found nothing
BitDefender 7.2/20051220 found nothing
CAT-QuickHeal 8.00/20051219 found nothing
ClamAV devel-20051108/20051219 found nothing
DrWeb 4.33/20051220 found nothing
eTrust-Iris 7.1.194.0/20051219 found nothing
eTrust-Vet 12.3.3.0/20051220 found nothing
Fortinet 2.54.0.0/20051220 found nothing
F-Prot 3.16c/20051219 found nothing
Ikarus 0.2.59.0/20051220 found nothing
Kaspersky 4.0.2.24/20051220 found nothing
McAfee 4653/20051219 found nothing
NOD32v2 1.1330/20051220 found [archive damaged]
Norman 5.70.10/20051220 found nothing
Panda 8.02.00/20051219 found nothing
Sophos 4.01.0/20051220 found nothing
Symantec 8.0/20051220 found nothing
TheHacker 5.9.1.059/20051219 found nothing
VBA32 3.10.5/20051220 found nothing

  • how can I u/l the file for check ? anything else I can do ?

If you are getting a virus warning that you believe it is a false positive, then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces).

Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a new, undetected virus or false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. You can’t do this with the file in the chest, you will need to move it out.
Or VirusTotal - Multi engine on-line virus scanner

If it is indeed a false positive, add it to the exclusions lists and check scan it periodically using the ashQuick scan (right click scan), when it is no longer detected then remove it from the exclusions.