Avast today is reporting a blocked trojan horse
Avast today is reporting a blocked trojan horse...
Infection: JS:Blacole-AV
Object: C:\Users\Dave\AppData\Local\...\global-e2e.merged-min[1].js
Process: qbw32.exe
70
4236
cOWIYG8qWr4yhaaczvtLbK
08/28/12 5:34am PDT
Viewed by asker 08/28/12 6:15am PDT
Viewed by asker 08/28/12 6:15am PDT
22 Replies
08/28/12 6:29am PDT
I have no answer but I just got the exact same problem 1/2 hour ago. No idea what's going on
08/28/12 6:43am PDT
Just a heads up, I went to the Avast community forums and people are reporting this all over the place. It seems to be since Avast did an update this morning. A lot of speculation is that Avast is reporting a False Positive, but there hasn't been anything official on that yet.
08/28/12 6:46am PDT
Yup same thing here. I hope this isn't an issue with working in QB today.
08/28/12 6:47am PDT
Exact same message here as well. Avast keeps finding every time open different or same company file!! All computers doing too!
08/28/12 6:49am PDT
Seems to be running ok but I have to re allown a few scripts to run which makes me nervous
08/28/12 6:54am PDT
Our Quickbooks seems to be running fine with it being blocked Slows my entire computer down when I attempt to run Quickbooks
Rustler
Questions asked: 135
Questions answered: 53734
Points earned: 135399
Questions answered: 53734
Points earned: 135399
Allstar
Advisory council of community power users.
Intuit Moderator
Mod/Co-mod
08/28/12 6:59am PDT
I got the same warning and submitted a false positive
have to wait and see what a future update will be, avast updated today before I ran QB, I have a feeling that is the problem
If I've helped, mark it solved.
My QB tips Blog >> http://onsale-apparel.com/Rust...
Targeted Tutorials - one problem - one solution>> http://community.intuit.com/po...
My QB tips Blog >> http://onsale-apparel.com/Rust...
Targeted Tutorials - one problem - one solution>> http://community.intuit.com/po...
08/28/12 8:02am PDT
another update from the Avast community Fourm:
A false positive is being reported in QuickBooks executable QBW32.exe and is hosing everything up.
Object: c:\users...\global-e2e.merged.min[1].js
Infection: JS:Blacole-AV [Trj]
I scanned the system with HitMan Pro and no problem was found.
Putting in an exclude in the File System shield to exclude path c:\program files\intit\quickbooks 2012\ did not help.
The user was also getting a message for AvastUI.exe: "The instruction at 0x776e2cc7 referenced memory at 0xe9e0f933. The memory could not be read."
PLEASE FIX YOUR MALWARE DEFINITION FILES ASAP.
Using Avast Free. When they have false positive issues like this, it's never something minor.
08/28/12 8:03am PDT
Microsoft.com says the threat is real. The following Microsoft link provides some information for fixes: http://www.microsoft.com/secur...
08/28/12 8:21am PDT
The treat is real but it could be a false positive based on the way QB utilizes JS. The threat that you sited was back in Jan 10, 2012 | Published: Dec 27, 2011. The qbBw32.exe might not play nice with the way avast's scan engine interprets the execution of the file. it will error on the side of safety if it resembles virus like activity for your protection...
08/28/12 8:36am PDT
Strange activity in QB after trying to load it today. Avast says it blocked the virus-QB worked fine on my first try this AM, but now is not opening properly (or at all).
08/28/12 8:45am PDT
I updated my Avast program and it's working fine now. My version of Avast is now 7.0.1466
Go to the avast console on your task bar or in your program menu, once it's opened click on the Maintenance tab, look at the bottom of the screen and there will be a button to update your program. Look to see if your version is 7.0.1466 if not then update. (Requires reboot so save your docs!)
After i updated and rebooted i can open QB without alerts...
08/28/12 9:00am PDT
Thanks OBPS. I updated Avast and worked! I didn't even have to reboot to get error to stop every time opened a company file in Quickbooks (although I will anyway). Not a good way to start your day!
08/28/12 9:15am PDT
Even if your version says 7.0.1466 still click update- it fixed the problem for me.
08/28/12 9:31am PDT
Seemed to work ok for me as well , but I updated both sections towards the top is update engine and virus definitions then below is update program I did both.
