after daily avast update a part of Punto Swither program detects as WIN:32Malware Gen (autoupdate module)
Punto 2.9.0.0
Avast 4.8 VPS 100130-1
this is rar archive with exe file
Don’t post suspect files as attachments on the forums, please remove the attachment. However, changing the file type from .rar to .txt to be able to attach it totally stuffs the .rar archive as it is saved as a txt formatted document.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
-
avast4 - Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
-
GData uses avast as one of its two scanners so counts as 1 detection and almost certainly an FP if no other scanners detect it.
done
You could also check the offending/suspect file at: [url=http://www.virustotal.com/][b]VirusTotal - Multi engine on-line virus scanner[/b][/url] and [b]report the findings here[/b] the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
avast4 - Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
GData uses avast as one of its two scanners so counts as 1 detection and almost certainly an FP if no other scanners detect it.
I’ve already made it yesterday http://www.virustotal.com/analisis/02e184c3685eb5a4fb46c95cbd645a857316831264790ebac87b06353dc28071-1264878724
Thanks for removing the attachment, the last thing we want is avast possibly alerting on its own forums ;D
Yes, looks like an FP as the other detection is also using Heuristics, so submit to avast for analysis as an False Positive.
Send the sample to virus (at) avast (dot) com zipped and password protected with the password in email body, a link to this topic might help and false positive/undetected malware in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
fixed in 100131-1.
thanks for your help!
You’re welcome, thanks for the feedback.