Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: mouniernetwork on June 17, 2006, 04:01:21 AM

Title: Incorrect Detection
Post by: mouniernetwork on June 17, 2006, 04:01:21 AM
Hello,

I would like to point out a false detection which is basicly a batch file compiled,the batch file only shutsdown processes, and the other one is with adding a registery key.
The compiler is Quick Batch Compiler.

Any questions please ask to get that false possitive out.

MounierNetwork
Title: Re: Incorrect Detection
Post by: ardvark on June 17, 2006, 05:54:56 AM
Hi mouniernetwork...

Unless someone else knows differently, I would just send a note explaining what you just have with your post and the file and send it to....

virus@avast.com

Best regards...
Title: Re: Incorrect Detection
Post by: mouniernetwork on June 17, 2006, 01:59:03 PM
I did and it still is detected  ???
Should I post the files on the forum ?

MounierNetwork
Title: Re: Incorrect Detection
Post by: DavidR on June 17, 2006, 04:02:00 PM
It will continue to be detected until such time as it is either corrected in the VPS or you add it to the exclusions lists.
If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced and Program Settings, Exclusions) and check scan it periodically using the ashQuick scan (right click scan), when it is no longer detected then remove it from the exclusions.
Also see (Mini Sticky) False Positives (http://forum.avast.com/index.php?board=2;action=display;threadid=7779)

It may be because of its actions shutting down stuff, it could also be used for malicious purposes. What did avast detect it as ?
Title: Re: Incorrect Detection
Post by: igor on June 17, 2006, 04:08:16 PM
Well, I'm afraid you're a little too fast; if the file is found to be a false alarm, it will be fixed in the next VPS update.
Is the compiler downloadable somewhere?
Title: Re: Incorrect Detection
Post by: mouniernetwork on June 17, 2006, 04:52:19 PM
Yes the compiler can be downloaded, yes I do agreee that those actions can be mal-used, but maybe the detection should detect it if it shutsdown a specific process.(Avast is vulnerable to this type of attack,it can be shutodwn)
The virus is W32.Trojan-gen {delphi}.

Thank You

MounierNetwork
Title: Re: Incorrect Detection
Post by: mouniernetwork on June 22, 2006, 09:42:24 PM
the false detction is still present  ??? ???

Please change it  >:(

MounierNetwork
Title: Re: Incorrect Detection
Post by: ardvark on June 23, 2006, 07:40:29 AM
Hi mouniernetwork...

Try sending another e-mail to Alwil and let them know the urgency concerning this.  ::)

Best regards...