W32 Trojan

I just did a system scan and Avast! says that my SOF noCD.exe is infected with W32 Trojan-gen. Is this a false postive? I just switched to Avast!4 from NAV, it never detected this.

That is possible, send the file to support@asw.cz and they will tell you if it is a flase alarm, or not.

Raman
The file is on its way…Thanks

Hi !

I also got this message while scanning my hdd : it found W32 trojan into a file from winrar. Then i scanned the installer and it also found it. I do believe this is a wrong alert because i re-downloaded the file from rarsoft.com, re-run the scan and it still found the “virus”. I then scanned it with NAV (on another computer) and it found nothing …

Can i also send the file to the mail address ?

Yes, seems to be a false alarm. Unpack it with UPX and Avast would not allert anymore!:wink:
support@asw.cz is always a good place for these kind of things.

Hi,
we have just released the new VPS update. Please check if it still reports the Trojan and if yes, please send the file to our technical support - support@asw

thanks,
Pavel

I do not know, what you have done, but iAvast still reports the Trojan in the default.sfx of the Winrar 3.0 Package.

BTW: Did i say that i “hate” the “Trojan gen” identification? Why don´t you name the Backdoor/Trojan by a “real” name?

Well, for me the “false” warning has disapeared :slight_smile:

Thx a lot :slight_smile:

Oh and, btw : very good free little proggie 8)

Gen = generic. Lots of other manufacturers name such items in similar way, as it’s often too much hassle to name such rubbish. See for example Norton and its Bloodyhound 8)

Raman asked:

BTW: Did i say that i "hate" the "Trojan gen" identification? Why don´t you name the Backdoor/Trojan by a "real" name?
Just FYI: currently avast! detects more than 12000 different Windows malware programs as [b]Trojan gen[/b]. It uses very special general method to do this. We do not plan to attach the unique name to every piece of malware detected by this method...

I do not say that you should change it, just that i hate it. Like Norton or F-prot. I mean the nameing of Malware not nessecary the Product. :wink:

But you have to admit, that it was easier to help Users, if you(me)know what Malware was detected. Now you always have to say: Send it to the Support. And that is very time-consuming. You should not wonder if somebody who wants to help say that he should try an other Software or onlinescan to find out what kind of Malware it is.

It isn´t easy to find out if it is a false alarm or not.

Yes, but IMHO all AV programs use (more or less) generic malware detection. I admit that our Trojan-gen naming is quite close to the extreme :wink: but with any product it could be very difficult to give the really qualified advice to the user without the sample…

Yes, your Trojan-gen naming is extrem!:wink: I am glad, that you have to drop the trojan-generic(UPX!) Signature, if Avast supports UPX unpacking! :wink:

But with this Method of generic detection, you have to “life” with more False alarms

But with this Method of generic detection, you have to "life" with more False alarms
Well this is not true - even the generic method could be very resistent to false alarms. The main problem as I see it is that it is much more difficult to distinguish (without sample) if it is a false alarm or not...

Pavel