Author Topic: Excessive false positives  (Read 8678 times)

0 Members and 1 Guest are viewing this topic.

Offline Aventador

  • Poster
  • *
  • Posts: 622
Re: Excessive false positives
« Reply #15 on: May 27, 2013, 06:19:08 PM »
All my software is currently up to date. My shields are set to high in Avast. Still ZERO false positives.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6800
  • volunteer
Re: Excessive false positives
« Reply #16 on: May 27, 2013, 11:38:32 PM »
I have also been using free Avast for many years, always been  the perfect answer for me! I've used it on w9x, wXP, and w7, absolutely no problems!

Then recently it's beginning to become a complete pain in the ass! Popping false positives on anything and everything. Even the simplest of known good programs!

That's pretty much my experience too. Great for years, now all of a sudden (early this year) getting a number of false positives. The most recent one I had prior to this current batch was in 2011 when Avast pegged kernel32.dll in syswow64 as a virus! That one caused all sorts of problems I am sure people will remember.

avast! [WHAR-XPS420]: File "c:\windows\syswow64\kernel32.dll|>[Emul]" is infected by "Win32:Cycbot-KI [Trj]" virus.
"Full system scan" task used
Version of current VPS file is 110924-1, 09/25/2011


Then after that not a single virus alert until April this year for me, and now almost 20 since then.

check update 130527-1 fixes the problem

Offline wheelie2xw

  • Newbie
  • *
  • Posts: 3
Re: Excessive false positives
« Reply #17 on: August 21, 2013, 01:54:15 AM »
New victim using avast professional (paid). Had set or not set (default) shields or behavior to delete suspicious files. Had 2 .exe files that were deleted on full scheduled weekend scans. One was qbw32.exe (Quickbooks). The other exe was a shop software which ran the whole shop. Massive problems for me as I maintain their systems. Avast reported win32:tenga was the virus. ran several removal tools and then replaced the files from a clean system or setup cd. Bingo all good on scan and hitman pro and scheduled weekend scan dumped them again. Okay that's enough. Switched to Microsoft Security essentials and scanned affected areas. All came back clean. Honestly don't know what to think other than some update to avast that got me. Reasoning based on fact that all was good for 6 months with same setup. Last 2 months problem occurred.  We will see what happens from this point on with security essentials.
 

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37109

Offline GTX66

  • AIS User Today
  • Poster
  • *
  • Posts: 460
  • AIS User Till Today
Re: Excessive false positives
« Reply #19 on: August 21, 2013, 02:23:43 AM »
Guys,send the false positive files to virus@avast.com via e-mail with subject false positive.

I do that and continue to get the same false positive later.

Offline wheelie2xw

  • Newbie
  • *
  • Posts: 3
Re: Excessive false positives
« Reply #20 on: August 21, 2013, 07:30:48 AM »
Posted reply #17. Looks like I was wrong. This thing is a network aware virus that worms into other systems through open shares. I need to disinfect all network systems. It was on our server which I now have clean. But it appears it will come back to the server from another system with shares. Came back every week and got 2 exe files every time. Avast deleted files. Security Essentials repaired (cleaned) files. But it's still lurking on my network. Gotta clean 8 systems. What a pain this one is. Tenga Gael virus depending on anti-virus.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37109
Re: Excessive false positives
« Reply #21 on: August 21, 2013, 07:54:06 AM »
and since you uninstalled one AV (avast) to install a new AV, then you probably helped the file infector to spread.    ;)