Back in 2004 avast incorrectly detected Default.SFX of WinRAR as infected.
In my scan tonight avast reported Default.SFX of WinRAR as infected. Win32: Trojan-gen (Other)) with VPS 080509-0.
My version of this file precedes the 2004 date and was not detected as an error in my last scan a week ago. I just extracted the file from last months backup and avast is now reporting that copy infected as well. Looks like the same false positive has come back.
In the online scanners only eSafe reports the file as “Suspicious”. Everything else reports it clean.
Just started getting this today on my PC creating SFX Winrar files. I double checked with 2 other virus checkers and did not get a result from them. VPS is 0806-5-0.
What build of avast! (not VPS) do you have?
Can you please pack one of those files into a password-protected ZIP or RAR and send it to virus@avast.com?
Thanks!
Erm, considering all the FP issues with WinRAR, shouldn’t you guys include these (and update/add them regulary) in the clean set so they’re tested before VPS release? This is happening way too often now…
I had Two false positives yesterday for the first time ; Poker setup.exe and one for a c application i had linked ?! no idea what caused the second one it was only some opengl code … may be the Dll link had a common signature … Maybe one day every signature will say everything is a virus there will be no filtering?! :-\
Now? It hasn’t happened for quite a long time already, except for the one for alanrf, which was actually caused by changes in UPX unpacker.
And yes, there’s a huge amount of WinRARs on our clean set - all we could find. Of course, we’d be interested in any other…
DaveParsons: What WinRAR version exactly is that?
Also, what malware was reported there?
Chads: as I said previously - can you please pack the files into a password-protected ZIP or RAR and send them to virus@avast.com, with “False alarm” in subject and the password mentioned in the e-mail body?
Thanks.
(What malware was reported in your files?)