False postive from yesterdays update “[Chest] Mail\Inbox<Subj: FW: updated .dll>\config.dll”
and has been submitted. The program comes from a trusted source.
Exclusion are not excluding, and appears to be a known issue / bug.
The customers are waiting on us to get a resolution (more than one). We have disabled resident protection to stay in business. Please fix this DAT ASAP, and let me know when to turn on protection.
We NEED a “Go to a previous DAT” button, where we can go back to one or more DAT files to get working again until False Positive is fixed. This will remove the “emergency” issue, and customers can self heal.
There never were any exclusions for the e-mail scanner, as far as I know.
And regarding the customers “healing” themselves… well, remembering the enormous amount of malware being reported as false positives, there would be many more of those who’d actually get infected. So personally I’m all against such a feature.
But there are other means being worked on that will make it possible (for example) to distribute such fixes faster.
A “go back” button, today, would have saved countless hrs of time. We are running now with NO protection, so which is worse, Igor?
Were talking being in or out of business here. I read in the forum today, where avast! resellers had lost major clients due to the FP we had several months ago. I flagged 20 or so calls that day, over that FP.
Give us a “Go back” button will save us!
Business contituity is our job 1, stopping infections is our job 2!
I’m just saying that in my opinion, that feature would help a few, but simultaneously hurt many more.
Besides, thinking about it… it could occasionally cause mysterious problems to the program itself - as time travel backwards often does.
Milos created several new DAT updates, of which the second would allow the file to be copied and emailed. However, when the application was launched, avast! was somehow still blocking this file (same "control.dll is infected and blocked.) What do you think would be our next step. If it’s in the whitelist, how could this be possible? Is some shield ignoring the whitelist? Do I have to reboot the server, ADNM, and workstation?