Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: -ECS- on May 07, 2013, 09:29:47 PM

Title: false positives with lates virus definition
Post by: -ECS- on May 07, 2013, 09:29:47 PM: Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.
Title: Re: false positives with lates virus definition
Post by: jefferson sant on May 07, 2013, 09:32:25 PM: Quote from: -ECS- on May 07, 2013, 09:29:47 PM
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

You can send the file via email to avast lab
virus@avast.com zipper and password, please.
put "False positive" to email subject
Title: Re: false positives with lates virus definition
Post by: -ECS- on May 07, 2013, 09:35:59 PM: Quote from: jefferson santiag on May 07, 2013, 09:32:25 PM
Quote from: -ECS- on May 07, 2013, 09:29:47 PM
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

You can send the file via email to avast lab
virus@avast.com zipper and password, please.
put "False positive" to email subject

Already did.

How often does this happen?
It never happened to me, and I'm using Avast since v4.
Title: Re: false positives with lates virus definition
Post by: Jim Fisher on May 07, 2013, 09:38:17 PM: I have been struggling with this all damn day....I am running 2 different Versions of Avast in my domain...BOTH 4.8 and 7.0 have been generating HUNDRENDS of false positives all day.... I came in and thought my network was completly infected.
I have about 150 workstations and a good amount of servers all throwing errors!!!
I cannot figure out how to roll this VPS version back....
Title: Re: false positives with lates virus definition
Post by: jefferson sant on May 07, 2013, 09:40:54 PM: Quote from: -ECS- on May 07, 2013, 09:35:59 PM
Quote from: jefferson santiag on May 07, 2013, 09:32:25 PM
Quote from: -ECS- on May 07, 2013, 09:29:47 PM
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

You can send the file via email to avast lab
virus@avast.com zipper and password, please.
put "False positive" to email subject

Already did.

How often does this happen?
It never happened to me, and I'm using Avast since v4.

Quote from: Jim Fisher on May 07, 2013, 09:38:17 PM
I have been struggling with this all damn day....I am running 2 different Versions of Avast in my domain...BOTH 4.8 and 7.0 have been generating HUNDRENDS of false positives all day.... I came in and thought my network was completly infected.
I have about 150 workstations and a good amount of servers all throwing errors!!!
I cannot figure out how to roll this VPS version back....

reporting to analysts
Title: Re: false positives with lates virus definition
Post by: Milos on May 09, 2013, 09:10:10 AM: It should be fixed.

Milos
Title: Re: false positives with lates virus definition
Post by: -ECS- on May 09, 2013, 09:16:56 AM: Quote from: Milos on May 09, 2013, 09:10:10 AM
It should be fixed.

Milos

It is, and was fixed in under 24 hours (that's great response time in my book).

Thanks.
Title: Re: false positives with lates virus definition
Post by: Lisandro on May 09, 2013, 01:26:35 PM: Thanks Milos. As usual, false positive correction in a fast way, as usual, as usual...
Title: Re: false positives with lates virus definition
Post by: polonus on May 09, 2013, 01:53:37 PM: Hi Tech,

Milos is always keeping a finger at the avast! pulse here, so he earned that pat on the shoulder from us,

Damian
Title: Re: false positives with lates virus definition
Post by: lisailor on May 09, 2013, 02:03:34 PM: I am glad I you posted this....

Sites that I used to be able to get on are now being labeled as a malicious url.

I am going to send this to the lab! I hope they fix avast8 soon.