« previous next »
Pages: [1]   Go Down

Author Topic: False Positive  (Read 4269 times)

0 Members and 1 Guest are viewing this topic.

Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3742
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
False Positive
« on: January 27, 2008, 02:54:22 AM »
Hi all :)

I want to report a False Positive with the 080126-0, 26-01 virus definition update.

An update for the game MOH Airborne is detected as : Win32:Troj-gen {Other}.

The file is pretty big ( 1.29 GB ), but you can find it on the official website from the game :

http://www.ea.com/moh/airborne/news.jsp?ncc=1&id=39

Thank you for looking at it  :)

Greetz, Red.
Logged
OS: Win 10 / iOS 17 / Debian 12 / Tails 6
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89377
  • No support PMs thanks
Re: False Positive
« Reply #1 on: January 27, 2008, 03:17:14 PM »
What is the exact file name that is being detected, surely that isn't 1.29GB unless it is detecting the installation file as infected.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3742
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: False Positive
« Reply #2 on: January 27, 2008, 03:25:08 PM »
Sorry, maybe I was not clear :-\ It detects the installer as infected, NOT the installed patch :)

I Just found out that the installer of the Demo of the same game got the same message from Avast :-\

It is not that I have a problem with it, but I am sure the Dev Team would like to know why Avast flags those installers so they can prevent it in the future :)

Greetz, Red.



« Last Edit: January 27, 2008, 03:40:53 PM by Rednose »
Logged
OS: Win 10 / iOS 17 / Debian 12 / Tails 6
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89377
  • No support PMs thanks
Re: False Positive
« Reply #3 on: January 27, 2008, 06:47:35 PM »
You could send a false positive report without attaching a sample, basically a copy of your first post with a little more info, like the actual file name (installer, patch or otherwise) send it to virus @ avast.com (without the spaces).

If you are happy that you believe it is a false positive, you could exclude the file from scans until  it is corrected.

If it is indeed a false positive, add it to the exclusions lists:
Standard Shield, Customize, Advanced, Add and
Program Settings, Exclusions
Periodically check it (scan it, or visit the site) and see if it is still detected. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3742
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: False Positive
« Reply #4 on: January 27, 2008, 07:26:49 PM »
I will do as you suggested, and send them a false positive report with some additional info and download mirrors for both files :)

I have already excluded both files in my backup the way you described, but thanks anyway for your help ;)

Greetz, Red.
Logged
OS: Win 10 / iOS 17 / Debian 12 / Tails 6
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89377
  • No support PMs thanks
Re: False Positive
« Reply #5 on: January 27, 2008, 10:32:05 PM »
Your welcome.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3742
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: False Positive
« Reply #6 on: January 29, 2008, 12:30:07 AM »
It is fixed with the latest update :)

Greetz, Red.
Logged
OS: Win 10 / iOS 17 / Debian 12 / Tails 6
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89377
  • No support PMs thanks
Re: False Positive
« Reply #7 on: January 29, 2008, 03:51:27 PM »
Thanks for the update.

If you haven't already done so you can remove the exclusion.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.6.6121 (build 24.6.9241.848) UI 1.0.809/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »