Sure, there are actually two exclusion lists: one in program settings, affecting the on-demand scanners, and another one in Standard Shield settings, affecting Standard Shield (i.e. on-access protection) only.
I don’t know why Avast has continuously generated too many false positives from time to time, although it has no so-called heuristic detection that may (at least) lead to more false positives.
Once upon a time AVAST32 had promoted as a fast and accurate scanning so users are not distureb by false positives, now it would be good if Avast 4 does that way again, fast and accurate scanning with overall reliability.
TAP & Ylap, do you have any file(s) in particular or just chit-chatting?
crossy, please submit the file(s) in question to virus@avast.com . But Norton is not really a good indicator whether it’s really a virus or not - when in doubt, I recommend using an online service like Jotti’s http://virusscan.jotti.org
Yes, I had and it already sent to virus@avast.com from time to time and it usually fixed. But I’ve noticed too many false positives reported on this forum in the last few weeks.
I’m not saying there is a big problem for me. Just many other users complains about it. I had just one file, I’ve sent it to ALWIL, and it was everything good in the other day. No complains from me.
I send a FP to Alwil 2 days ago. Got a vps update yesterday that fixed it. Also got personal email from Karel thanking me for letting Alwil know about it.
Great job Alwil. Thanks!
To everyone (just some things to keep in mind)
Every av has fp’s from time to time. These things happen.
Every av will detect things that another doesn’t.
If you don’t let the av vendor know if there is something wrong, they can’t fix it
Not really importan, but a nice option. Avast has skins
If you don’t like the av, its detection or whatever… Get another one you do like. Noone is forcing you to use a certain av
Yeah every AV has them,but avast! has them far above the average at the moment.
Anywhere you look in the forum you’ll see complaints about false positives,some even repeat (AutoIt/RAR SFX for example,heck if you have problems with one specific thing several times you should check it each time before VPS release)
Sorry, I though you’ve expecting them from the Chest.
I’ll send them now. I mean, a group of files to be tested. Not all of them are false positives right now.
This is a side issue. I am not even sure if it is appropriate for this board, or exactly where it should be posted. Please move it if it should go elsewhere, or let me know if I should post this on some other forum somewhere else.
I greatly appreciate the link to the virusscan.jotti.org link, and I use it frequently before installing a downloaded file. However, it fairly regularly advises me there are “run-time packers” and that the “sandbox emulation took a longer time than normal to run”. This is even when all scanners report no malicious files. It even happens with some files that I am pretty sure should be clean.
It usually occurs with .exe type files. Are “packers” normally found in .zip files and/or .exe files? How serious should I take the presence of “packers” when all scans say the file seems to be clean?
Again, if this post is inappropriate or in the wrong place please bear with me. No offense is intended. Thank you.
Packers are used to compress a file to reduce download time, zip is only one compression method there are many others. Many .exe files that are compressed may be executable zip files so on double clicking the file it automatically un zips/packs into pre-set folders. This saves the user having to do a manual installation of a program.
Packers are a common feature that you will bump into regularly and avast caters for many of the mainstream packers so you should have little to worry about. So you could use the right click context scan ashQuick.exe in explorer to scan your downloads.
DavidR, thank you for your response. I did a search on packers but there is often SO much info on Google that it can be difficult to narrow it down properly. BTW, I ALWAYS right Click/Scan a new file with AVAST! before I install it ;D. That is an excellent feature.
But being on the cautious side I also use the jotti.org multi-scanner on every new program as well. I appreciate Vlk, and I think it was also Bob for pointing out this resource.
I have had very few problems with false positives from AVAST! and I am very grateful for the Free Home Version. ;D
That’s actually a good question - with no satisfactory answer.
You can be quite sure that e.g. Microsoft executables or libraries are not packed by any executable packer. The same would be true for many “big” applications (e.g. Adobe ones?). However, many authors use executable packers as some kind of protection (especially for shareware tools). Some people use rather paranoid packers (so that, for example, the program wouldn’t run in presence of a system debugger) even for freeware stuff, no idea why.
So, you should be really suspicious if you find a DLL, named like a Microsoft one, in your system folder; on the other hand, it’s rather common for shareware application executables. The “suspiciousness” also depends on the particular type of executable packer used.
Oh, yeah, you’re right.
I’d rather be false positives than poor detection rate anyway…
Let’s pray for the time when we got the #1 in detection/submition antivirus rate… 8)