As of today’s Avast signature update (110414-0), we are having problems with UNIDRV.DLL being detected as Win32:Malware-Gen. The file in question appears to have not changed since 2008. Is this a bad set of signatures pushed out by Avast?
You can report a FP here: http://www.avast.com/contact-form.php?loadStyles
We are also experiencing this issue today and it’s causing us a few headaches with staff moaning at us that they can not print any documents.
I’ve already reported the false positive and got a call logged with avosec support.
At least I know we are no longer alone on this issue lol ;D
Hello, any news about this issue?
All our customer with Avast Antivirus are reporting same problem, other customer with any other AV software are not.
Avast customer are sincerely thinking to change their software, could we find a fast workaround?
thank you to all
We have the same problem.
Guys, if you already reported it to avast, it’ll be fixed asap…!!
asyn
no FP on that file here with VPS 110414-0
edit: yeah okay that’s on a W7/64 version of the file, and the issue seems to be on XP, so my scan is not relevant.
I’ve got faith that this will be fixed quite promptly, Avast have never let me down in the past
Hi
I have the same problem too with XP SP3 machines.
Avast moves the unidrv.dll file to the chest.
If you then restore the file and try and print it locks the machine up.
If you then reboot it moves the file to the chest again.
Do you know how the problem will be fixed? Will a new definition be released and propagated? If so will that file restore the unidrv.dll file to its original folder?
Thanks
Andy
It only seems to be on Windows XP and the complete path to the file that we have is:
C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
We are having the same problem here; the only way to make the clients print again is the following:
- logon as an administrator
- disable avast realtime protection
- reinstall the printer driver
- logon again as the user
Of course this is a bypass and leaves you with no protection and I really hope the virus definitions are updated very soon!
Michele
@ logos:
it depends to which version of unidrv.dll you have. We submitted a version which report the problem. Perhaps some bytes in that file are same as real malware…
yes I edited my post above
Yes it is the exact file being detected here as well! (all clients are XP SP2 or SP3)
By the way not all clients are having the problem even though they have the very same definitions…very strange indeed!
Michele
[quote author=Logos link=topic=76220.msg630381#msg630381 date=1302776957]
this post is growing very fast ;D
Just checked it, I don’t get this…???
See screenshot.
asyn
Some clients of ours are also having these problems.
They’re working on managed 4.8 clients. I’ve suggested adding the printerdriver as an exclusion, I’ve had no reply yet if that works.
I hope this problem gets fixed soon.
It seems to happen to several configuration but not all, in some networks we have problems on all clients, on other only with a few clients.
another our customer reported it on a Vista machine:
Are all reports here related to avast 4.8 versions…??
4.8.1061.0 here