WPA_Kill.exe false positive in Avast?

WPA_Kill.exe false positive in Avast?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Computer Software Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
WPA_Kill.exe false positive in Avast? Al Smith 07-03-2006
Posted by Al Smith on July 3, 2006, 7:02 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I've had the file "WPA_Kill.exe" (version 1.6.2) on my computer
for a couple of years. It never triggered an antivirus alert.
Recently, it tripped my Avast antivirus, which identified it as
the "Win32:Small-XC" trojan. I think this must be a false positive.

I submitted this file to the on-line scanner at Kaspersky Labs,
and it came up clean.

What do you think? Trojan? How likely is it that it would go
undetected for two years and dozens of antivirus and malware
scans, and now suddenly be identified by Avast as a trojan?

Posted by Kerodo on July 3, 2006, 7:05 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
says...
> I've had the file "WPA_Kill.exe" (version 1.6.2) on my computer
> for a couple of years. It never triggered an antivirus alert.
> Recently, it tripped my Avast antivirus, which identified it as
> the "Win32:Small-XC" trojan. I think this must be a false positive.
>
> I submitted this file to the on-line scanner at Kaspersky Labs,
> and it came up clean.
>
> What do you think? Trojan? How likely is it that it would go
> undetected for two years and dozens of antivirus and malware
> scans, and now suddenly be identified by Avast as a trojan?
>

I'd try a couple of reputable online scanners and then maybe submit the
file to the Avast people and tell them you think it's an FP... see what
they say.

--
Kerodo

Posted by Al Smith on July 3, 2006, 7:53 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
>>I've had the file "WPA_Kill.exe" (version 1.6.2) on my computer
>>> for a couple of years. It never triggered an antivirus alert.
>>> Recently, it tripped my Avast antivirus, which identified it as
>>> the "Win32:Small-XC" trojan. I think this must be a false positive.
>>>
>>> I submitted this file to the on-line scanner at Kaspersky Labs,
>>> and it came up clean.
>>>
>>> What do you think? Trojan? How likely is it that it would go
>>> undetected for two years and dozens of antivirus and malware
>>> scans, and now suddenly be identified by Avast as a trojan?
>>>
>
>
> I'd try a couple of reputable online scanners and then maybe submit the
> file to the Avast people and tell them you think it's an FP... see what
> they say.

Yes, I'm thinking I should probably send it in to Avast to get
their response.

Posted by David H. Lipman on July 3, 2006, 10:15 pm
If you were  Registered and logged in, you could reply and use other advanced thread options


|
| Yes, I'm thinking I should probably send it in to Avast to get
| their response.


Please submit a sample of "WPA_Kill.exe" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition,
unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN

When you get the report, please post back the exact results.

If it isn't recogized by the other vendors.

Use the following URL and submit the file to AVAST.

mailto:virus@avast.com?subject=False%20Positive


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by Al Smith on July 4, 2006, 1:39 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
> Yes, I'm thinking I should probably send it in to Avast to get
> | their response.
>
>
> Please submit a sample of "WPA_Kill.exe" to Virus Total --
> http://www.virustotal.com/flash/index_en.html
> The submission will then be tested against many different AV vendor's scanners.
> That will give you an idea what it is and who recognizes it. In addition,
unless told
> otherwise, Virus Total will provide the sample to all participating vendors.
>
> You can also submit a suspect, one at a time, via the following email URL...
> mailto:scan@virustotal.com?subject=SCAN
>
> When you get the report, please post back the exact results.
>
> If it isn't recogized by the other vendors.
>
> Use the following URL and submit the file to AVAST.
>
> mailto:virus@avast.com?subject=False%20Positive

Avast hasn't responded yet. I just sent the file off to the mail
address you provided for Virus Total.

Similar ThreadsPosted
False positive, false intrusion, false alarm April 22, 2006, 10:40 pm
There was no hack-in. False Alarm. August 10, 2005, 2:40 am
Spy Sweeper 4.5 - False Positives November 8, 2005, 8:10 am
avast! or AVG September 25, 2005, 11:59 am
Avast questions June 25, 2005, 3:11 pm
Avast no longer supporting win 98 November 18, 2006, 10:54 pm
Avast silent mode problem... September 25, 2007, 3:38 pm
Error 502: Concurrent Connections Limit in Avast! July 5, 2007, 12:14 pm

The site map in XML format XML site map

Contact Us | Privacy Policy