I think since Monday avast! has decided that BDB_Pro.exe has a virus. I took my original CD with the zip file from 2 years ago to another machine and unzipped it. avast! on that machine flagged it too. So, either it’s had a trojan nobody picked up for years, or it’s a false positive. I submitted it to virustotal too and 5 of them flagged it. Seems too weird to me. So, is there a way to tell avast to ignore a file?
File BDB_Pro.exe received on 07.23.2008 18:18:54 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.7.24.0 2008.07.23 -
AntiVir 7.8.1.11 2008.07.23 -
Authentium 5.1.0.4 2008.07.23 -
Avast 4.8.1195.0 2008.07.23 Win32:Trojan-gen {Other}
AVG 8.0.0.130 2008.07.23 Generic9.AURO
BitDefender 7.2 2008.07.23 -
CAT-QuickHeal 9.50 2008.07.22 -
ClamAV 0.93.1 2008.07.23 -
DrWeb 4.44.0.09170 2008.07.23 -
eSafe 7.0.17.0 2008.07.23 -
eTrust-Vet 31.6.5976 2008.07.23 -
Ewido 4.0 2008.07.23 -
F-Prot 4.4.4.56 2008.07.22 -
F-Secure 7.60.13501.0 2008.07.23 Suspicious:W32/Guap!Gemini
Fortinet 3.14.0.0 2008.07.23 -
GData 2.0.7306.1023 2008.07.23 Win32:Trojan-gen
Ikarus T3.1.1.34.0 2008.07.23 -
Kaspersky 7.0.0.125 2008.07.23 -
McAfee 5345 2008.07.23 -
Microsoft 1.3704 2008.07.23 -
NOD32v2 3292 2008.07.23 probably unknown NewHeur_PE virus
Norman 5.80.02 2008.07.23 -
Panda 9.0.0.4 2008.07.23 -
PCTools 4.4.2.0 2008.07.23 -
Prevx1 V2 2008.07.23 -
Rising 20.54.22.00 2008.07.23 -
Sophos 4.31.0 2008.07.23 -
Sunbelt 3.1.1536.1 2008.07.18 -
Symantec 10 2008.07.23 -
TheHacker 6.2.96.387 2008.07.23 -
TrendMicro 8.700.0.1004 2008.07.23 -
VBA32 3.12.8.1 2008.07.23 -
VIRobot 2008.7.23.1307 2008.07.23 -
VirusBuster 4.5.11.0 2008.07.23 -
Webwasher-Gateway 6.6.2 2008.07.23 -
Additional information
File size: 4681728 bytes
MD5…: b7a7c6ab4b1cd26a682102d64daed3aa
SHA1…: 0ebdf3e43031d0e81bd7bbe073dc9bb25207d5aa
SHA256: b6c9c61dc38f68fb23cfe70bf04741a60aea9825a12521ff19680ed6516b06f0
SHA512: b1cc21a02a034c9d0aeb2fe349aff4feef85a5bb2f980a81d1d3b7e8f27de84b
d2ed82b395a9a6d8dfc1d0a99186f2f3ce0102486bc2ebfed61e5fcdf8f83dc3
PEiD…: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x40f7fc
timedatestamp…: 0x46976cd0 (Fri Jul 13 12:15:12 2007)
machinetype…: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x470f00 0x471000 5.96 e4edb10cd14fd17a2b489047189e3591
.data 0x472000 0x21d2c 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x494000 0x307c 0x4000 3.21 ad773ac29024db9b3e6b9353ed684d6b
( 1 imports )
> MSVBVM60.DLL: