The following tools i use for remote administration and where falsely identified by avast home edition as infected:
XCMD.EXE
PSEXEC.EXE
I am not amused when my virusscanner starts deleting important tools which are completely legal and have been widely used by lots of people for years now.
If you guys recently have changed your policy regarding remote admin tools, please do tell me, because i will be definitely be changing to AVG if that is the case.
I donāt see the deep reason to judge an antivirus for the complete absence of false positivesā¦ You can go to AVG and you will lose avastā¦ get less support, has a poor update method, etc.
As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the āaā blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add buttonā¦ You can use wildcards like * and ?. But be carefull, you should āexcludeā that many files that let your system in danger. After that, please, periodically check it - scan it into Chest, right clicking the file - there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected as being infected then you can also remove it from the Exclusion list.
Can you send the samples to virus@avast.com ?
You can zip and password the filesā¦ Inform a link to this thread and the password used.
You can send the files to Chest and, from there, resend to Alwil for analysis.
You donāt mention what the malware name is associated with the files ?
avast isnāt the only AV/anti-spyware to detect this, the problem being it is a tool which may possibly be used for good or evil.
Call it either a false positive or a mis-clasification.
psexec.exe is a launch tool from sysinternals used to launch processes on remote machines
AVG nor any other AV is immune to false positive detections. avast has on a number of other tools put the suffix [Tool] on the malware name to indicate that it is a tools, which if you installed it then it is likely to be OK, but if you didnāt install it then it could be malicious, the problem is avast canāt tell what the intention is.