Dear reader,
Avast see an program from me as a virus, only I trust that program, and I know its not an virus.
But click I on the button no action, then start my program not more. ???
If I default shell pause, he finds the virus and can I just start that program.
But is there perhaps a folder or something where I can make exceptions or something? That avast does not scan that folder?
Thanks,
Buntje
What avast version are you using 4.8 or 5.0 ?
avast won’t let you run a file that it considers infected even if you say to Ignore or take No Action, you would have to exclude it from the resident scanner to stop it scanning it. That isn’t advisable unless you confirm it isn’t infected.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
That is why I need to know what avast version you use as the actions are different.
I used 4.8 Home edition, only need I the Disk scan with that scanner? Or should I just scan the files in question? That is the problem, I cant find the file where it to go. In the map self can I find it, but not in that site.
Sorry for me bad English.
It’s managed.
This file goes: http://www.virustotal.com/nl/analisis/21f9e642840b3c888c6ec1986990a04e0f553d4b665e11f00b82c0705c18080c-1279730777
What need I to do now?
Well under normal circumstances I would say that is a conclusive detection. However, if you are using Themida as the packer for this file, that packer is commonly used by malware writers to try and block/obfuscate the file from being scanned by AVs. Unfortunately some are detecting based on the packer alone (possibly as they can’t unpack it) and others might be detecting on a raw scan, so it isn’t conclusive.
Is this a program that you created yourself and packed using Themida ?
You could send the file to avast for analysis as a possible False Positive (FP), but I’m not confident that it would be found as that, explain as much as you can about the program, etc.
Send the sample to virus (at) avast (dot) com zipped and password protected with the password in email body, a link to this topic might help and false positive/undetected malware in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.