Help, avast says I have a virus.
C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe
Win32:Trojan-gen {Other}
080812-0, 08/12/2008
I read in PC Mag to try OpenDNS, so I did a few months ago. Now avast is saying I have a virus. Do I? If not, should I just scan this file and click ignore from now on? The latest version of spybot says I’m clean.
XP SP3, FF3, Comodo firewall, Hosts file, and a router using Tomato firmware.
Complete scanning result of “OpenDNS Updater.exe”, processed in VirusTotal at 08/13/2008 07:26:01 (CET).
[ file data ]
name…: OpenDNS Updater.exe
size…: 259584
md5…: 89ba1c23ff88c6b6985e03e5c01c5923
sha1…: 0aa29e8f018c9172795187059d8305b1a340c8cc
peid…: -
[ scan result ]
AhnLab-V3 2008.8.13.0/20080812 found nothing
AntiVir 7.8.1.19/20080812 found nothing
Authentium 5.1.0.4/20080812 found nothing
Avast 4.8.1195.0/20080812 found [Win32:Trojan-gen {Other}]
AVG 8.0.0.161/20080812 found [SHeur.BOKI]
BitDefender 7.2/20080813 found nothing
CAT-QuickHeal 9.50/20080812 found nothing
ClamAV 0.93.1/20080813 found nothing
DrWeb 4.44.0.09170/20080812 found nothing
eSafe 7.0.17.0/20080812 found nothing
eTrust-Vet 31.6.6029/20080813 found nothing
Ewido 4.0/20080812 found nothing
F-Prot 4.4.4.56/20080812 found nothing
F-Secure 7.60.13501.0/20080813 found [Suspicious:W32/DataSneak.b!Gemini]
Fortinet 3.14.0.0/20080813 found nothing
GData 2.0.7306.1023/20080813 found [Win32:Trojan-gen ]
Ikarus T3.1.1.34.0/20080813 found nothing
K7AntiVirus 7.10.412/20080812 found nothing
Kaspersky 7.0.0.125/20080813 found nothing
McAfee 5359/20080812 found nothing
Microsoft 1.3807/20080813 found nothing
NOD32v2 3350/20080812 found nothing
Norman 5.80.02/20080812 found nothing
Panda 9.0.0.4/20080812 found nothing
PCTools 4.4.2.0/20080812 found nothing
Prevx1 V2/20080813 found nothing
Rising 20.57.20.00/20080813 found nothing
Sophos 4.32.0/20080813 found nothing
Sunbelt 3.1.1542.1/20080813 found nothing
Symantec 10/20080813 found nothing
TheHacker 6.3.0.3.046/20080812 found nothing
TrendMicro 8.700.0.1004/20080813 found nothing
VBA32 3.12.8.3/20080811 found nothing
ViRobot 2008.8.12.1333/20080812 found nothing
VirusBuster 4.5.11.0/20080812 found nothing
Webwasher-Gateway 6.6.2/20080813 found [Virus.Win32.FileInfector.gen!94 (suspicious)]
I have the same.
Avast identified my installed program as a virus yesterday and also the download off the OpenDNS site.
I have reported to Avast TS but no respose yet.
I am sure it is a FP and have instructed Avast to ignore.
If you manually set-up your Network connection/s to use OpenDNS then there is no need to have any OpenDNS elements on your computer. My firewall keeps track of DNS traffic, albeit not as pretty ;D
This is definitely a FP, read this: http://forums.opendns.com/comments.php?DiscussionID=1372&page=1#Item_0
Their waiting is for the AV vendors to take this FP out, the updater is needed for use on Vista etc. for this OS can interfere with OpenDNS. Through new ways of detecting the number of FP’s is growing considerably lately, just the way it is, and we are waiting for new techniques to filter these apparent FPs out,