Latest update to AVG is 'effed up!

[The Outsider]

Just ran a complete scan of my system after getting the latest AVG
update today. It deleted six files it said were infected with the same
Trojan Downloader. Just before that I ran A-Squared which found no
trojans so I knew something was fishy. Two of the files it deleted
were from AMD's Dashboard so I downloaded Dashboard again and scanned
the file with AVG, sure enough AVG said it is infected. Which is
wrong. You can get Dashboard here and test it yourself with the latest
AVG definitions. Think I'll switch to Avast because AVG just screwed
up my system.

http://www.amd.com/us-en/Processors/TechnicalResources/0,,30_182_871_9706,00.html

 

[The Outsider]

AVG just put out an update to fix the issue.
http://forum.grisoft.cz/freeforum/read.php?1,54399,backpage=,sv=

 

[David H. Lipman]

From: "The Outsider" <[email protected]>

| Just ran a complete scan of my system after getting the latest AVG
| update today. It deleted six files it said were infected with the same
| Trojan Downloader. Just before that I ran A-Squared which found no
| trojans so I knew something was fishy. Two of the files it deleted
| were from AMD's Dashboard so I downloaded Dashboard again and scanned
| the file with AVG, sure enough AVG said it is infected. Which is
| wrong. You can get Dashboard here and test it yourself with the latest
| AVG definitions. Think I'll switch to Avast because AVG just screwed
| up my system.
|
| http://www.amd.com/us-en/Processors/TechnicalResources/0,,30_182_871_9706,00.html

Assuming they are legit submit the files to; (e-mail address removed)

Another way to determine if a suspect is being falsely accused of being an infector is to
submit the file(s) to Virus Total http://www.virustotal.com/flash/index_en.html The
submission will then be tested against many different AV vendor's scanners. That will give
you an idea what it is and who recognizes it and if it is a possible false positive.

The following web page has an accumulation of email and web addresses for AV vendors to
submit samples to.
http://www.ik-cs.com/suspicious-files.htm

BTW: Avast will generate False Positives as well so switching to Avast to do nothing for
you. I am still waiting for Avast to stop falsely indicating that the Trend Micro Sysclean
utility is infected with the VBS/RedLof.

 

[The Outsider]

Assuming they are legit submit the files to; (e-mail address removed)

Another way to determine if a suspect is being falsely accused of being an infector is to
submit the file(s) to Virus Total http://www.virustotal.com/flash/index_en.html The
submission will then be tested against many different AV vendor's scanners. That will give
you an idea what it is and who recognizes it and if it is a possible false positive.

The following web page has an accumulation of email and web addresses for AV vendors to
submit samples to.
http://www.ik-cs.com/suspicious-files.htm

BTW: Avast will generate False Positives as well so switching to Avast to do nothing for
you. I am still waiting for Avast to stop falsely indicating that the Trend Micro Sysclean
utility is infected with the VBS/RedLof.

Yea, I was a bit harsh on AVG because I was pissed off but they fixed
it real quick and I restored the files from the virus vault so no
damage was done.

I tried the Panda Online scanner once and it told me two of my game
files where virii. I knew they weren't but I submitted them to Panda
anyway and of course they came back clean.

I thought AVG had deleted the files permanently and that is why I was
pissed. Didn't look in the virus vault first.

 

[David H. Lipman]

From: "The Outsider" <[email protected]>


|
| Yea, I was a bit harsh on AVG because I was pissed off but they fixed
| it real quick and I restored the files from the virus vault so no
| damage was done.
|
| I tried the Panda Online scanner once and it told me two of my game
| files where virii. I knew they weren't but I submitted them to Panda
| anyway and of course they came back clean.
|
| I thought AVG had deleted the files permanently and that is why I was
| pissed. Didn't look in the virus vault first.

As a side note, the plural if virus is viruses, not virii or viri.
http://homepages.tesco.net/~J.deBoynePollard/FGA/plural-of-virus.html
http://spl.haxial.net/viruses.html

Additionally, there was another AVG False Positive declaration that was made on the Ad-aware
SE installer reported in alt.privacy.spyware with the following note...

"We are sorry about that. It is false positive. We are working on the
solution. Please send us more information if there will be any other
false positive on your PC.

Thank you for help

Best regards,

Oldrich Muller
AVG Technical Support"

 

[Max Wachtel]

David H. Lipman [email protected] on 11/9/2005 in

BTW: Avast will generate False Positives as well so switching to
Avast to do nothing for you. I am still waiting for Avast to stop
falsely indicating that the Trend Micro Sysclean utility is infected
with the VBS/RedLof.

It's been a few years now and Avast is not fixed??? At least AVG has
made an attempt to fix the false positive issue. I guess you get what
you pay for....
max
--
Virus Removal Instructions: http://home.neo.rr.com/manna4u/
Keeping Windows Clean: http://home.neo.rr.com/manna4u/keepingclean.html
Windows Help: http://home.neo.rr.com/manna4u/tools.html
Playing Nice on Usenet: http://oakroadsystems.com/genl/unice.htm#xpost
To reply by e-mail change nomail.afraid.org to gmail.com
nomail.afraid.org is setup specifically for use in USENET
feel free to use it yourself. Registered Linux User #393236

 

[David H. Lipman]

From: "Max Wachtel" <[email protected]>


|
| It's been a few years now and Avast is not fixed??? At least AVG has
| made an attempt to fix the false positive issue. I guess you get what
| you pay for....
| max

Nope. Still the same as noted a week or so ago in a News Group.

 

[Roger Wilco]

Just ran a complete scan of my system after getting the latest AVG
update today. It deleted six files it said were infected with the same
Trojan Downloader. Just before that I ran A-Squared which found no
trojans so I knew something was fishy. Two of the files it deleted
were from AMD's Dashboard so I downloaded Dashboard again and scanned
the file with AVG, sure enough AVG said it is infected. Which is
wrong. You can get Dashboard here and test it yourself with the latest
AVG definitions. Think I'll switch to Avast because AVG just screwed
up my system.

Part of what screwed up your system was the configuration. Don't give
the AV free reign to delete a file on its own say-so that it is malware.
All AV products will false alarm from time to time - it is better to
quarantine than to outright delete for this reason.

 

[The Outsider]

Part of what screwed up your system was the configuration. Don't give
the AV free reign to delete a file on its own say-so that it is malware.
All AV products will false alarm from time to time - it is better to
quarantine than to outright delete for this reason.

It said it deleted the files but it also quarantined them so I was
able to restore the files.

 

[The Outsider]

As a side note, the plural if virus is viruses, not virii or viri.
http://homepages.tesco.net/~J.deBoynePollard/FGA/plural-of-virus.html
http://spl.haxial.net/viruses.html

I used to say viruses until other people said virii is the correct
term, but I just looked it up in the dictionary and virii is not there
so I will use viruses from now on, thx.