I have used Brainwave Generator 3.1 for years and this week avast says it is a Trojan. I uninstalled it and downloaded it again from download.com and the freshly installed one still gets blocked by avast. The log says: Sign of “Win32:Trojan-gen {Other}” has been found in “C:\Bwgen\Bwgen.exe” file.
Even Firefox 3.0.1 does a virus scan after download and did not detect it in the install file.
How can I be certain that this is a false positive?
Are you sure that firefox 3.0.1 does a scan, as from my understanding it tries to use the installed AV to do the scan and for me and many others it doesn’t work with avast and a number of other AVs.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
I scanned bwgen.exe at virustotal.com and only three (including avast!) of the 35 virus scanners reported it as malware or having a Trojan gen. So is it bad or not?
cfb
You are right about Firefox using the installed AV to scan downloads. http://www.mozilla.com/en-US/firefox/features/ states: “Firefox 3 integrates elegantly with your antivirus software. When you download a file, your computer’s antivirus program automatically checks it to protect you against viruses and other malware, which could otherwise attack your computer. [available in Windows only]”
The install file does not report the problem. It is only after it is installed, the executable has the suspect code in it.
cfb
Certainly looks like an FP, Alwil are usually very quick in correcting it once confirmed.
I think that the “Firefox 3 integrates elegantly with your antivirus software” is somewhat exaggeration/wishful thinking on their part as there a number of AVs it doesn’t integrate elegantly (or otherwise) even in windows versions.