Author Topic: Excel spreadsheets reporting "MX97:CVE-2009-3127 [Expl]" suspect false +  (Read 4510 times)

0 Members and 1 Guest are viewing this topic.

daypet1

  • Guest
We have had a lot of XL spreadsheets deleted today after AVast reported the "MX97:CVE-2009-3127 [Expl]" virus. We have checked the particular files on virustotal.com and only Avast and gdata report them as having a virus. We suspect that the offending files have a pivot table in them. could you acknowledge this is a false psoitive please

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88899
  • No support PMs thanks
Re: Excel spreadsheets reporting "MX97:CVE-2009-3127 [Expl]" suspect false +
« Reply #1 on: December 01, 2009, 07:19:00 PM »
What do you mean deleted, avast doesn't take autonomous action, but alerts and asks the user what action to take. Presumably you chose delete ?

GData also uses avast as one of its two scanners, so effectively one detection and most likely an FP.

Send a copy of the sample (with any personal data stripped out) to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and false positive in the subject.
 
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn't already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
 
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

daypet1

  • Guest
Re: Excel spreadsheets reporting "MX97:CVE-2009-3127 [Expl]" suspect false +
« Reply #2 on: December 02, 2009, 10:03:46 AM »
What i mean't by deleted is put in the CHEST. this in itself is a problem as the files are accessed by numerous people and therefore in multiple CHESTS.. I have emailed as suggested

Thanks for the response

kubecj

  • Guest
Re: Excel spreadsheets reporting "MX97:CVE-2009-3127 [Expl]" suspect false +
« Reply #3 on: December 02, 2009, 12:17:01 PM »
It was false positive, removed from yesterday's update. Today, the fixed update will be out.

It caught all files with pivot tables and pwd protection at the same moment.