False Positive md5sum.exe from cygwin?

I ran a scan this morning using Avast Home 4.8, VPS version 080822-0. It identified C:\cygwin\bin\md5sum.exe as Win32:Trojan-gen{other}. I doubt that this file has somehow been replaced with a rogue version. Has anyone else seen this? Is there a formal method of submitting a report on false positives?

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

I uploaded the file to virustotal (http://www.virustotal.com/analisis/6034141ef887f57a5c8cd818b89e978c) and 4/36 flagged it as bad. I’m not sure that’s enough to convince me, especially since I know what the file is and expected it to be on my system.

does look fp-ish
could you upload to avast?

In fact, 3/36 as GData uses avast to scan.
Most probably a false positive. They usually correct this very soon. Thanks for reporting.

Certainly looks like an FP as GData uses two AV scanners, one being avast, so that reduces it by one, so follow the instructions on the how to report link in my previous post.

Welcome to the forums.

I emailed it in a password protected zip archive to virus@avast.com as suggested. Thanks for the input.

No problem, welcome to the forums.