[font=Verdana]MODERATOR,,Plz bear with me,move this post ) if asked in wrong forum,
copy of email sent to AVAST,(waiting for reply) IF anyone can help it would be appreciated,THANK U “Clato”, p.s. never heard of a false positive.
HELLO TO YOU,
Have never heard of a ""false / positive virus warning befor last Sunday, Have been using ONLY AVAST-(presantly 4.8) probally last 5+ yrs any way I was told on World Wide tech site to send this to AVAST & they can test it for you, never happened befor, below is the question/world wide site where question was asked along with the reply,Please can you check this for me, Thank you Sir,
TUNEUP utilities 2006 -Virus-tune-Up have been using (PAID VERSION)Tune up 2006 for last 2 years all ok,instead of upgrading,did a fullformat last night on this comput,(haven’t needed to do one april last year)So go to re istall my PAID FOR tuneup 2006,and get this (pict)just windering if this is the way SOME companies figure to try to make or FORCE people to buy their newer product,by adding a viruse to a previous or old programthe programs were installed from a disc & disc was vieus scanned, tuneup after installation wasvirs scanned , all clean ,ONLY WHEN trying to add 2006 update does a virus warning show up…[b]is there either another free programs like tuneup,or am I & others NOW going to be FORCED to buy 2008 version if we want to use tuneup.and idea what may have caused a virus to get into a 2 yr old porgram.thanks====================================replyYou need to send the suspected file to Avast for them to look at so they can fix it.
[img]
hello Maxx, THANKYOU for theinfo, unloaded tuneup 2006,using temp tuneup 2007 for 30 days,
use the “report as a false positive” option in bottom part of the virus dialog…
I have NO IDEA where this is, do you men @ bottom right dropsown window?
also any idea WHY now after 2 yrs this is being done by AVAST,?
Don’t know if I can / should re download TU2006 & ignore warning by AVAST
or
maybe try another popular antivirus - and see what results are
but I KNOW am going to run a full virus scan in safe mode tonight on computer
It would take a little time (not too long) for avast to analyse it and if a false positive, correct the VPS and release it on the next VPS update.
In the mean time you would need to exclude the file from scans, see below. However, to be sure it is a false positive, you would have to test it at virustotal.
Exclude from scans - add it to the exclusions lists: Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions (right click the avast ’ a ’ icon)
Restore it to its original location (if in the chest), periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
VirusTotal - Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
In the mean time you would need to exclude the file from scans, see below. However, to be sure it is a false positive, you would have to test it at virustotal.
David,THANK U SIR, for the help, as you can see by pict’s nothing listed,
also "“bear with my stupidity,I DON’T KNOW”
but you mentioned TRYING TO UNDERSTAND WAT you are saying?,I’am no computer wiz,
Exclude from scans - add it to the exclusions lists:
Standard Shield, Customize, Advanced, Add and
Program Settings, Exclusions
so are you saying that I should again d/l the TuneUp 2006, but when it hits (virus warning) on the update,
instead of deleteing the file click on move to chest?
and will TRY to find infected file on C drive & move it into a folder on desktop, then ty to run scan at your mentioned link,
DAVID, here is the results of the virus scan,
Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner
Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page
so does this (results) mean that a virus has infected the tuneup 2006 (that I have saved on a cd)
Al the 5 detections are generic, which are more prone to false positive, so I I suggest you send the sample to avast for analysis as a possible false positive, you can scan the file again with avast and when it alerts use the link in the Image I posted in my first reply above (Reply #4 in the topic) to report it as a false positive.
HELLO dAVID, alreasy did as you sugested
so I I suggest you send the sample to avast for analysis as a possible false positive, you can scan the file again with avast and when it alerts use the link in the Image I posted in my first reply above (Reply #4 in the topic) to report it as a false positive
haven’t heard anything back,and ran a bootup scan & again showed a tuneup is infected withoj gen)““WIN32 troj,gen””
You normally don’t get contacted unless a) they need more information B) you gave a contact email in the report.
That is why I suggested the rescan option in my second post, Reply #6 of this topic. It takes a little time (not too long) for them to analyse the sample and correct the detection signatures, it is then added to the next VPS update.
It would continue to detect it on any scan that you do until the signature is corrected and addition to the VPS update. I would just have left it there bot uninstall as avast normally doesn’t take long to correct if confirmed as a false positive.
David, ok THANK YOU, will re install TuneUP 2006, just not the updates, (since all use it for is the disk & register cleaner & SPECIAL boot & sigh on screens, thank you again SIR,
"clato
[quote author=DavidR link=topic=40400.msg338732#msg338732 date=1227664044]
It would take a little time (not too long) for avast to analyze it and if a false positive, correct the VPS and release it on the next VPS update.
I just wanted to say “Thank You” for this excellent mini-tutorial. The VirusTotal showed 1 probable False Positive, 1 Adware/Aureate (43%) nasty little ba$turd and one really bad Rootkit (100% in VT)
Bob
Note: Will continue rtfm’ing for upload to AVAST! (Alwil SW)
I just wanted to say “Thank You” for this excellent mini-tutorial. The VirusTotal showed 1 probable False Positive, 1 Adware/Aureate (43%) nasty little ba$turd and one really bad Rootkit (100% in VT) 