Ken Cox Posted December 20, 2011 Report Posted December 20, 2011 Ken,Thanks, but I can't reproduce this issue on my computer. I installed latest AVG Anti-Virus Free Edition 2012 with latest updates and it shows nothing for this file (FLIGHT OVER OAHU). This show created in PicturesToExe 7.0.2I also uploaded sample shows created in PicturesToExe 7.0.0, 7.0.1, 7.0.2, 7.0.3 to VirusTotal.com service and AVG has no detections.IGOR the screen shots in this thread do not lie avg is nailing 3.65 stuff - even my reg keythe tutorials that were written be your staff -- written with ver 5 era are being picked upthe show that i reported at 02:00 am was picked up ,after another dat update a few hrs later it was ok - -we are are publishing the data for you as soon as possible --but if you dont read the thread for a few hrs the problem could be goneken
Ken Cox Posted December 20, 2011 Report Posted December 20, 2011 AVG 2012.0.1890DAT 2109/469213 TROJANSSAME AS EARLIER SCANSKEN
Conflow Posted December 21, 2011 Report Posted December 21, 2011 PROBLEMS WITH AVGHi Guys,I have just read the current thread about AVG-Problems and then decided to do some investigations, results as follows:-1)An exhaustive search for "TrojanHorse BackDoor.Generic14.CDXE" yielded no results what so ever excepting the word "Generic" which raised distant memories of a descriptive nature which always implied that a problem was "Generic to an Op-System".2)I then investigated the File-Naming structures used by many Forum-Members and not to put too fine a point on it many of the'attachments' showed File-Names containing "Invalid and/or/ Reserved Characters" which should never be used in File-Titles.The repetitious the use of symbol: \ (Backslash) and repititious File-Name will cause problems with any Anti-Virus as thatmimics a typical Trojan characteristic of multiplicity such as when a Trojan multiplies itself again and again.... See Microsoft-Article No: 177506 (Invalid-Characters) below.See Microsoft-Article No: 826763 (Access: Reserved-Characters) belowI fear that the current spate of AVG False-Positives may be nothing more that AVG's sensitivity to File-Naming protocols.Brian (Conflow)
David Porter Posted December 21, 2011 Report Posted December 21, 2011 PROBLEMS WITH AVGAn exhaustive search for "TrojanHorse BackDoor.Generic14.CDXE" yielded no results what so ever excepting the word "Generic" which raised distant memories of a descriptive nature which always implied that a problem was "Generic to an Op-System".Brian (Conflow)When I had AVG and it picked up Trojans, I always searched for them and never found any on any database including AVG's. How can they find a Trojan that does not even appear in their own database?
David Porter Posted December 21, 2011 Report Posted December 21, 2011 Just a thought - has anyone had a problem with AVG throwing out .exe files for no good reason from any other source other than PTE?
Conflow Posted December 21, 2011 Report Posted December 21, 2011 When I had AVG and it picked up Trojans, I always searched for them and never found any on any database including AVG's. How can they find a Trojan that does not even appear in their own database?Mickp,Mick you have put your finger on the button....for thats exactly what is happening with AVG and everything I have investigatedso far points to some anomaly in the way it handles File-Naming protocols. This comes as no surprise to me as I had seen thesame pattern in (older) Anti-Virus Programs some years ago.Your aware most AntiV-Programs use 'Heuristic-Technology' a posh word for 'pattern-technology' where as the AVG-Program ismonitoring for "Repetitive File activity" (similar to Trojan-activity) and if it cant resolve an unknown issue it 'Auto-Flags' that as suppositious and then auto-generates a File-name whose title is nearest to that which it knows best. The word 'Generic' is thecrucial clue in that suspected Trojan...in this context "generic" means that its a System misunderstanding and in all probability does not exist.AVG is trying to tell you that it has found something it does not understand and it has brought that to your attention....but in the meanwhile it has stopped execution of that File for safety reasons.Brian (Conflow)
fh1805 Posted December 21, 2011 Report Posted December 21, 2011 Just a thought - has anyone had a problem with AVG throwing out .exe files for no good reason from any other source other than PTE?Mick,I don't recall seeing anything other than PTE created exe files being reported here on the forum. This point hadn't passed my notice. It is, therefore, somewhat inevitable that part of me wonders whether it might be evidence of something sinister towards PTE: some kind of attempt at commercial sabotage, perhaps?; not necessarily by AVG themselves but possibly using them as an unwitting agent.regards,Peter
