Author Topic: Wrong Time on Malware Detection Reports  (Read 1947 times)

0 Members and 1 Guest are viewing this topic.

Offline KDibble

  • Sr. Member
  • ****
  • Posts: 229
Wrong Time on Malware Detection Reports
« on: August 12, 2013, 05:40:35 PM »
I have a "Daily Report" task configured to email me the "Malware detected in last 24 hours" report every day at 6:00 am my local time. I do receive this email daily and the time sent is correct: 6:00 am local time.

However, this report can indicate that malware was detected on a machine that was not running at the time of detection. For example:

Win32:Cutwail-AS [Trj]   1    SomeMachineName  8/12/2013  3:09:13 AM

In other words, the malware was allegedly detected at about 3:09 in the morning, local time. I know for a fact that the specified machine was not running at that time.

I have verified that the system time on that machine is set correctly to current local time. And the system time on the computer running the SOA is also set correctly.

I also know in this particular case that the specified machine WAS running at about 9:00 am local time, and the user checked email at around 9:09 AM.

And my local time zone happens to be 6 hours earlier than the time zone for the Czech Republic.

I am therefore suspicious. I have seen a few other posts on the forum indicating that some Avast! features that rely on time settings seem to be hard-coded to use Czech time instead of the local time on the machine on which the software is running.

Can anyone else confirm this issue? And can an Avast! representative respond as well?

Thank you.

Offline KDibble

  • Sr. Member
  • ****
  • Posts: 229
Re: Wrong Time on Malware Detection Reports
« Reply #1 on: August 14, 2013, 03:28:49 PM »
Now this is really strange. I can find the reports in the SOA report archive that recorded these malware detections at 3:00 o'clock in the morning, local time (and another one that had one incident at about 4:00 the previous morning). These are both "Malware detected in the last 24 hours".

HOWEVER, when I run "Malware detected in the last 7 days", a period of time that should include those two 24-hour reports, those incidents are not included. The machines on which they occurred are not even in the list.

What is going on here???