Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: alanrf on May 10, 2008, 07:16:01 AM
-
Back in 2004 avast incorrectly detected Default.SFX of WinRAR as infected.
In my scan tonight avast reported Default.SFX of WinRAR as infected. Win32: Trojan-gen (Other)) with VPS 080509-0.
My version of this file precedes the 2004 date and was not detected as an error in my last scan a week ago. I just extracted the file from last months backup and avast is now reporting that copy infected as well. Looks like the same false positive has come back.
In the online scanners only eSafe reports the file as "Suspicious". Everything else reports it clean.
Do you need the file?
-
What is your RAR version? I checked with the same VPS 080509 WinRar 3.71 - no problems, no FP.
-
I think I know what's the problem... I'll let some people know to do something about it.
-
Fixed with VPS 080511-0.
Thanks Igor.
-
Just started getting this today on my PC creating SFX Winrar files. I double checked with 2 other virus checkers and did not get a result from them. VPS is 0806-5-0.
-
What build of avast! (not VPS) do you have?
Can you please pack one of those files into a password-protected ZIP or RAR and send it to virus@avast.com?
Thanks!
-
Erm, considering all the FP issues with WinRAR, shouldn't you guys include these (and update/add them regulary) in the clean set so they're tested before VPS release? This is happening way too often now...
-
I had Two false positives yesterday for the first time ; Poker setup.exe and one for a c application i had linked ?! no idea what caused the second one it was only some opengl code ... may be the Dll link had a common signature ..... Maybe one day every signature will say everything is a virus there will be no filtering?! :-\
-
Erm, considering all the FP issues with WinRAR, shouldn't you guys include these (and update/add them regulary) in the clean set so they're tested before VPS release? This is happening way too often now...
Now? It hasn't happened for quite a long time already, except for the one for alanrf, which was actually caused by changes in UPX unpacker.
And yes, there's a huge amount of WinRARs on our clean set - all we could find. Of course, we'd be interested in any other...
DaveParsons: What WinRAR version exactly is that?
Also, what malware was reported there?
Chads: as I said previously - can you please pack the files into a password-protected ZIP or RAR and send them to virus@avast.com, with "False alarm" in subject and the password mentioned in the e-mail body?
Thanks.
(What malware was reported in your files?)
-
Hi
I'm not at my machine right now to give you details. Will be later today or tomorrow. Sorry for delay away on business.
Dave
-
Build of Avast is 4.8.1201.
Build of Winrar is 3.70
Detection is Win32:Trojan-gen {other}
I have sent a copy of a test executable to the email address.
-
I have sent a copy of a test executable to the email address.
Thanks for helping correcting this false detection.
-
Thank you for cooperate. False positive will be solved in few hours in next VPS update 080607-0