Hi,avast team,
Thank you very much for nice anti-virus soft.
I use RealSoftware’s Realbasic.
But avast4.8home edition(VPS:090202-0) report that realbasic ver5.5.4J has trojan.
I think this is false detection.
http://down11.ddo.jp/uploader/download/1233603155.zip/attatch
download pass is “0”,and after check,push download button,and download start.
Please invastigate.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.
I am also getting this warning, and did report it as a false positive (I’ve had this copy of the RealBasic ide for many years now, I’m pretty sure it is not infected with anything.
. I also tried adding that to the exclusions list in the resident shield, including different parts of the line you see after file name, and still the warning comes up.
. Where am I making my mistake?
****edit: Never mind, figured out the exclusion process.
*****edit 2:
. I went to that site linked in your reply, unfortunately, RealBasic is a complete programming IDE, and apparently a little too large for them to scan.
Bigger than max permited size / Mayor del tamaño máximo permitido
I don’t know where you are going wrong as you don’t show what you entered in the standard shield exclusions (worth a look if you have used wildcards it could leave a hole in security) ?
You need to enter the full path, as you say you have now figured it out.
However, exclusion isn’t resolving the problem, just avoiding the alert, if you are sure it is an FP then you should report it so it can be properly corrected in the signatures.
Send an email to virus@avast.com with a link to this topic might help and possible false positive in the subject and a link where this version can be downloaded.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already in the chest) and send it from there (select the file, right click, email to Alwil Software). Give the same information you gave here if enough room (possibly not) or a more general inof and link to this topic.
The new submission process doesn’t actually email it but uploads it to avast during the Auto or Manual update process. So if your on broadband that would allow you to upload it directly to avast for analysis.
. Yah, I started out with the complete reported name, then shortened it to the folder that contained the exe file, just in case it was something else in the RealBasic folder, what I eventually figured out was that I needed to exclude the actual exe that is the ide.
However, exclusion isn't resolving the problem, just avoiding the alert, if you are sure it is an FP then you should report it so it can be properly corrected in the signatures. Send an email to [b]virus@avast.com[/b] with a link to this topic might help and possible false positive in the subject and a link where this version can be downloaded.. I am pretty sure, as I say I've had this programming suite since vers 5.5 was released, that was a number of years ago. However, that would only be empirical evidence, not proof, when the positive came up, I used the reporting tool provided from the dialog box. . If it would be better to actually send them the offending file, it would be a little hard to do since the file in question is 39+ megs in size. It would have to be some kind of direct transfer, I know no email program I have could handle it. . For similar reasons, it would be next to impossible for me to provide a link to the file in question, this suite has been unavailable for years as when the company provides a new suite (i.e. RB2006, 2007, 2008, etc) they remove the older versions from the site and that site is, as far as I know, the only place aside from users to get the file.
Of all the soloutions, this will be the easiest aside from the Avast program dialog for which I already sent, now I just need to figure out how to link to this topic ;D
The new submission process doesn't actually email it but uploads it to avast during the Auto or Manual update process. So if your on broadband that would allow you to upload it directly to avast for analysis.. This also sounds like a good alternative, thanks for the information -^)
You can upload the file to ftp://ftp.avast.com/incoming
Wow, that was a fast response! I was still trying to figure out the linking email thingie !! Thankyou :o
Fast is what the avast forums are by comparison to other forums ;D