False Positive?

Hi.

Avast finds a Win32:Bancos-PH [Trj] in Microsoft’s MetaEdit tool.

http://download.microsoft.com/download/iis50/Utility/5.0/NT45/EN-US/MtaEdt22.exe

Thanks…

If you are getting a virus warning that you believe is a false positive, then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces).

Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a new, undetected virus or false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. You can’t do this with the file in the chest, you will need to move it out.
Or VirusTotal - Multi engine on-line virus scanner

If it is indeed a false positive, add it to the exclusions lists and check scan it periodically using the ashQuick scan (right click scan), when it is no longer detected then remove it from the exclusions.

Dr. Web extension shows this file as being clean 8)
Seems a false positive. Anyway, Jotti would say it :slight_smile:

Certainly seems like it is a false positive.

It should be a false positive as it happened after today’s VPS update, it’s a Microsoft utility (if that means anything ;D), I have a very clean system, and the file has been around for a long time. :slight_smile:

At any rate, I sent you an e-mail with everything requested.

Thanks…