Why is it that system scans tend to find virus’ that are not detected by the resident scanner before they are copied to the hard drive? This happens frequently. The latest was nexplayerx.dll. You would think the resident scanner would prevent this.
Well, maybe the virus signature was added after the virus was already in your PC :
Did you check the file with an online scanner such as Jotti, in case it is a false positive. If it is a false positve, did you submit the sample to avast! ?
What was the location and name of the file/virus?
What would help is the virus name, then you could check the VPS History and see if it has just been added recently (since your last on-demand scan), avast! VPS Updates History.
I believe it’s a false positive, I have the same DLL (nexplayerx.dll) and it is part of my Samsung mobile phone software pack (it’s used by the integrated audio/video player). After a recent AVS update Avast started complaining this file is infected by Win32.Prex-Ac[wrm] but i’m quite confident that this is a a wrong virus detection.
Is it possible for Avast Team to check this out?
To know if a file is a false positive, please submit it to JOTTI or VirusTotal and let us know the result. If it is indeed a false positive, send it in a password protected zip to virus@avast.com
Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
I checked it at JOTTI. Avast was the only AV that claimed it was a virus. I sent it to virus@avast.com.
In the meantime if you haven’t already done so restore the file (a copy remains in the chestwhen you do this) and add it to the exclusions lists (Standard Shield, Customize, Advanced and Program Settings, Exclusions) and periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Thanks for the tips!