Our company is currently running Avast in Trial mode, (Order about to be placed) and we have had an event that is probably a false positive, but I’m looking for confirmation. The timing is bad if it is a false positive as we’ve just put up a glowing case to implement it company wide.
The file reported is C:\Lotus\Notes\ntaskldr.exe
Malware: Win32:Sality-BS
Malware Type: Virus/Worm
VPS Version: 080903-0, 03/09/2008
Everyone in the company is now being affected. Is there a way to have the file, now in my chest, tested. I believe we already know how to tell Avast to ignore it if it is indeed safe.
Thanks
It could well be a false positive as a google search basically confirms the file being associated with lotus product suite.
ntmulti.exe is a part of the IBM Lotus product suite. IBM Lotus is an advanced contact management system.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.