Hello!
The problem started with 30 Oct., 2008. After a new virus database renewal Avast started to alarming and blocking file Shellhook.dll from the program Extra Keys Assigner 2. This program (EKA2) is for rename/rebind keys in multimedia keyboards and this program is already more than 1 year on my computer, i don’t think that is a virus. Avast (4.7 Home) is about half year on my computer. Previously they do not interfere, but now Avast is >:( , EKA2 is blocked, keys not working. I tried to insert this shellhook.dll for exemptions in Avast - but this does not help.
What to do? ???
PS sorry for bad english, its not me, its google translator 
Hi…
Please see the posts from Tech (#2 and 3) at this thread here…
http://forum.avast.com/index.php?topic=15912.0
EDIT: I now just noticed you already tried excluding the file by itself. Try using the “wildcard” approach: *\Shellhook.dll
Hopefully, this will take care of it.
Best Regards…
First you really should confirm the detection (see below) and if a false positive detection exclude it from scan (and report it to avast), rather than assume if it a bad detection, that is not only the safest way, it also corrects the virus signatures (VPS) so you and importantly other avast users don’t have to exclude.
I also suspect that you have entered it in the Program Settings, Exclude, but haven’t entered it in the Standard Shield, Customize, Advanced, Add area that deals with on-access scans. If you did enter it here then post the full text of your entry.
Confirm a detection and report if a false positive detection:
Check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.
Hi…
Whoops, thanks David. It’s always good, as a precaution, to make sure the file isn’t actually infected. ;D
Just to make sure, did I type out the wildcard incorrectly or does it matter as long as it contains the asterisk?
Best Regards…
Your use of the wildcard is fine and should work, though I tend to ask what they have entered to identify it failed as they could make the same mistake again and the use of wildcards has to be carefully controlled or they could leave a whole in their system.
I would tend to go a step tighter and specify a drive and at least the programs folder C:*\TheProgram\Shellhook.dll as this file (or name) might be used by another program as can be seen by this google search http://www.google.co.uk/search?q=Shellhook.dll.
Hi David…
Thank you so much for showing me this, I confess I’m not knowledgeable on the different uses of wildcards!
Best Regards…
You’re welcome, that is the beauty of the forums, you learn something new all the time.
It would be nice to get some feedback from Nig@son.