Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Nesivos on May 24, 2011, 01:19:53 AM

Title: Avast FP on RadioSure.exe
Post by: Nesivos on May 24, 2011, 01:19:53 AM

I probably should have posted this under "Virus and Worms".  Sorry about that.


Avast wanted me run the install package for RadioSure sandboxed.   Avast also wants me to run the program radiosure.exe sandboxed.  So I am.

However, I did some checking around and it appears that back in January Kaspersky was reporting it as a FP.

http://www.radiosure.com/forum/viewtopic.php?f=5&t=302 (http://www.radiosure.com/forum/viewtopic.php?f=5&t=302)

I just uploaded radiosure.exe to Jotti's.  Here is the scan result.  1 out of 19 report malware

http://virusscan.jotti.org/en/scanresult/6956c130a70466e895500221c90e06acd7a61ff2/f24227ba2fbd60ef658bc611adde263aa1f26d11 (http://virusscan.jotti.org/en/scanresult/6956c130a70466e895500221c90e06acd7a61ff2/f24227ba2fbd60ef658bc611adde263aa1f26d11)

I also recently uploaded the file to VirusTotal.  Here is that scan result.  2 out of 43 report Malware including Sophos which reported Malware on both scans.   Kaspersky however is no longer reporting the file as Malware. In fact on the VirusTotal website Avast is reporting the file as clean.

http://www.virustotal.com/file-scan/report.html?id=a6fc8df556461c22642588db705ad7cd6236c81d815c2aaeecbe858031781c07-1306004340 (http://www.virustotal.com/file-scan/report.html?id=a6fc8df556461c22642588db705ad7cd6236c81d815c2aaeecbe858031781c07-1306004340)

Title: Re: Avast FP on RadioSure.exe
Post by: disPlay on May 24, 2011, 01:27:50 AM

I Still don't see a problem, Sandbox will enter in action when avast thinks that the behaviour of the file can be suspicious, it is not saying that the binary itself is malware.

Title: Re: Avast FP on RadioSure.exe
Post by: Nesivos on May 24, 2011, 03:17:21 AM

Quote from: disPlay on May 24, 2011, 01:27:50 AM

I Still don't see a problem, Sandbox will enter in action when avast thinks that the behaviour of the file can be suspicious, it is not saying that the binary itself is malware.

Its not a problem for me because I am running it Virtualized.

However, the point is that if the file is clean then Avast is giving a false positive.  Some people would unnecessarily remove this program.