EVENT_SINK_GetIDsOfNames, -, __vbaVarTstGt, __vbaVarSub, -, __vbaStrI2, _CIcos, _adj_fptan, __vbaStrI4, __vbaVarMove, -, __vbaVarVargNofree, -, __vbaAryMove, __vbaFreeVar, __vbaGosubReturn, __vbaLineInputStr, __vbaLateIdCall, __vbaLenBstr, __vbaStrVarMove, -, __vbaPut3, __vbaFreeVarList, __vbaEnd, _adj_fdiv_m64, __vbaPut4, EVENT_SINK_Invoke, __vbaLineInputVar, __vbaFreeObjList, __vbaR8Sgn, -, -, _adj_fprem1, __vbaRecAnsiToUni, -, -, __vbaI2Abs, __vbaCopyBytes, __vbaStrCat, __vbaVarCmpNe, __vbaLsetFixstr, __vbaWriteFile, -, -, __vbaSetSystemError, __vbaRecDestruct, -, -, __vbaNameFile, __vbaHresultCheckObj, -, -, __vbaVargVarCopy, __vbaLenVar, _adj_fdiv_m32, -, __vbaAryVar, __vbaVarTstLe, Zombie_GetTypeInfo, __vbaVarXor, __vbaAryDestruct, __vbaVarCmpGe, -, __vbaLateMemSt, -, __vbaStrBool, __vbaVarPow, __vbaBoolStr, __vbaExitProc, __vbaVarForInit, -, -, -, -, -, __vbaOnError, __vbaObjSet, -, _adj_fdiv_m16i, -, __vbaObjSetAddref, _adj_fdivr_m16i, __vbaVarIndexLoad, -, __vbaFpR4, -, __vbaForEachCollVar, __vbaStrFixstr, __vbaBoolVar, -, -, -, __vbaFPFix, -, -, __vbaRefVarAry, __vbaVargVar, __vbaBoolVarNull, __vbaFpR8, __vbaVarTstLt, _CIsin, -, __vbaErase, -, __vbaVarZero, __vbaVargVarMove, -, __vbaVarCmpGt, __vbaChkstk, __vbaCyVar, __vbaGosubFree, -, __vbaFileClose, EVENT_SINK_AddRef, __vbaVarAbs, __vbaGenerateBoundsError, -, __vbaCyI2, __vbaStrCmp, -, __vbaAryConstruct2, __vbaVarTstEq, __vbaR4Str, __vbaNextEachCollVar, __vbaPrintObj, __vbaObjVar, __vbaI2I4, DllFunctionCall, -, __vbaVarLateMemSt, __vbaVarOr, __vbaCastObjVar, __vbaStrR4, __vbaLbound, __vbaRedimPreserve, _adj_fpatan, __vbaR4Var, __vbaLateIdCallLd, Zombie_GetTypeInfoCount, __vbaR8Cy, __vbaRedim, __vbaStrR8, __vbaRecUniToAnsi, EVENT_SINK_Release, __vbaNew, -, __vbaUI1I2, _CIsqrt, __vbaVarAnd, __vbaObjIs, EVENT_SINK_QueryInterface, __vbaStr2Vec, __vbaFpCmpCy, -, __vbaVarMul, __vbaExceptHandler, -, __vbaInputFile, __vbaStrToUnicode, __vbaPrintFile, _adj_fprem, _adj_fdivr_m64, -, __vbaGosub, -, __vbaI2Str, __vbaLateIdStAd, __vbaVarDiv, -, -, -, __vbaVarCmpLe, -, __vbaFPException, -, __vbaInStrVar, -, -, __vbaGetOwner3, __vbaStrVarVal, __vbaUbound, __vbaVarCat, -, __vbaDateVar, -, __vbaI2Var, -, __vbaStopExe, -, -, -, _CIlog, -, __vbaErrorOverflow, __vbaFileOpen, -, __vbaR8Str, __vbaInStr, __vbaVar2Vec, __vbaVarLateMemCallLdRf, __vbaNew2, __vbaCyMulI2, -, __vbaVarInt, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, -, __vbaI4Str, __vbaLateMemNamedCall, __vbaFreeStrList, __vbaVarCmpLt, __vbaVarNot, -, _adj_fdivr_m32, __vbaPowerR8, __vbaR8Var, _adj_fdiv_r, -, -, __vbaVarTstNe, __vbaI4Var, __vbaVarCmpEq, __vbaFpCy, -, __vbaLateMemCall, __vbaAryLock, __vbaVarAdd, -, __vbaStrComp, __vbaVarDup, __vbaStrToAnsi, -, -, -, __vbaVerifyVarObj, -, __vbaFpI2, __vbaVarMod, -, __vbaVarTstGe, __vbaFpI4, __vbaVarCopy, __vbaVarLateMemCallLd, __vbaUnkVar, __vbaRecDestructAnsi, -, __vbaR8IntI2, __vbaLateMemCallLd, _CIatan, -, __vbaCastObj, __vbaStrMove, __vbaAryCopy, __vbaMidStmtVar, -, -, __vbaR8IntI4, __vbaStrVarCopy, __vbaVarNeg, -, -, -, _allmul, __vbaVarLateMemCallSt, -, __vbaLateIdSt, __vbaAryRecCopy, __vbaLateMemCallSt, -, _CItan, -, __vbaAryUnlock, __vbaFPInt, __vbaVarForNext, _CIexp, __vbaMidStmtBstr, __vbaI4ErrVar, __vbaRecAssign, __vbaFreeObj, __vbaFreeStr, -
( 0 exports )