Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: schbak on February 26, 2009, 10:37:40 AM

Title: False Positive
Post by: schbak on February 26, 2009, 10:37:40 AM

Your product false dected my file.
I want that remove your db.

Contact Information
E-mail address: schbak@estsoft.com
Company name: ESTsoft
Company Web site: http://www.estsoft.com/en/

Product Information
Software version: Alzip 6.7
URL to download software:
A. Alzip 6.7: http://www.altools.com/image/ALZipv6.7.exe
B. ALZip 7.0 beta1: http://www.altools.com/image/ALZip.exe

Software Detection
Name of detection given NOD32: probably a variant of Win32/Hupigon

Additional information:
A. Reproduce
1. ALZip 6.7: http://www.altools.com/image/ALZipv6.7.exe install
2. Use Context Menu
3. ALZip 7.0 beta1: http://www.altools.com/image/ALZip.exe install

B. We use “Inno Setup” (http://www.jrsoftware.org/)

Best regards,
Title: Re: False Positive
Post by: Mr.Agent on February 26, 2009, 12:53:03 PM
if you think its a false positive move them to chest and email these file to alwil for alwil scan these files
Title: Re: False Positive
Post by: Lisandro on February 26, 2009, 01:09:29 PM
Can you inform the file as being a false positive? (click on the bottom right of the virus warning message).

To know if a file is a false positive, please submit it to VirusTotal (http://www.virustotal.com/xhtml/index_en.html) and let us know the result. VirusTotal has a file size limit of 10Mb. You can use VirScan (http://www.virscan.org/) also.
If it is indeed a false positive, send it in a password protected zip to virus@avast.com. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.

Maybe you need to disable Hide protected operating system files (http://www.xtra.co.nz/help/0,,4155-1916458,00.html) and enable View hidden files and folders (http://www.bleepingcomputer.com/tutorials/tutorial62.html#winxp) to manage the file(s).

As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the 'a' blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button...
You can use wildcards like * and ?. But be careful, you should 'exclude' that many files that let your system in danger.
Title: Re: False Positive
Post by: Lisandro on February 26, 2009, 01:18:57 PM
Also, it's a sign of spam that your own email address is being used to send mail.