fh1805 Posted December 21, 2011 Report Posted December 21, 2011 ...I then investigated the File-Naming structures used by many Forum-Members and not to put too fine a point on it many of the'attachments' showed File-Names containing "Invalid and/or/ Reserved Characters" which should never be used in File-Titles.Brian,My experience is that Windows (Vista and 7) will not allow me to save a file if its name contains any of the "Invalid and/or Reserved Characters". So this seems to me to be a "red herring".regards,Peter
Antbrewer Posted December 21, 2011 Author Report Posted December 21, 2011 My two pennyworth.I don't pretend to understand much of what has written about over the last few posts about 'invalid characters' etc but why is AVG picking up old exe files that haven't changed name and treating these as trojans etc?.They played perfectly well previously and for me it is only since V2012 that this has started.Sorry if this question is obvious to the learned bunch.Anthony
Lin Evans Posted December 21, 2011 Report Posted December 21, 2011 Hi Peter,It only takes a trip to the AVG forum to see that this is certainly not limited to PTE - AVG is finding false positives on installs like Chrome, Quicktim, Malwarebytes, etc. This is a widespread issue and people are getting fed up with it. Read some of the posts here:Here's a sample:------------------------------------------------------------This is the owner of YouTube Downloader.What is the escalation process for getting this false positive removed? While the AVG antivirus engine is no longer flagging our files, AVG Identity Protection is still flagging our installer as "Dropper.Generic2.CKPF". If you choose to put it in the vault, AVG then completely removes the entire YouTube Downloader application, not just the flagged installer file.It's been almost 2 weeks since AVG first started flagging us. I have filed a support request (AVG#0001396015) one week ago, and had two iterations with the support staff so far with no joy - they are unable to reproduce the problem despite my repeated instructions. I am tired of receiving emails from the AVG support staff which are void of any technical expertise, trying to solve AVG's mistake.What are my options to get this resolved short of releasing a new YouTube Downloader application asking my several hundred thousand users to file false positive reports with AVG until this is fixed? This is costing me time, users, and reputation, and my patience with AVG is growing thin.Thanks,Biennesoft----------------------------------------------------Here's a link to the thread:http://forums.avg.co...=show&id=139985Best regards,LinMick,I don't recall seeing anything other than PTE created exe files being reported here on the forum. This point hadn't passed my notice. It is, therefore, somewhat inevitable that part of me wonders whether it might be evidence of something sinister towards PTE: some kind of attempt at commercial sabotage, perhaps?; not necessarily by AVG themselves but possibly using them as an unwitting agent.regards,Peter
Conflow Posted December 22, 2011 Report Posted December 22, 2011 Peter and Lin,Firstly I dont believe its something 'sinister' about AVG being a carrier ~ its my opinion that its to do with the latest 'Heuristic-Engine' being used by AVG and its not confined to AVG because Avast is displaying the same characteristics and thats the reason we ditched it after 3 years of service and we now use Microsoft Security-Essentials ~ no problems at all.Having said that, MS-Essentials operates in a totally diffferent way to all other Anti-Virus Programs, its certainly more intelligent.Peter, yes you are correct about Invalid-Characters and Windows-7 ~ but Win.7 is no exception because the Rules have been theresince the inception Microsoft-Windows and I was writing in the context of "Full-Filename Pathways" as seen on the HD and seen by the AVG-Program ~ not those simple File-Names given to Files by their owner. I was referring to the 'Full-Filename' Pathway of the PTE.Exe's which can become ambigious unknown to its owner and if there is any simularity-repetition with other Files then AVG and Avast will mistakenly quarantine them as (repetitive) Trojans because they cant resolve the ambiguities which I have found out from bitter experience. To make a long story short both AVG and Avast's (latest) Heuristic-Engines seem to think that 'near-duplicate' HD-Filenames and File-Sizes and Dates are suspected Trojans...Examples shown below.Brian (Conflow)
Barry Beckham Posted December 22, 2011 Report Posted December 22, 2011 I think AVG should be congratulated. They have given you all so much enthusiasm to write reams on this topic Note to self. I wonder who will tell me this is a serious matter doing damage to AVG and PTE? :lol: :lol:
Igor Posted December 22, 2011 Report Posted December 22, 2011 I apologize for this problem! I'm trying resolve these false positives with AVG antivirus.P.S. Personally I prefer free Microsoft Security Essentials which works *very well*. Fast, no annoying popup windows, and it doesn't slow down work of a PC.
