Dr.Web CureIt! is false positive

[Fnaq]

Avast makes a false positive reaction to good file.
Dr.Web CureIt! (no need to install it) is quickly scanner for home computers and cure it of malicious objects.
This scanner is used by many Russian-speaking laymans for many years.
I can not provide a report on the security of the file (virustotal for example) due to the fact that its size exceeds the limit.


I made reports of false positives, which are offered in a pop-up window July 8 and another one today.


Dr.Web CureIt! home page : hxxp://www.freedrweb.com/?lng=en


My AIS version: 10.3.2223. Virus defenitions: 150711-1, but complaints have been reported by other users.
Forum in russian: https://forum.avast.com/index.php?topic=173361
I made a request to the technical support, TICKET: #YJV-875-91904 (in russian).
My native language is Russian, I use machine translation. No avast staff in the Russian part of the forum.
Please Repair false alarms.

[Pondus]

Dr.Web CureIt! (no need to install it) is quickly scanner for home computers and cure it of malicious objects.

We know it wery well. It is is often used here by the malware removal team

Detection by AV for removal tools happens all the time, expecially after update so this is normal

You may report it here   https://support.avast.com  >  avast virus lab



Next time, post virus and false positive problems in Viruses and Worms forum section

[polonus]

Hi Fnaq,

I like to have DrWeb url link checker, because it is complementary to Avast's Online Security.
This meaning threats that Avast misses are often found up by DrWeb's and vice versa.
DrWeb's extension also blocks ads and Flash plug-ins when set to do so.
We also have various sympathetic Russian users here that make our contacts with DrWeb's very cordial. 
And as said for certain infections our volunteer qualified removal experts use DrWeb's tool.

Back on-topic now:

See: http://app.webinspector.com/public/reports/37285545 OK
http://toolbar.netcraft.com/site_report?url=http://download.geo.drweb.com  also OK
Sucuri scan: System Details:
Running on: nginx/42
Unable to properly scan your site. Site returning error (40x): HTTP/1.1 404 Not Found
Very old detection!

On a side-note:

This is the probable why: https://www.virustotal.com/nl/ip-address/83.222.3.90/information/
Some file a PUP detection: https://www.virustotal.com/nl/file/cefb19e85a401b350756e2b409f42dab256d70df40125e31a948d2183b95ab83/analysis/

Does DrWeb come with additional goodies in the downloader (adware etc)?
I was not aware of that!
DrWeb itself detects this as "Trojan.LoadMoney.383",
I recognize that this program may have legitimate uses in contexts
where an authorized administrator has knowingly installed this application.

Probably the good guys from St. Petersburg know what this is all about
and why it should not be considered a Possible Unwanted Program?

pozdrawiam,

polonus