Author Topic: Different AV-Engines reporting Avast-Files as Virus !  (Read 3694 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88761
  • No support PMs thanks
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #15 on: September 27, 2023, 10:51:30 AM »
This really is a question you should ask of Emsisoft and or reported to them as false positives. 
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.1.6099 (build 24.1.8821.762) UI 1.0.796/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3398
  • Avast shall conquer the whole world
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #16 on: September 27, 2023, 01:10:40 PM »
This really is a question you should ask of Emsisoft and or reported to them as false positives.

Agree or don't use it.
Gigabyte 670 LGA1200 Full ATX MB | Intel Core i9-13900 CPU/LGA 1700 | GeForce Nvidia RTX-4070/12GB | 32GB DDR4 | 2 x 1TB Samsung SSD | W11 Home 64bit | Avast Premium v23.11.6090 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | Firefox 64bit | MalwareBytes Premium | Adguard Premium | CCleaner Portable | Macrium Reflect | 7-Zip

Offline Dinobot2

  • Sr. Member
  • ****
  • Posts: 352
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #17 on: September 27, 2023, 07:44:15 PM »
I have indeed emailed Emsisoft about this, as I noticed something interesting.

So, as an experiment, I uninstalled Avast using the clear tool and ran the same Emsisoft Emergency Kit (EEK) scan that found the "malware." Nothing was found, which was expected.

Then I re-installed Avast and after a restart to load my settings file, I re-ran that same EEK scan with the same parameters, and nothing was found. I checked to see if the specific .dll file was still in the Program Files\Avast Software folder, and it indeed was in the same places under the 'defs' and 'x86' subfolders.

So I ran another EEK scan just of that Avast Software folder a couple of times, and it found nothing. Ok, cool.

But then I think maybe the EEK software remembered me skipping those two files in the first place, and maybe took that as me treating them as false positives (EDIT: I have been informed by Emsisoft that this is not the case. If a scan picks something up and you ignore it, it'll show up again on the next scan). Probably not the case, but to be safe I deleted the EEK folder I had, and then got their Emergency Kit file to extract their files again on my computer (EEK doesn't install on your computer, it just contains itself in a folder with the files you need). I re-ran the scan on the Program Files\Avast Software folder using EEK, and it came back clean.

Then Avast asked me to restart my computer with a pop up. So I go "uh oh" and restarted. I let my laptop sit while I went to a medical appointment, came back and ran the same EEK scan on the Program Files\Avast Software folder, and it found nothing.

So either Emsisoft's Emergency scanner had a hiccup that one time, it remembers me skipping those files still and treats that as false positive (even though I didn't mark them as such), or Emsisoft fixed the issue on their end with an update over the last 24 hours or so.

Thanks for reluctantly following me on this journey so far.
« Last Edit: September 27, 2023, 09:59:15 PM by Dinobot2 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88761
  • No support PMs thanks
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #18 on: September 27, 2023, 08:20:21 PM »
A journey it has been, but hopefully you won't fly into a panic if you run another AVs on-demand scan and it detects something of your Avast on-access scanner.

You should also remember that Avast being an on-access (active) scanner, it is also going to be scanning the Emsisoft activity.  So there is potential for conflict even if Emsisoft isn't installed.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.1.6099 (build 24.1.8821.762) UI 1.0.796/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Dinobot2

  • Sr. Member
  • ****
  • Posts: 352
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #19 on: September 29, 2023, 08:22:38 PM »
Another update on this. I had to uninstall and re-install Avast last night (long story, not relevant), and out of curiosity I did another scan of the Program Files\Avast Software, and it pulled up the same three instances as aswJsFlt.dll file as Malware. But then I did a repair on Avast (both through the app itself and using the Uninstall feature), ran the scan again (didn't even restart my computer) three times and it didn't pull up any results.

So it's possible that it has to do with Avast's installation being 'broken' or going haywire upon installation. I don't know.

EDIT: Nope, nevermind. I deleted my EEK folder and re-extracted the files again from its 'installer' and ran it again and it shows those files as 'malware' again, and then when you close and re-open the scanner, it doesn't show up on the results.

Yeah...I think I might be done with Emsisoft's Emergency Scanner.
« Last Edit: September 29, 2023, 08:47:08 PM by Dinobot2 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88761
  • No support PMs thanks
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #20 on: September 29, 2023, 08:56:47 PM »
Yes, about time you stopped banging your head against this brick wall.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.1.6099 (build 24.1.8821.762) UI 1.0.796/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3398
  • Avast shall conquer the whole world
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #21 on: September 29, 2023, 11:19:09 PM »
Yeah...I think I might be done with Emsisoft's Emergency Scanner.

Just stick to MalwareBytes and Avast, Emsisoft has been a real pain in the rear for too darn long.
Gigabyte 670 LGA1200 Full ATX MB | Intel Core i9-13900 CPU/LGA 1700 | GeForce Nvidia RTX-4070/12GB | 32GB DDR4 | 2 x 1TB Samsung SSD | W11 Home 64bit | Avast Premium v23.11.6090 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | Firefox 64bit | MalwareBytes Premium | Adguard Premium | CCleaner Portable | Macrium Reflect | 7-Zip

Offline svnupa

  • Jr. Member
  • **
  • Posts: 27
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #22 on: September 30, 2023, 05:18:50 PM »
The problem should be solved. The current scanning engine/definitions (from Emsisoft/Bitdefender Emergency Kit) no longer report Avast as malware.
« Last Edit: September 30, 2023, 05:21:36 PM by svnupa »
Windows 10 Professional - Avast Free Antivirus - Avast Secure Browser

Offline Dinobot2

  • Sr. Member
  • ****
  • Posts: 352
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #23 on: September 30, 2023, 06:35:49 PM »
The problem should be solved. The current scanning engine/definitions (from Emsisoft/Bitdefender Emergency Kit) no longer report Avast as malware.

