Cheetachat

If someone could help here to find out why this YMSG.DLL is showing as a Win32:NucleRoot - d [trj] I would love to know as I can’t get this program to run and have no options to ignore it. I trust the programmer enough to use his program and was ask to ask the antivirus company to find out whats going on.

www.cheetachat.com

Avast 4.7 build fully updated.

Thanks,
Skelator

For the Standard Shield provider (on-access scanning):
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize.
Go to Advanced tab and click on Add button…

For the other providers (on-demmand scanning):
Right click the ‘a’ blue icon, click Program Settings.
Go to Exclusions tab and click on Add button…

You can use wildcards like * and ?.
But be carefull, you should ‘exclude’ that many files that let your system in danger.

How can I change this if when I load the program that Avast Home picks it up with a virus embedded? I was asked to post to yourselves to download the program and get back to them yourselves to find out what the issue actually is. I don’t know who BYE is that sent me a private message but would love to know what email it showed I had sent out that contained a virus and at that being why didn’t Avast pick it up while it was being sent if there was one?

Skelator

Trust is a wonderful thing and if you are prepared to accept the program is safe, pause the Standard Shield provider to enable installation.

I also suggest that you also check the suspect file at: VirusTotal - Multi engine on-line virus scanner
Or Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. You can’t do this with the file in the chest, you will need to move it out.

If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced and Program Settings, Exclusions) and check scan it periodically using the ashQuick scan (right click scan, it will need to be temporarily removed from the standard shield exclusions otherwise it won’t be scanned), when it is no longer detected then you can also remove it from the program settings, exclusions.
Also see (Mini Sticky) False Positives, how to report and what to do to exclude them until the problem is corrected.

David,

Thanks for the links and I used the VirusTotal one and all including Avast said the dll wasn’t a virus so I’ll pass on the information to the programmer that all is fine and your suggestion on how to have Avast allow the program to load.

Thanks again,
Skelator

I would try to load it again before you pause standard shield, I don’t know it virustotal is using the latest virus database and there was another today. Ensure you have the latest VPS as it may have been detected as a result of a recent update.

If not detected no problem, if detected then you will also need to check out the mini sticky false positive link and send it to avast, so the FP can be corrected in a later VPS update.

David,

All seems fine after following what you said to do and being Cheetachat is again back out and is in it’s late Beta stages, they just wanted to know why Avast seen it’s dll as a problem. If you would like please download it for the heck of it and see what you can find out that may help them out. I am a support person/moderator on it’s forums and plan on posting how to work around Avast’s issue of shutting it down that you had provided the fix to.

Thanks,
Skelator

I’m just an avast user like yourself and I leave this up to the experts at alwil which is why I suggested (mini sticky thread) sending it to avast.

Samples sent if confirmed to be a false positive will result in the VPS being updated which is a better solution all round.