Author Topic: after update  (Read 3114 times)

0 Members and 1 Guest are viewing this topic.

Offline iskor

  • Newbie
  • *
  • Posts: 4
after update
« on: January 31, 2009, 05:03:31 AM »
their are software that ive been using for almost a year but after my last update of avast it detect the software as a virus. how can i configure avast so i can use that software again

Offline Bluesman

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 907
  • Amiga Power!
Re: after update
« Reply #1 on: January 31, 2009, 09:23:10 AM »
their are software that ive been using for almost a year but after my last update of avast it detect the software as a virus. how can i configure avast so i can use that software again

Welcome to the forum!

What software are you using? And what virus is avast showing?
"The blues are the roots, everything else is the fruits" -Willie Dixon

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85757
  • No support PMs thanks
Re: after update
« Reply #2 on: January 31, 2009, 03:58:48 PM »
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline iskor

  • Newbie
  • *
  • Posts: 4
Re: after update
« Reply #3 on: February 03, 2009, 01:26:34 PM »
their are software that ive been using for almost a year but after my last update of avast it detect the software as a virus. how can i configure avast so i can use that software again

Welcome to the forum!

What software are you using? And what virus is avast showing?
im a cellphone technician and im using sarasoft and nokia phoenix software.
avast detect it as win32 trojan. i am confident that this software are clean. and ive been using

Offline iskor

  • Newbie
  • *
  • Posts: 4
Re: after update
« Reply #4 on: February 03, 2009, 01:33:54 PM »
What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections. C:\Program Files\Alwil Software\Avast4\ashLogV.exe

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

here is the log from virus total

Antivirus    Version    Last Update    Result
AhnLab-V3    -    -    -
AntiVir    -    -    -
Authentium    -    -    -
Avast    -    -    -
AVG    -    -    -
BitDefender    -    -    -
CAT-QuickHeal    -    -    -
ClamAV    -    -    PUA.Packed.Themida
DrWeb    -    -    -
eSafe    -    -    -
eTrust-Vet    -    -    -
Ewido    -    -    -
F-Prot    -    -    -
F-Secure    -    -    -
FileAdvisor    -    -    -
Fortinet    -    -    -
Ikarus    -    -    -
Kaspersky    -    -    -
McAfee    -    -    -
Microsoft    -    -    -
NOD32v2    -    -    -
Norman    -    -    -
Panda    -    -    -
Prevx1    -    -    -
Rising    -    -    -
Sophos    -    -    -
Sunbelt    -    -    VIPRE.Suspicious
Symantec    -    -    -
TheHacker    -    -    W32/Behav-Heuristic-064
VBA32    -    -    -
VirusBuster    -    -    -
Webwasher-Gateway    -    -    Win32.EPO.gen (suspicious)
Additional information
MD5: a67f4f5fc1c6c1142a04d4f9dac0ba4d
SHA1: 8ff54dd96c07999254e3c48a39183a5cac79367e
SHA256: fd41e7ba808f99c0bc1514a011618f3c93f220b6aee390188d25b17f2ed48f32
SHA512: cee85e3096bd118497e3b23da3a0968ede749eec48d2e8e45833ec1a2d517a00688208a7c5282651ea0435b5b0375ab3681fdf1f5e14e7eb5f00b090794247bd



Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85757
  • No support PMs thanks
Re: after update
« Reply #5 on: February 03, 2009, 04:07:29 PM »
It isn't unusual to not have avast detect on VirusTotal when it does so on your system. VT isn't able to update the VPS in real time as the user is and this is often the cause. Remember the point of submitting it to VT is to see what the other scanners find.

So the others report 1 case of a Possibly Unwanted Application and 3 that are heuristic detections which are more prone to false positive.

You didn't say what the file name was and more importantly in this case the malware name (which based on the other detections, I suspect is win32:trojan-gen) ?

So based on the VT results alone I would suggest that you scan the file again and if detected report as a false positive, so that it can be uploaded to avast, analysed and hopefully corrected.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline iskor

  • Newbie
  • *
  • Posts: 4
Re: after update
« Reply #6 on: February 04, 2009, 12:59:43 PM »
It isn't unusual to not have avast detect on VirusTotal when it does so on your system. VT isn't able to update the VPS in real time as the user is and this is often the cause. Remember the point of submitting it to VT is to see what the other scanners find.

So the others report 1 case of a Possibly Unwanted Application and 3 that are heuristic detections which are more prone to false positive.

You didn't say what the file name was and more importantly in this case the malware name (which based on the other detections, I suspect is win32:trojan-gen) ?

So based on the VT results alone I would suggest that you scan the file again and if detected report as a false positive, so that it can be uploaded to avast, analysed and hopefully corrected.
so at this time there is no way i can configure avast not to detect it as a virus. hmmmmm my job was sacrifice
hope alwil team will do something about it.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85757
  • No support PMs thanks
Re: after update
« Reply #7 on: February 04, 2009, 04:23:00 PM »
Of course there is, have you not taken the clue in what was done to upload it to VirusTotal without avast alerting ;D

I suggested you exclude the suspect folder then add the path and file name to that (however you would be accepting the risk that it could well be infected), so you can create an exclusion for that file in its original location in the standard shield as you did for the suspect folder.

Hoping that the Alwil team do something about it doesn't work, I hope I win the lotto, but if I don't enter I can't hope to win. It is the same, you have to submit the file to avast for analysis as I mentioned earlier in both my posts (you don't say if you have done that ?) or they will be unaware of the problem.

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security