Hi everyone, I’m new to the board here. I’ve been using avast! free for a short time now as my friends have said it’s better than AVG free. I have so far been pretty impressed, it seems to use less memory too ;D
As the subject title says, my printer has a status monitor that has been disabled because I deleted a “virus” that avast! picked up. I have no problems uninstalling/reinstalling my printer drivers to make this work again, but how can I make avast! ignore this? Is there a section that I haven’t found yet that lets you create exceptions? Is this a problem that is able to be fixed with an update?
It’s probably a simple answer to my question, but I would very much appreciate it if someone could either give me the answer or a link that will help me out.
I’ll post a pic of the error when I have done the whole re-installation thing. Then I’m guessing avast! will pick it up again and I’ll take a screenshot.
It will obviously detect it again, choose ignore and exclude from scanning as below.
What is the infected/suspected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner I feel virustotal is the better option as it uses the windows version of avast (more packers supported) and there are currently 30 different scanners.
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. Whichever scanner you use, you can’t do this with the file in the chest, you will need to move it out.
If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced, Add and Program Settings, Exclusions) and Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the Standard Shield and Program Settings, exclusions.
Also see False Positives, how to report it to avast! and what to do to exclude them until the problem is corrected.
Hi DavidR, I’m just downloading the new drivers now and thought I’d check the thread again. Under the Warning section of the Log viewer, it has this information:
Sign of "Win32:Nuj [Wrm]" has been found in "C:\program files\brother\brmfcmon\brmfcmon.exe" file.
I am confident that this is the correct version of my Brother Multi-Function-Centre Monitor. After my drivers finish downloading (80MB with the monitor software included) I will install it and see if it gets picked up again. Even if it doesn’t (which I will be very confused) I will submit it to VirusTotal and/or Jotti just to be sure.
Thanks for the information on the false positive exclusion list. I will most probably add it to that list and I will definitely see the False Positives link you gave me for reporting it to avast! Thanks so much for your reply.
Well Windows reports the file as 68.0KB, so I don’t think we’ll have too many problems uploading it. The funniest thing now is that I have completely uninstalled the printer drivers and software, deleted the file from the avast! chest, reinstalled the drivers and software and avast! has not flagged it… ??? So I ran a full system scan just to be sure, and I’ve had nothing found at all. So my guess then becomes this: did something really infect the file and then avast! flagged it? I guess it’s a bit difficult for you to answer that now! But I wasn’t concerned at all in the first instance because it’s a reporting tool, it gathers and sends information about my printer. I guess tomorrow I’ll upload the file to VirusTotal and Jotti, but everything’s running sweet now.
I’ll stop wasting your time further!
Cheers, thanks for your replies.
There are many mysteries in computing, it is possible that because this is a relatively common printer driver, someone else might have also had the same issue and submitted the file for analysis and it has been corrected. However, it won’t hurt to check the file out at VirusTotal and Jotti.
Alright, just to finish off this thread if anyone else decides to do a search for this same problem:
Both VirusTotal and Jotti have given the all-clean, nothing was found. I simply uninstalled and reinstalled the drivers and software and I had no more problems.
