Happened today. Nothing seems to be weird with the machine, I’ve done some other scans, nothing positive. Uploaded the EXE to Virus Total as well, 2/39 (Avast and GData) marked it as Win32.Malware.gen, but I hear GData uses Avast’s “database” too.
So looking at that, 99% a FP then? :
Thank you for all the hard work here, Avast is really good and I install it on all my clients’ and families’ machines.
Can you inform the file as being a false positive? (click on the bottom right of the virus warning message).
To know if a file is a false positive, please submit it to VirusTotal and let us know the result. VirusTotal has a file size limit of 10Mb. You can use VirScan also.
If it is indeed a false positive, send it in a password protected zip to virus@avast.com. Please, mention in the body of the message why you think it is a false positive and the password used. Thanks.
As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button…
You can use wildcards like * and ?. But be careful, you should ‘exclude’ that many files that let your system in danger.
Because of heuristics a couple of e-recovery files were detected and are probably FP’s.
In your case this is an acer file - please check your file against following data to see whether it is genuine.
HidChk.exe - diagnosis information on HidChk.exe
File Name
HidChk.exe
MD5 Checksum 0c793426ca0b48c4ecabc1a00e77e6e1
File Version 3, 0, 0, 18
Description Check and Diagnose HidChk.exe immediately. The file HidChk.exe is likely a legitimate Windows file or a disguised threat. As malicious PC threats may delete legitimate files and then pretend themselves to be normal files to compromise system, it is highly recommended to run an scan against virustotals.com or jotti to check for the file HidChk.exe see if it is genuine.
Copyright Information Acer Incorporated. All rights reserved.
Product Name HidChk
Product Version 3, 0, 0, 18
Vendor’s Name Acer Inc.
Notes - probably FP,
I really hope they will correct this real soon, else it will be new: “avast to detect genuine files as malware”.
Avira was reported to have such a period with critical executables flagged falsely, this made the news in the security forums. In the previous century DrWeb had a scanner renowned for loads of FP’s. a-squared free is still shunned by users because of the number of FPs, despite of their new Ikarus scanner…
…Oh, I just saw a new iAvS update, maybe the FP’s were corrected…
I still cannot get hold of the laptop. Will have to do this tommorow since it seems the owner locked herself (don’t worry. family!) in bedroom and I’m unable to retrieve it, despite me telling her not to lock the door or at least leave the laptop out.
However it seems to be a FP for sure as someone just also reported (as above) ;D