Possible FP

Viruses and worms
1

Hey guys, long time no see!

I’m working on rebuilding an R200 Dell Server for my home (yay!) and I was attempting to download a BIOS update for it.

I have Avast Free Edition installed, Virus Defs: 130129-3
Program Version: 7.0.1474

The BIOS update has been detected as a virus by the Web Shield, direct location is: hxxp://downloads-us.dell.com/FOLDER51112M/2/PER200_BIOS_WIN_1.4.3.EXE

The threat detected was: Win32:Evo-gen [Susp]

Anyone want to check it out for me? I’d download on another computer and upload to virustotal but I’m kinda short on computers tonight and don’t have anything I want to wreck while I migrate to a new server.

Thanks everyone!

2

Here ya’ go, Ryan. Avast had three updates so far today and I don’t know which VT has, but it’s not detected now. I’m still checking some things.

forgot the link :-[
https://www.virustotal.com/file/e2c2d148694a0db820e3b21bea7fd47d34a69c884e5a63c4b05fe267e5473da0/analysis/1359511205/

3

Much appreciated Simion!

Heck, it’s been so long I don’t even remember how to submit a FP. I thought they built it right into the Avast 6 interface but I don’t see it while glancing over Avast7.

I’ll have to google it and figure it out again.

I miss this place.

4

from the avast alert is easy!

5

Yeah, but I have my alerts set to a low number, missed it so I went into the interface and looked at it.

Thanks again though! I’m working on building 2 2008 servers and rebuilding a laptop for a friend and drinking a few cold ones on top of everything…

:slight_smile:

I’m sure they’ll get it sorted as a FP soon. Not too worried about the BIOS for now anyway, just rather get AD, DNS, DFS, DHCP and File shares up and running for now!

6

You’re welcome. You could right-click the avast icon, select show last popup message. :wink:

7

That’s what I did, but if you notice, that doesn’t give you the “report FP” option.

It just gives you the “more details” button which gives you a webpage about how avast saved your butt… :slight_smile:

8

the file was moved to chest, so you can report FP from chest…right click the file in chest and… :wink:

9

Thanks!

Don’t think it was moved to the chest, I’ll check it later. I think it just prevented access completely before I even got to download it (which I’m perfectly fine with).

10

I think this is a false alarm by DrWeb, posted a link to the file and re-analysis.

//***************************************************************//

Your request has been reviewed. This operation is false. Has been corrected.

Sincerely,
Virus Monitoring Service Ltd. “Doctor Web”

Original file name: PER200_BIOS_WIN_1.4.3.EXE
File size: 5684400
MD5: 8b9388b591b46ef0787321cfbf706609