Author Topic: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan (Read 3150 times)

robinh3123 · « **on:** May 02, 2014, 06:22:54 AM »

Summary:
The results of on-the-fly detection mismatches the results of manual scan.

Descriptions: Compiling a Hello World C program by GCC/MinGW, cause a virus alert (on-the-fly), and the executable is sent to the Quarantine zone. However, if the same program scanned by avast again, no virus is detected.

Reproduce:
1) Install Avast! free (on PC, Windows 7)
2) Install MinGW (bash, compiler)
3) Edit a hello world program, call it "1.c":
#include <stdio.h>

int main(void)
{
printf ("Hello world\r\n");
return 0;
}
4) Edit Makefile (to make things easy):
1.exe: 1.o
gcc -g $< -o $@

5) type make
[Result 1: Virus detected by Avast!]

6) Do it again with avast! disabled. (1.exe will be generated)
7) Open a windows explorer, right click on 1.exe, and click on "Scan 1.exe" (by avast!, of course).
[Result 2: No Virus is detected]

jvidal · « **Reply #1 on:** May 02, 2014, 06:26:09 AM »

This isn't news, by any means.
It happens to me all the time. Avast flags a file as some virus, but right clicking and scanning the file doesn't detect anything. I think it's a long standing bug.

robinh3123 · « **Reply #2 on:** May 02, 2014, 06:30:19 AM »

Version information:
Avast! free: most recent as of 2014/5/2 12:25 (+8:00 timezone)
MinGW gcc: 4.8.1
bash: 3.1.17(1)-release
make: GNU Make 3.81

Note: bash is to run make,
Note: gcc, bash, and make are installed in MinGW distribution, release-2013-10-04

robinh3123 · « **Reply #3 on:** May 02, 2014, 06:32:59 AM »

I don't know it is not new... However, this is a serious bug. Consider that if I am building a large software (example OpenCV library), and encounters numerous false alarms...

Staticguy · « **Reply #4 on:** May 02, 2014, 08:43:26 AM »

The best way to confirm that this is a long standing bug is by submitting a support ticket to Avast via https://support.avast.com/Tickets/Submit

true indian · « **Reply #5 on:** May 02, 2014, 11:40:08 AM »

Is the detection named Evo-gen or FilerepMalware.If so then its deliberately done.These 2 are backend detection tactics used only in on-execution scanning not during manual scans.

Pondus · « **Reply #6 on:** May 02, 2014, 12:06:42 PM »

Quote from: True Indian on May 02, 2014, 11:40:08 AM

Is the detection named Evo-gen or FilerepMalware.If so then its deliberately done.These 2 are backend detection tactics used only in on-execution scanning not during manual scans.

As true indian say..... and none of you give the vital info, what malware name does avast give that detection

Also test the file at www.virustotal.com ( if tested before, click new scan) and post link to scan result here

Author Topic: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan (Read 3150 times)

robinh3123

[Bug Report] Avast! Free: on-the-fly detection mismatches manual scan

jvidal

Re: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan

robinh3123

Re: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan

robinh3123

Re: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan

Staticguy

Re: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan

true indian

Re: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan

Pondus

Re: [Bug Report] Avast! Free: on-the-fly detection mismatches manual scan