Suddenly I received an autoit script VBS:Malware-gen dialog from Avast.
I’m using Avast Free 5.0.594, virus definitions 100731-0, Windows Vista Home Basic w/sp1 x86/x32 (have not installed sp2, but all other updates are installed).
I send the suspected file to the virus chest. The file is uniextract.exe , downloaded some time ago from:
http://legroom.net/software/uniextract#download
and trying to redownload it from the “uniextract binary archive” option got me to another Avast dialog.
I have used this tool before - same original folder, same uniextract version. So I thought about the possibility of the file being infected by another virus in my system (which I don’t know about it, yet), or this being a new false positive introduced recently in avast’s virus definitions.
I would like Avast team to confirm if this is a FP.
I have the file in the virus chest, as I said before. Currently, I can’t redownload the suspected file (avast stops the download, of course), and until I can confirm if this is a FP or if I really have some other malware in my system, I’d rather choose not to extract or restore the suspected file.
Since this situation prevents me from doing anything with the file, I would like to suggest adding the possibility to calculate hash numbers from within the chest, so I (Avast users) could send the hash to virustotal. This could potentially give some indication of the suspected file being a FP or not, without having to take a risk by extracting the file from the virus chest.
Please advice me about the specific file (whether is a FP or not), since I searched the forum and found old topics about autoit scripts and uniextract, but no recent topic.
In any case, I hope my suggestion is relevant. Thank you in advance.