miet Posted December 22, 2011 Report Posted December 22, 2011 I apologize for this problem! I'm trying resolve these false positives with AVG antivirus.P.S. Personally I prefer free Microsoft Security Essentials which works *very well*. Fast, no annoying popup windows, and it doesn't slow down work of a PC.Hi,I have uninstalled AVG and installed Microsoft Security Essentials, and ... problem resolved (I hope).Thanks,Miet
Ken Cox Posted December 22, 2011 Report Posted December 22, 2011 I apologize for this problem! I'm trying resolve these false positives with AVG antivirus.P.S. Personally I prefer free Microsoft Security Essentials which works *very well*. Fast, no annoying popup windows, and it doesn't slow down work of a PC.Igoryou are going to rely on forum members who have not abandoned AVG to continue checking it's operation every time you issue an updateand the people that are running out of date versions of PTE and AVGwell lets hope they sort things out asapken
fh1805 Posted December 22, 2011 Report Posted December 22, 2011 One final post from me. I've jumped ship, bitten the bullet, taken the plunge, etc., uninstalled AVG and installed MSE. It took just under 15 minutes from start to finish. I shall watch this topic with detached interest from here on.regards,Peter
Antbrewer Posted December 22, 2011 Author Report Posted December 22, 2011 I might follow you Peter over the next couple of days.Anthony
fh1805 Posted December 22, 2011 Report Posted December 22, 2011 Anthony,If you do, ensure that you have downloaded the correct version of MSE for your operating system (32-bit or 64-bit) before you remove AVG. Make sure you close down all Internet access while you effect the changeover - to minimise the possibility of a rogue getting in while you have no defences. I downloaded and ran the AVG Uninstaller provided by the AVG website, rather than do a Windows uninstall. I put both the AVG uninstaller and the MSE installer on the Windows desktop rather than in any folder. The AVG uninstall seemed to pause at one point and I wondered whether it had hung; but I remained patient and it ran through to conclusion in about 5 minutes elapsed. It wanted a re-boot to tidy up the last loose ends. This re-boot required me to OK the resumption of the AVG uninstaller - so don't walk away when the re-boot happens!I then took all the MSE Install default options during its install. It automatically "phoned home" to download the latest versions of everything it needed and then I let it scan the C: drive (c96K items in just under 10 minutes).All totally painless - and no infections found in the system files. I intend to run a custom scan on my two "backup" drives this evening after adding todays's backups to them. At the weekend I'll do the same to the weekly backup drive after adding this week's increments. At that point I'll have the best reassurance I'm going to have that the disks are all free of infection (I'm not expecting any surprises but you never know).regards,Peter
fh1805 Posted December 22, 2011 Report Posted December 22, 2011 Brian (Conflow),I have moved your tip about MS-Esentials into the topic for that software (see here under Off-topic forum)regards,Peter
Igor Posted December 23, 2011 Report Posted December 23, 2011 I checked up all my collection of slideshows with AVG free (updated today).About 700 files created in different versions of PicturesToExe since v1.0.AVG found false positives in 3 slideshows created in v4.40 Beta 8. I sent sample files to AVG company.Please upload sample files for me, if you have problems with false positive with your slideshows in AVG.
Ken Cox Posted December 23, 2011 Report Posted December 23, 2011 IGORAS PER YOUR REQUESTCHECK YOUR EMAILto the best of my ability I have put the old stuff that is showing infected up to mediafirehttp://www.mediafire.com/?6ly0mkvt1ii6itithere are still the old shows that I put up this summer that MS essentials class as infected PROVEN OUT BY DaveG, Frets3,Gerard etc, so as far as I am concerned this MS "JOHNNY COME LATELY" IS NOT TO BE TRUSTED EITHERFrom: KEN COX [mailto:pbyk@sympatico.ca] Sent: Monday, August 22, 2011 8:42 AMTo: IGOR KOKAREV; KEN COXSubject: test shows to media fireIGOREARLY V4 there were a couple shows that caused us grief - false positives -the other day i sent them to a friend to view - they were classics well apparently the MS anti virus program Microsoft "Security Essentials" called them Trojans, http://www.mediafire.com/?7l01fdxqw9f401pi put them up to mediafire - in one zipkula and peru 2005 - 2006 erai use them to test whenever a false occursif you need them use the link aboveken
Ken Cox Posted December 23, 2011 Report Posted December 23, 2011 FOR THE DIEHARD AVG USERSforgot to mention avg did a program AND a dat update last nighti am now AVG 2012.0.1901DAT 2109/4697 AND THE SCREEN SHOTS of the scan that i published this morn was done in 13 sec's -- i cant say wht my previous scans were but they were minutes not secondsken
colin hill Posted December 23, 2011 Report Posted December 23, 2011 Hi Ken,I am now: AVG 2012.0.1901 DAT 2109/4698Colin
Igor Posted December 24, 2011 Report Posted December 24, 2011 Answer from AVG to my previous inquiry:Dear Sir / Madam,Thank you for your email.Unfortunately, the previous virus database might have detected the mentioned virus in some legitimate applications. We can confirm that this was a false alarm. We will release a new virus update removing the false positive detection of the mentioned file. When the update is completed, AVG will automatically restore the falsely detected file from the AVG Virus Vault to its original location.We apologize for any inconvenience.Best regards,Mark Joseph CapicioAVG Customer Serviceshttp://www.avg.com
Ken Cox Posted February 10, 2012 Report Posted February 10, 2012 i have just completed scanning all my p2e shows and p2e programs on the xp and win 7 system from ver 4 p2e era to present using avg 2012.0.1913dat 2112/4800and had no false positives so maybe we got it finally good work Igormembers should remember that if their avg is not current their results could be differnt than mine ken
Recommended Posts