system
July 13, 2009, 9:40am
1
“Win32:YLYshell [Trj]” has been found in pcwizbus.exe" file. which is (Cupid PC Wizard2009.1.88.)
Have done a virus total scan see results
http://www.virustotal.com/analisis/8505622e8cd06c7a55eab0099b79162b38ee0e1306325b85ffefe3d3a1a11b79-1247477860
I will now send it to the virus chest and send to alwil. Not sure if it went or not as there is nothing to say if it went or not
system
July 13, 2009, 9:50am
2
Looks like a false alarm. I think G Data and Avast share same engine or similar
system
July 13, 2009, 10:00am
3
Thanks for reply, i think you are right and hopefully over the next day or so it will be rectified.
DavidR
July 13, 2009, 1:14pm
6
They don’t share an engine as such, GData has two scanning engines one of which is avast, I think the other is BitDefender.
system
July 13, 2009, 5:30pm
7
Hi!
I have this exact same question. Downloaded PC WIZARD today from http://www.cpuid.com/pcwizard.php but AVAST flagged it as “Win32:YLYShell” trojan horse.
Searched up here and found this thread.
Just want to make sure I understand for 100% - this is a false alarm right? And the Avast iAVS database will be updated soon to not flag it, yes?
Thanks muchly.
DavidR
July 13, 2009, 5:55pm
8
It has been confirmed as an FP, by one of the avast virus labs team.
So the next VPS Update should contain a correction to the signature.
system
July 13, 2009, 11:51pm
9
Excellent, thanks very much
DavidR
July 14, 2009, 1:00am
10
You’re welcome, I believe there has been a VPS update, ensure you have the latest one and rescan the file and see if it has been corrected.
system
July 14, 2009, 6:43am
11
Hi David and elzar
I have checked with the latest VPS update and is showing all okay now no alerts.