If I were you I would get rid of avast and get AVG instead.

AVG is good, but the free version needs backup from Spybot S&D and AdAware to be good enough.

if you want to advertise and talk about antiviruses, discuss it somewhere else.
for example here (http://abandonia.com/vbullet/showthread.php?t=15271&page=8)

if anybody has anything else to say, related to the talk about fake virus report in cannon fodder, go on.

otherwise i am locking this

edit: don't mind this post. it's a split from the old thread already

Only that to verify positives the best service is www.virustotal.com, it scans any file you upload with a bunch of antivirus programs (currently 32 I think).

Only that to verify positives the best service is www.virustotal.com, it scans any file you upload with a bunch of antivirus programs (currently 32 I think).

Yes, but some of these programs I have never heard of. Sometimes just one or two sites mark a file as "suspicious", but it looks like a false positive. Virustotal than gives you the percentage of virus identifications and more or less tells you to think for yourself whether you want to risk running the file or not... difficult sometimes :)

Then maybe the thread about online gambling (http://www.abandonia.com/vbullet/showthread.php?t=16300) is helpful. :D

I ditched AVG specifically to use Avast! because AVG was causing Half-Life 2: Episode 2 to crash with 'out of virtual memory' errors.

I checked Valve's help and support section, and apparently AVG assigns itself stupid amounts of virtual memory, even if you disable it.
One uninstall later, and Episode 2 hasn't crashed since.

ugh.... what does it mean if Sophos detects one file suspicious and one file as possible malicious software that intends to download trojans? I mean a few others also found it suspicious file and one even sort of named it: Trojan-Downloader.Win32.Small.BXA

but all major ones did no such thing. Panda sajs suspicious, Avira, AVG, AVAST, MCAFEE, F-PROT, NOD32v2 etc they are all negative. is this programme really a virus? or would it be OK to use it?

Might be a false positive, you can also try Trend Micro's Online scan housecall for one more check. I'd personally move the file for the time being till you can tell for sure if the file is really a trojan or if it could just be a false positive, no harm done for moving it.

Do a google search on that trojan too, to see what is being said about the file, it also should give you a better idea on what it is capable of doing, should the file in question actually be that particular trojan.

no problem there... it's on a CD anyway... only i planned to give the CD to someone and i don't want to give a bad thing.

The thing they found different programes describe it as different virus or malware.

the ones that actually do describe it as a possible virus talk about a program that will connect to other porgrammes in web and download malware/trojans... some say the risk is high. others say the risk is possible...

i just find it hard to believe only some programmes on that virustotal.com consider it to be a virus. while most major ones don't find it as a virus.

i did a search on sophos and info i got is that one might be false positive especially for keygen porgames. but the other one there is hardly anything appart form the info on sophos itself.

could it be some home made computer virus that best virus scans don't recognise as a virus?

Sounds like that program or file in question could also be considered spyware, with the terms that are used about downloading malware/trojans, sometimes trojans are grouped into the same category now a days, especially with the extent and damage spyware is causing nowadays.

Anyways did you do a google search on the file/program that was identified? Maybe look around the security forums that are out there and see if anything pops up about said file. If a lot of the major virus programs are saying nothing about the file, then it might just be a false positive. I know back in the day sophos was pretty notorious around the security forums for having a lot of false positives, not sure if thats changed, but might still apply in this case, especially if you are not getting a lot of info about the trojan on other security sites.

nope nothing virus like on the file.

like i said the only worry i have is that it's some home made virus thing that is not identified by virus scans. or is identified by some only through heuristics.

however it gave me back nothing. the pathc.exe seems to be only noCD crack while the other programe only points to copied .nfo text in forums and how to install it :-).

these are dictionaries, but they sell all of them in same package at a very high price. however i only need a few so i decided to go torrenting.

i will try some (anti)virus forums to see what they think. but i think this could well be false positive.

just to think i wouldn't even question it at my own computer with Avira, cause it simply wouldn't recognise it as a virus. :/ and japofran said they have a good recognision. plus i think that if oyu block the programe with firewall form accessing the firewall, how can it download anything malicious?:eek:

plus i think that if oyu block the programe with firewall form accessing the firewall, how can it download anything malicious?:eek:

True if what the virus tries to do is access the web, a firewall with outbound protection should thwart it. That is, provided the virus doesn't manage to leak through the firewall or kill it outright. :eek: And a firewall will only prevent it from accessing the web, not from formatting your hard drive and the like. :D

It's probably a false positive, but try to be sure.

this is what i get on virus total:

Antivirus Version Last update Result
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - Generic9.ALQH
BitDefender - - -
CAT-QuickHeal - - (Suspicious) - DNAScan
ClamAV - - -
DrWeb - - -
eSafe - - suspicious Trojan/Worm
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - Trojan-Downloader.Win32.Small.BXA
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - Suspicious file
Prevx1 - - -
Rising - - -
Sophos - - Mal/Dorf-A
Sunbelt - - VIPRE.Suspicious
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - Packed/FSG
Webwasher-Gateway - - Packer.FSG

as you can see most have -, while other give different names.

I really can't tell more than you can. Quite a bunch of scanners flag it, although at least the most reputable ones don't. Anyway with no less than nine different programs flagging it, it might be unwise to ignore that right away. If the positives are false they must be due to the fishy nature of the crack, even if it's harmful enough. The only thing that could shed further light would be finding someone who really knows his stuff about viruses, I don't think you can find more help here.

Yeah for most smaller viruses/worms each virus company tends to come up with a different name for its particular program.

I would also say it looks more like a false positive especially when you have Kaspersky and Nod32 saying nothing about it and they are two of the best right now, I bet it is the nocd crack that is being flagged by these programs, but again some nocd cracks can be infected and or with something nasty, depends where it came from, but if you have had no problems with said nocd crack then its probably fine.

heh, well i downloaded a completely different version of this programme. it's a much older version. and completelly different in size. however the noCD patch is from same person with his .NFO attached on how to use it.

the result is the same with sophos. this time programme came in ZIP form. when i scanned the archive everything was OK. as soon as i unpacked the two files that were giving me problem in other version - BANG! same info.

i found some forums with virus cleaning experts and will try to get some answers there.

Me using AVG too. I discovered with horror, that in our LAN are evil users present, so I decided to get some protection.