Try deleting your EEK folder and then running the 'installer'/unpacker again. Because like I said above, after you close the scanner after the scan that picks up the Avast files as 'malware,' it won't show them up on the scan anymore once you open it again. But re-extracting the files from the "installer" will make them show up again on the first scan. At least that's was happening to me.

Offline svnupa

  • Jr. Member
  • **
  • Posts: 27
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #24 on: September 30, 2023, 10:22:57 PM »
Sorry, but I have to contradict you.
I restored my whole system this morning.
After this I updated all programs including EEK.
All data were like it was before the problem started (same starting position).
The first and the second scan result nothing, excluding EICAR-File.

Perhaps it is possible that you using the local whitelisting function (ignoring) of EEK ?
This would explain the behavior of your EEK.
Windows 10 Professional - Avast Free Antivirus - Avast Secure Browser

Offline Dinobot2

  • Sr. Member
  • ****
  • Posts: 352
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #25 on: September 30, 2023, 11:14:30 PM »
When you say you updated EEK after your restore, did you re-extract everything fresh from their installer file? Or did you have the folder with all of the subfolders, files, and scanner saved on another drive and copied and pasted it onto your computer?

I am not doing any whitelisting or exclusions on EEK or Avast, at least not manually. I thought that perhaps if the EEK scan picks something up and no action is taken (deletion or quarantine), that EEK would take that as the user wanting to ignore the files going forward. However, after speaking to Emsisoft support, I was told that shouldn't be the case, and sent a video capture of me going through the process and showing him (at his request) so he can escalate it.

Offline svnupa

  • Jr. Member
  • **
  • Posts: 27
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #26 on: October 01, 2023, 10:04:18 AM »
It was a full mirror of the hard disk, also EEK has restored.
But from this position the last update from EEK was over 70 days ago (in a manner of speaking fresh).
From this starting time EEK has never reported Avast as a malware.

When you not using ignore or something else, which version you are re-installing from EEK?
It is possible, that you using a not updated database, before you running the first time after installing?
Observe that the download of EEK-Tool is not everytime up to date with the datebase definitions (current downloadable version 3 month old) !

It is not logical if the system shows a behavior like that the one you discribe.
As far as i know EEK not working with stream services which could communicate delayed.
Perhaps try to restart EEK after updating before you scan with it the first time after re-install.
« Last Edit: October 01, 2023, 10:07:18 AM by svnupa »
Windows 10 Professional - Avast Free Antivirus - Avast Secure Browser

Offline Dinobot2

  • Sr. Member
  • ****
  • Posts: 352
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #27 on: October 01, 2023, 09:35:36 PM »
So that means it copied it as it was. Even with the update needed, it's still technically the same 'installation.' Try deleting your folder from your active drive, and re-extracting the files again and doing a scan of the same folders, if you're bored and don't mind.

I'm using the basic Emergency scanner only as you are, the latest version from their website. The issue happens whether I update or not, but on a new "installation" it automatically updates anyway.
« Last Edit: October 01, 2023, 09:45:16 PM by Dinobot2 »

Offline Dinobot2

  • Sr. Member
  • ****
  • Posts: 352
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #28 on: October 02, 2023, 11:35:48 PM »
Sure but I don't know if that's the reason to it taking long.
Trust me, I had the same similar issue.

Just to follow up on this, I did a MBAM full scan with Avast completely uninstalled a couple of nights ago, and the scan still took 16 hours. Seems like it's not completely unheard of for MB to take forever on a custom scan on the whole C drive, especially when scanning for rootkits as well.

Offline SpeedyPC

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3398
  • Avast shall conquer the whole world
Re: Different AV-Engines reporting Avast-Files as Virus !
« Reply #29 on: October 04, 2023, 12:12:00 AM »
Sure but I don't know if that's the reason to it taking long.
Trust me, I had the same similar issue.

Just to follow up on this, I did a MBAM full scan with Avast completely uninstalled a couple of nights ago, and the scan still took 16 hours. Seems like it's not completely unheard of for MB to take forever on a custom scan on the whole C drive, especially when scanning for rootkits as well.
OT:- I've never had the issue for 16 hours as yours, something is terribly wrong with your PC. Maximum full custom scan on both SSD took me just about an hour and 20 mins.

Gigabyte 670 LGA1200 Full ATX MB | Intel Core i9-13900 CPU/LGA 1700 | GeForce Nvidia RTX-4070/12GB | 32GB DDR4 | 2 x 1TB Samsung SSD | W11 Home 64bit | Avast Premium v23.11.6090 | Avast SecureLine VPN | Avast Secure Browser | Avast Driver Updater | Avast BreachGuard | Firefox 64bit | MalwareBytes Premium | Adguard Premium | CCleaner Portable | Macrium Reflect | 7-Zip