I’m getting a false positive with a file called bmail.exe which I use to mail my self various logs and other information from client computers.
Bmail is a handy command line SMTP mailer which works nicely in scripts.
Can this please be fixed? And why has AVAST chosen this moment in time to nuke it after I have been running it for nearly 3 years?
Time Traveller
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 32 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.
If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions) and Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Also see False Positives, how to report it to avast! and what to do to exclude them until the problem is corrected.
Because generic signatures could be added and some ‘old’ secure and clean files could match the new pattern of the signatures. It would be good if you follow David’s advices 8)
I also have this problem with bmail.exe, it just started over the weekend (with the 080112 update).
I don’t have a problem with adding bmail.exe to my exclusions lists, but it doesn’t work.
I was able to add the exclusion to both places mentioned, but the on-access one is ignored. Whenever I try to run bmail.exe it flags as a virus. Right-click in explorer and select ‘scan’ and it replies as expected, that 0 files were scanned and 0 viruses found. But the on-access method just doesn’t appear to be working, I probably have something setup wrong because when I go into standard shield and try to move the slider to ‘custom’, it goes back to ‘normal’ after I hit OK and re-open the standard shield settings. Sorry to sound like a newbie, but I’m cold and tired, and hoping this sounds familiar to somebody that quickly reply with some idea of why my exclusions are ignored.
Thanks,
Craig
I would like to know also…
Did you really put the corresponding filemask into the exclusion list of the Standard Shield? (which is different from the exclusion list of the on-demand scanners, such as the Explorer Extension)
Can you post a screenshot of the settings, together with the “Virus found!” dialog that detects the file?
Thanks for taking an interest - here are 3 screenshots.
The first is the program settings/exclude entry.
The second is the on-demand/standard shield/exclude entry. (I tried this several different ways, including C:\WINUTILS\BMAIL.EXE, BMAIL.EXE, BMAIL.*, etc)
The third is the normal/high/custom slider that won’t stay on custom…
Thanks for any advice!
Craig
What operating system do you use?
Windows 2000 Professional…
BTW, I forgot the ‘virus caught’ message screencap. Here it is. This is what pops up when I try to run bmail.exe, but avast does NOT flag a virus if I scan my C: drive or the bmail.exe program manually.
This wouldn’t be such a big issue, but bmail is probably one of the most important things in my utilities folder - I use it to autoforward emails to my cellphone, pass programming source & data between work/home automatically, and provide status reports of programs I’ve written to myself, my supervisors, and loads of other people. It’s indispensible.
One may ask how I am getting around this problem? I have avast turned off and have 0 virus protection. 
Thanks much,
Craig
OK, it seems that the exclusion really doesn’t work for “execution” (unlike “read” and “write”) on Windows 2000 (and probably also Windows NT4).
I guess Vlk will fix it for the next version.
Thanks for all that collaborate here to find and correct the bug 8)
Any suggestions how to work around this until the next version? Currently I have Avast disabled, but if the next version takes a good while to get here, I need to figure out something else. Thinking of using a UPX compressor or something on bmail.exe, maybe that’ll get around avast?
C
Stop the presses! I see my VPS updated a little over an hour ago, and I just tested by turning Avast back on and bmail works without throwing a virus detection. Hooray! If somebody reading this had something to do with the fix, thanks so much!!
Craig
Got a similar problem now.
I create small GUI utilities on occasion, using AutoHotKey, and all of them started getting flagged by Avast as viruses this morning. Is Sunday ‘beta signature’ day or something? 
C