Hello, curious about Avast telling me I have the Win32:Trojan-gen. {VC}. I just updated Avast today and it’s now findinf this ( C:\webcam2000\Uninstal.exe ) to be the Win32:Trojan-gen. {VC}. I’m sure this has to be a false detection because I have been using this program for years and the Uninstal.exe part of this program has never caused me a problem until Avast’s latest virus update. For now I’m telling avast to do nothing about it, but keeps telling me it’s a virus.
Any suggestions about this problem of mine. I have XP Pro SP2, which hasn’t been a problem either.
If I am right, in todays update there was added new Trojan gens detections.
You can upload the file to virusscan.jotti.org or www.virustotal.com and to see if only avast! detects the file as a virus, if only avast! detects it, that’s sure false positive.
If it’s false positive you can send the file in zip protected archive( the password is usually “virus”), to virus[at]avast[dot]com with some description in the mail body.
I’m sure that from alwil will fix the problem.
In the meantime you could add the file to the exclusions and check it periodically if it was an FP then as VPS are corrected it won’t be detected, you can then remove it form the exclusions.
Now this is weird the Uninstal.exe is only 48.4 kb it’s the original file from the Webcam2000 setup file. Weird thing is I can’t zip it or send it to Jotti, they say I have a firewall on which I don’t. I use a router and virustotal.com asks me to compress this file smaller. This is an odd one.
Oh how do I tell Avast to add the file to the exclusions, or maybe I should just delete this file. I can uninstall Webcam2000 manually because I just did and reinstalled this program to see what Avast would do with it. Again it dectects this Uninstal.exe as the Win32:Trojan-gen. {VC}
Thought I’d see if I could send the Webcam2000.exe setup file to Jotti. This worked. here’s their report.
File: webcam2000.exe
Status: MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren’t packed and don’t force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)
Just thought I’s send this for you to read. I seill think it’s a false one but like I said I know I can delete this file and uninstall Webcam2000, but I’s like Avst to to dectect it if possible.
You can add the file to the exclusions list >>>
right click on the blue “a” icon in the system tray > select On-Access-Scanner properties(or something like that, I’m not sure about the right spelling because i use the Bulgarian language pack) > select the Standart Shield provider > Settings > and there you will find the list(there you’ll have to add the file address into the list)
Hi again Xmas. I put the file into Avast’s chest and told Avast to email to for me. That seemed to work. As for Winzip the message just told me error with no info. This will be interesting if Avast finds or doesn’t find anything wrong with this Webcam2000 Uninstal exe file.
Two things, the avast chest is a protected area, so that is why you can’t directly submit the file to Jotti and may be the same if you are trying to zip the file that is in the chest and attach that to an email.
If it is in the chest you can submit it from the chest (as you appear to have done), select it and select Email to Alwil Software.
So to check only the uninstal.exe file using Jotti you would need to restore it from the chest (you are likely to get an alarm when you do this.