I have recently installed a HardSID Quatrourl=http://www.hardsid.com[/url] pci-card in my PC. Now, Avast reports a W32:Toal worm in one of the setup files (HSMIDISetup.exe) in the software package for this card. Several people have scanned their files with different anitvirus softwares and no other software reports this worm to be present. If you cjeck the info for the W32:Toal worm you’ll also see that this would be a very unusual way to infect a computer with this particual worm…
Now, my problem is, that in order to use my HardSID card I have to turn Avast On-Access protection completely off… Its anoying since windows constantly reminds me that my anti virus software is turned off. Naturally I do not want to change anti virus software since I really like Avast - but they have to do something about this…
If you at least could turn On-Access protection off for certain folders or files it would be great, but ofcourse the feature of turning virus protection of is for all other functions of avast except On-Access protection.
Until Avast fixes this I will be more exposed to viruses than I would like…
Anyone else that has experienced something similar? And how long did it take for Avast to act? I contacted them last week but havn’t heard anything yet…
You can do that. Select Standard Shield and then Customize… button and select Exclusions tab, Then just enter folder you want to exclude.
For On-Demand scan you have to separately set the same exclusions if you want…
I have exactly the same problem, could you fix that in a later version ?
I tried to exclude the directory and the file like RejZor say, but it doesn’t work for me. When i try to launch the exe, Avast force me to Erase/Quarantine/Stop.
Exactly the same, you resurrected a topic over 18 months old if this were a false positive detection I would have expected it to have been corrected or that hardware to have had a software upgrade by now.
What is the file name and location of the file being detected ?
What exactly are you entering in the Standard Shield, Customize, Advanced, Add area (that is were you are adding it) ?
a topic over 18 months old if this were a false positive detection I would have expected it to have been corrected or that hardware to have had a software upgrade by now
Me too
There is the result :
AntiVir 7.3.1.34 02.08.2007 no virus found
Authentium 4.93.8 02.07.2007 no virus found
[b]Avast 4.7.936.0 02.08.2007 Win32:Toal[/b]
AVG 386 02.08.2007 no virus found
BitDefender 7.2 02.08.2007 no virus found
CAT-QuickHeal 9.00 02.08.2007 no virus found
ClamAV devel-20060426 02.08.2007 no virus found
DrWeb 4.33 02.08.2007 no virus found
eSafe 7.0.14.0 02.08.2007 no virus found
eTrust-InoculateIT 30.4.3378 02.08.2007 no virus found
eTrust-Vet 30.4.3378 02.08.2007 no virus found
Ewido 4.0 02.08.2007 no virus found
Fortinet 2.85.0.0 02.08.2007 no virus found
F-Prot 4.2.1.29 02.07.2007 no virus found
F-Secure 6.70.13030.0 02.08.2007 no virus found
Ikarus T3.1.0.31 02.08.2007 no virus found
Kaspersky 4.0.2.24 02.08.2007 no virus found
McAfee 4959 02.08.2007 no virus found
Microsoft 1.2101 02.08.2007 no virus found
NOD32v2 2046 02.08.2007 no virus found
Norman 5.80.02 02.08.2007 no virus found
Panda 9.0.0.4 02.08.2007 no virus found
And this is the link to the archive (the exe is Hardsidmidi)
But i don't understand why Avast is the only one to detect a virus here.
I don't either but signatures can get confused where a string might match but not be malicious, this does on occasion happen after a large signature update.
The important thing is to send a sample to avast so it can be freshly analysed and corrected.
Send the sample to virus@avast.com zipped and password protected with password in email body and false positive/undetected malware in the subject. Or you can also add the file to the User Files (File, Add) section of the avast chest and send it from there (right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest.
You can read the false positive link above if need be.