avast! false positive
dfdff3000
24 Feb 2013
I just wanted to make mention that the file system shield in avast! free antivirus is preventing the opening of autopatcher.exe and moving the file to it's virus chest. Today is the first time I've seen this behavior. Interestingly, right clicking on the file and running a scan of it shows no threat. Anyway, I just wanted to give a heads up. I assume it's a false positive and have reported it to avast! as such.
ViroMan
24 Feb 2013
What?! Is that the free avast or the paid one? (derp he said free.) I ask so I can install and try it out. If its the paid one then I won't.
The only reason I can think of is that it may be doing it on a name basis... since there are a few bad versions out in the wild not from here.
Edited by ViroMan, 24 February 2013 - 11:12 PM.
The only reason I can think of is that it may be doing it on a name basis... since there are a few bad versions out in the wild not from here.
Edited by ViroMan, 24 February 2013 - 11:12 PM.
dfdff3000
25 Feb 2013
Yeah, I know this isn't a new problem ... and that there are bad versions (not from here) floating around in the wild. I'd guess that you're probably correct about it doing it on a name basis. Checking out it's properties once it's in the file chest, it gives it's virus description as FileRepMalware. I was hoping a more current definition update would have corrected the false positive by now, but it hasn't happened so far.
ViroMan
25 Feb 2013
From avasts website:
So from that I gather that since its not signed or because of the relatively low amount of people who use it(while growing) it could be thought of as malware thats gaining a foothold.(From their perspective) If more people who had avast said(via clicking on it) it was clean it would no longer be considered malware.
I wonder if I can get in contact with them and get this sorted out.
Edited by ViroMan, 25 February 2013 - 12:18 PM.
Quote
The FileRep feature in the new avast! 7 accelerates malware detection thanks to its “in-the-cloud” database of clean files, improving detection of new and emerging threats.
Quote
Two key data categories tracked in FileRep are file age (emergence) and the number of computers that have already opened it (prevalence). Additional data categories tracked in FileRep are file distribution, the source URL, and digital signature status. The data is contributed anonymously by CommunityIQ members, the avast! user network of sensors.
So from that I gather that since its not signed or because of the relatively low amount of people who use it(while growing) it could be thought of as malware thats gaining a foothold.(From their perspective) If more people who had avast said(via clicking on it) it was clean it would no longer be considered malware.
I wonder if I can get in contact with them and get this sorted out.
Edited by ViroMan, 25 February 2013 - 12:18 PM.
dfdff3000
01 Mar 2013
I'm not sure if you were able to get a hold of someone or not. Or, it could have been a new virus definitions file. Or, it could have been that avast! came out with a new version (8) of the program today. Whatever it was, autopatcher.exe appears to be opening and running fine for me now 
.
As an aside, I like the progress you continue to make with this project Viroman. I haven't tried the bleeding edge new versions. I've just been waiting for them to get down to the regular channels. Sweeper is a really nice addition to apup. It's great the way it can take an annoying unofficial build and crop out the files that don't belong. Hopefully the progress can continue. You and the release maintainers have come a long way. I was sensing a little frustration among a couple of them a few days ago. I realize what you guys do is a lot of work and you all don't get enough thanks. I wish more people would say it, as I'm sure there are many who do appreciate the efforts of the team here. Anywho, many thanks.
Edited by dfdff3000, 01 March 2013 - 04:52 AM.
.As an aside, I like the progress you continue to make with this project Viroman. I haven't tried the bleeding edge new versions. I've just been waiting for them to get down to the regular channels. Sweeper is a really nice addition to apup. It's great the way it can take an annoying unofficial build and crop out the files that don't belong. Hopefully the progress can continue. You and the release maintainers have come a long way. I was sensing a little frustration among a couple of them a few days ago. I realize what you guys do is a lot of work and you all don't get enough thanks. I wish more people would say it, as I'm sure there are many who do appreciate the efforts of the team here. Anywho, many thanks.
Edited by dfdff3000, 01 March 2013 - 04:52 AM.
ViroMan
02 Mar 2013
Thanks, its nice to know people care... and I mean it. Sometimes it seems as though I am putting time into something that doesn't get much attention but, then I realize that, just because they don't speak up doesn't mean they don't use it and appreciate it. The more I hear people say they like it the more confidence I have about the future of this project.
I realize that things have slowed down a significant amount since I got my job(I think its killing me slowly) but, I intend to plod along as quickly as I can.
ohh and , I guess something else happened with avast since I have not gotten in contact with them yet.
Edited by ViroMan, 02 March 2013 - 02:42 AM.
I realize that things have slowed down a significant amount since I got my job(I think its killing me slowly) but, I intend to plod along as quickly as I can.
ohh and , I guess something else happened with avast since I have not gotten in contact with them yet.
Edited by ViroMan, 02 March 2013 - 02:42 AM.
