Friday, December 4, 2009

Is Avast! producing false positives?

I got a bit of a shock yesterday morning when I received about 5 calls within the first hour of the day, all reporting similar PC virus infections, all diagnosed by Avast! Anti-Virus.

Now Avast! is actually my current anti-virus package of choice, and the one which I recommend to all of my clients and colleagues daily.
The fact that there is a free edition is a huge bonus, and from my personal experience I have found that Avast! detects and successfully repairs infections that a lot of other AV software cannot.

In addition, Avast! is not terribly resource hungry, and it includes a boot-time scanner which is a hugely useful weapon in the arsenal of virus hunters the world over.

Anyway, somewhere in the middle of the panicked calls that I was receiving, I was rudely interrupted on my own PC, by none other than old faithful - Avast! AV.
I was warned that a program I was attempting to open was in fact infected by the Win32.delf [Trj] Virus.
Right about here the bells started to ring (in my head only - it's not Christmas just yet), and I recalled hearing the word "delf" during some of the frantic conversations of my morning.

Long story short:- thankfully the apparent virus did not produce any ill effects on my or my customer PC's, which leads me to believe that yesterday's Avast! Definition update was somehow producing false positive results (i.e. detecting infections where there were none).
Simply taking the "No Action" option each time Avast! bleated at me, seemed to do the trick.

After today's update there appears to be no further issue on this front.
I would be interested to hear if anyone else has had any otherworldly experiences with Avast! over the past few days...?


Post a Comment