Author Topic: false positives with lates virus definition  (Read 6365 times)

0 Members and 1 Guest are viewing this topic.

-ECS-

  • Guest
false positives with lates virus definition
« on: May 07, 2013, 09:29:47 PM »
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: false positives with lates virus definition
« Reply #1 on: May 07, 2013, 09:32:25 PM »
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

You can send the file via email to avast lab
virus@avast.com zipper and password, please.
put "False positive" to email subject

-ECS-

  • Guest
Re: false positives with lates virus definition
« Reply #2 on: May 07, 2013, 09:35:59 PM »
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

You can send the file via email to avast lab
virus@avast.com zipper and password, please.
put "False positive" to email subject

Already did.

How often does this happen?
It never happened to me, and I'm using Avast since v4.

Jim Fisher

  • Guest
Re: false positives with lates virus definition
« Reply #3 on: May 07, 2013, 09:38:17 PM »
I have been struggling with this all damn day....I am running 2 different Versions of Avast in my domain...BOTH 4.8 and 7.0 have been generating HUNDRENDS of false positives all day.... I came in and thought my network was completly infected.
I have about 150 workstations and a good amount of servers all throwing errors!!!
I cannot figure out how to roll this VPS version back....

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6677
  • volunteer
Re: false positives with lates virus definition
« Reply #4 on: May 07, 2013, 09:40:54 PM »
Avast 8 went crazy today after update to 130507-0, and is starting to label legitimate exe files (from WinZip and ACDSee at least, to afraid to start other programs so I would not lose control of my computer) as MSIL:Crypt-NB[Trj] .

Also a memory scan labels the process from an exe file from a software that I have created myself as Win32:Banker-KDL[Trj]

When will we have the feature to roll back to a previous virus definition ?

An antivirus that hijacks your programs because he thinks they're trojans/viruses is about the worst advertising a security software can get.

You can send the file via email to avast lab
virus@avast.com zipper and password, please.
put "False positive" to email subject

Already did.

How often does this happen?
It never happened to me, and I'm using Avast since v4.

I have been struggling with this all damn day....I am running 2 different Versions of Avast in my domain...BOTH 4.8 and 7.0 have been generating HUNDRENDS of false positives all day.... I came in and thought my network was completly infected.
I have about 150 workstations and a good amount of servers all throwing errors!!!
I cannot figure out how to roll this VPS version back....

reporting to analysts

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: false positives with lates virus definition
« Reply #5 on: May 09, 2013, 09:10:10 AM »
It should be fixed.

Milos

-ECS-

  • Guest
Re: false positives with lates virus definition
« Reply #6 on: May 09, 2013, 09:16:56 AM »
It should be fixed.

Milos

It is, and was fixed in under 24 hours (that's great response time in my book).

Thanks.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: false positives with lates virus definition
« Reply #7 on: May 09, 2013, 01:26:35 PM »
Thanks Milos. As usual, false positive correction in a fast way, as usual, as usual...
The best things in life are free.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: false positives with lates virus definition
« Reply #8 on: May 09, 2013, 01:53:37 PM »
Hi Tech,

Milos is always keeping a finger at the avast! pulse here, so he earned that pat on the shoulder from us,

Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

lisailor

  • Guest
Re: false positives with lates virus definition
« Reply #9 on: May 09, 2013, 02:03:34 PM »
I am glad I you posted this....

Sites that I used to be able to get on are now being labeled as a malicious url.

I am going to send this to the lab!  I hope they fix avast8 soon.