idp.generic false positive - Batch files keep disappearing - Users cannot log in

Hello!

At the moment we are experiencing massive problems as Avast is moving .bat batch files used at logon time to the virus container. Those files should sit on the local hard drive and on the server. They are bot moved into the workstation’s virus container. They are detected as IDP.generic but are definitely false positives.
I have put *.bat on the exception list and have disabled behavior control but the problems still go on. This has been going on for over a week now.
Simultaneously we are having problems with defective default user profiles on Windows 7. Users cannot log on any more. I have to copy a “clean” default user profile to the machine to make the problem go away. I don’t have proof that Avast is the problem’s source here, but the problems started simultaneously to Avast moving Bat files into the virus container.

By the way, on my home machine I have Avast Free Antivirus. Guess what? It killed my BAT file which I use to mount my NAS device. Also IDP.Generic false positive. The file only contains two “net use” commands, no delete commands. This machine has nothing to do with the network in my workplace. It seems that Avast has a huge problem with batch files at the moment.

Help, anybody?!?

Thanks in advance and best wishes,

Stefan

You can report a suspected FP here: https://www.avast.com/false-positive-file-form.php

Yes, I have also experience this IDP false positive with one of my programs at school. I have submitted two files to the Avast False Positive team, and they said they whitelisted…but we still have the problem. I like progress and getting software updated, but this version 17.2 has been bad for many many people for lots of different reasons.

Just bumping to the top. IDP.Generic is still a problem for legit files that have already been excluded in local Avast profile behavior shield settings and file shield settings. Very frustrating. And even more frustrating, the “restore” function from Avast admin console does NOT work.

See Reply #1.

I think you misunderstand. I wanted to make the Avast crew aware that Device Settings with exclusions are still not working. I don’t want to nor should I need to submit different batch files for false positive “whitelisting” each time I make a change. The Avast program itself is not acknowledging its own exclusion rules.

I have noticed this as well. I have whitelisted several files using every form of syntax/wildcards I can imagine, and the files are still being flagged.

Contact business support: https://support.business.avast.com/hc/en-us/requests/new

You can set exclusions and/or disable IDP in the console. I believe Behavior shield contains the IDP part.