I had a pop up saying “Threat Detected” but Avast had not allowed the file to be opened. Just as a precaution I ran a quick scan. The attached screen capture has my results. Are these false positives?
I have not put them in the chest yet in case they are. Any further instruction would be extremely appreciated!
upload suspicious file(s) to www.virustotal.com and test with 40+ malware scanners
when you have the result, post link to scan result here for us to see
you may also post a screenshot of the avast warning
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here, post the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to Open the chest and right click on the file and select ‘Extract’ it to a temporary (not original) location first, see below.
Create a folder called Suspect in the [b]C:[/b] drive. Now exclude that folder in the File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste) C:\Suspect*
That will stop the File System Shield scanning any file you put in that folder.
####
If only GData and avast detect it - GData uses avast as one of its two scanners so counts as 1 detection and almost certainly an FP.
Send the sample to avast as a False Positive:
Open the chest and right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update. A link to this topic wouldn’t hurt.
@@@@
In the meantime (if you accept the risk), add the full path to the file to the exclusions lists (see Note below): File System Shield, Expert Settings, Exclusions, Add and avast Settings, Exclusions
Restore it to its original location, periodically check it (scan it in the chest), there should still be a copy in the chest even though you restored it to the original location. When it is no longer detected then you can also remove it from the File System Shield and avast Settings, exclusions lists.
Note: When using the Browse button it only goes down to folder level accept that. Now open the entry in the exclusions and change the * to \file_name.exe where file_name.exe is the file you want to exclude.
Certainly looks like an FP, submit the files to avast for analysis as outlined in my last post.
You would have to either allow avast to send them to the chest or manually add them to the chest (this just makes a copy in the chest, the original stays in location).
If manually adding them open the chest and select add to chest (see image), then submit as per previous instructions. Your choice if you wish to add them to the exclusions so photoshop would have those droplets available.
The computer emits an audible “ding ding ding, Threat has been detected” some time after midnight - I assume due to an Avast! automatic scan. I don’t think I have anything scheduled to run just at that time, but there are bunches of things Windows itself does between 12 and 1 am. I do see that the avast! Emergency Update job is scheduled for 12:43:39 am.
Funny thing, but a manually initiated scan of the listed folder does not turn up a threat. Interesting that the message implies something about another process holding onto the files.
These are not files I run (or have ever run). They’re sample executables provided with Photoshop 6.0, which I don’t use much any more - just for testing.