Does this file contains a virus.....

Hi :slight_smile:

Does this file contains a virus or is it a FalsePositive?

Virustotal: http://www.virustotal.com/sl/analisis/8ae9c192036448c7a0ff5e6cb0f011d36bf2b813b9f096bc413832747e31b017-1271002025

CamasComodo: http://camas.comodo.com/cgi-bin/submit?file=8ae9c192036448c7a0ff5e6cb0f011d36bf2b813b9f096bc413832747e31b017

You can download this file from this page. flash.zip - 2.2 Mb

Thx for your help and have a nice day. :slight_smile:

It certainly looks highly suspect and you should (add it to the chest) send the sample to avast as undetected malware.

Analysis Report for flash.exe
http://anubis.iseclab.org/?action=result&task_id=17198d5acb9fa3f6435a84afdd9686846&format=html

http://anubis.iseclab.org/?action=result&task_id=17198d5acb9fa3f6435a84afdd9686846&call=first

Iโ€™ve already sent this file via mail(2day ago) and virus chest(1day ago) but Avast didn,t fix/repair detection. Iโ€™m not expert but I am sure that this file contains a virus.

It is a very nasty password stealer. It will grab your saved passwords from Firefox if you save them when offered. signons.sqlite is not very secure, and a good reason not to allow firefox to save your passwords for you.

Avast still not corrected the detection for this file (flash.exe). :frowning:

Can be reason for this because-I use a free version of Avast?
-This file is too large for analysis ?

Virustotal(update): http://www.virustotal.com/sl/analisis/8ae9c192036448c7a0ff5e6cb0f011d36bf2b813b9f096bc413832747e31b017-1271333369

Have a nice day. :slight_smile:

No. avast free should detect as the Pro and there is no file size limit.
Itโ€™s a lack of detection. Shame and pity about itโ€ฆ Hope they correct it soon.

Avast is corrected detection for this file.(flash.exe) http://www.virustotal.com/sl/analisis/8ae9c192036448c7a0ff5e6cb0f011d36bf2b813b9f096bc413832747e31b017-1272576687

Thx :slight_smile: