03/05/2007 04:10:57 SYSTEM 1348 Sign of “Win32:Trojan-gen. {Other}” has been found in “C:\Documents and Settings\Richard\Local Settings\Application Data\Mozilla\Firefox\Profiles\uicw1oit.default\Cac he\CF52E4E1d01” file.
The problem is: Mcafee detects no such virus, NOD32 and Symantec Antivirus does not detect any virus.
Another AVAST user scanned it and DID detect a virus so, what is wrong?
Well DrWeb link scanner doesn’t find anything in that link, but 'you should edit the link so it isn’t live, e.g. http :// www . gamersgate.com/patches/Armageddon_10a.exe.
What surprises me is the additional .exe file that is downloaded to the Temp folder at about the same time followed by a detection in the firefox cache, if you are downloading a patch you just get that exe file (I would have thought.
You could also check the offending/suspect file/s at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 32 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.
If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions) and periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Also see (Mini Sticky) False Positives, how to report it to avast! and what to do to exclude them until the problem is corrected.
The problem with this method is that I dont want to risk downloading the file again, and those sites you listed require me to upload the file…
There is no option to simply give a URL and scan the file from the link.
As Frank said no detections, so it looks like a false positive possibly from the latest VPS update as VT probably doesn’t seem to have the latest VPS.
I have downloaded it to and avast no longer detects it (see image) so ensure that you have the latest version of the VPS (see about avast current version 000738-1) and you should now be able to download it.