Jump to content
WnSoft Forums

AVG 2012

Antbrewer

By Antbrewer
in General Discussion

 Share

Recommended Posts

Antbrewer Senior Member

Antbrewer

Posted
  • Author
Posted

Me again DG,

Just an update on my last post,the friend I mentioned who rang this morning with this Trojan horse found later this afternoon that it was a copy of an AV I gave a few months ago. The same AV exe file that I have lost with others as well.

To my 'simple' reasoning this would confirm that this is down to AVG and the lastest updates assuming that the perfectly harmless PtE exe files are infected.

I'm off to Aussie in a few days so hopefully by my return this will have been sorted out.

I have great faith in Igor....and his team.

Anthony

Peter I have just seen your reply. Thank you. I have both the paid version and the free one. Exactly the same data base as yours also and both my versions are problematical. I don't feel it can be my computer because of the trouble my friend is experiencing.

Link to comment
Share on other sites
  • Replies 199
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Ken Cox Advanced Member

Ken Cox

Posted
Posted

TEST DONE ON

New show Victorian Town - Ironbridge

I UPDATED AVG AT 02:34 AM NOV 20 2011 ON WIN 7

2012.0.1872

2092/4625

I DOWNLOADED Victorian Town - Ironbridge

SHORTLY AFTER AND TESTED IT 0K

I JUST NOW CHECKED AVG FOR AN UPDATE 15:30 - I WAS STILL UP TO DATE

WE DONT KNOW WHAT VERSION MR KING IS USING TO MAKE IT

WILL RECHECK MY XP SYSTEM AND ADD DETAILS

Link to comment
Share on other sites
Gérard de Lux Advanced Member

Gérard de Lux

Posted
Posted

On our French DiaporamaForum, we have quite regularly members reporting the same problems (Trojan Horses malwares found in .exe files) with either Avast, AVG or Kaspersky anti-virus softwares (I think that they share the same engines and databases). In 95% of the cases, after complaints sent to the said anti-virus companies with the so-called infected files, they acknowledged that their alerts were only 'false positives'.

Recently, the company which hosts my own website blocked my account as, they said, it contained several files (.exe) containing and propagating malwares, viruses, etc. These PTE slideshows having been hosted there since several years, I had no doubts at all about their integrity. But it took me several days to convince the hosting company that they were wrong. I finally won and my account has been re-opened; here's the last e-mail I got from them, it's self-explanatory:

Hello,

(...) Secondly, I tested every executable file mentioned further down. When they were tested using online virus scanners such as http://www.virustotal.com, some of the scanners thought that they identified malware and we relayed on that judgement.

However, when running the samples in our malware lab, the files did not show malicious behavior. So these files are falsely classified as malware. There is no further action needed from your side - everything is fine and reachable.

Best regards,

Adrian

So, don't worry - these alerts are more than probably only "false positives" !

BTW: I have decided (and I'm not the only one in the French AV Community) not to use Avast (or its clones like AVG) any more and use instead Microsoft Security Essentials - its free, very efficient and doesn't report PTE .exe files as malware !

Link to comment
Share on other sites
davegee Advanced Member

davegee

Posted
Posted

I see a number of posts saying that AVG is "consigning most of my PTE.exe files to oblivion!" or similar.

Maybe I have my AVG set up differently to others but it never does anything without my permission.

Therefore if it detects a threat from a PTE EXE I just stop the process and don't try to open the offending file until the problem is resolved.

No lost files - no files in the virus vault etc.

DG

Link to comment
Share on other sites
RobertAlbright Senior Member

RobertAlbright

Posted
Posted

Quite apart from putting one's .exe files into suspended animation, there are other serious consequnces - see Gérard's comments above. Like Gérard, I have moved to Microsoft Security Essentials - its free, very efficient and doesn't report PTE .exe files as malware ! Good to hear from you Gérard. How is the motor bike?

Link to comment
Share on other sites
Ken Cox Advanced Member

Ken Cox

Posted
Posted

THIS MORN'S UPDATE

i went to a show that i had done back in April - i started the show with 4.48 and progressed thru to v7b19 - this morning i opened and saved it with v 7.0.2 renaming it to show the change -- the exe worked fine -- both on the the xp system and the win 7 system

current AVG

VER = 2012.0.1873

DAT =2101/4633

THIS TEST BASICALLY DUPLICATES DAVE'S AND PETER'S FINDINGS

KEN

Link to comment
Share on other sites
davegee Advanced Member

davegee

Posted
Posted

Ken,

I downloaded the "Wally Trek" show this morning because the author specified the Version as being V5.6.

It did not bring up any alerts from AVG.

I have also sent a PM to the author of Postacrds from Provence asking for details of his Version. Apologies to him - he DID provide details - it was 6.5!

Either this problem is version specific or it's a genuine Trojan Horse (not a false positive) but if it were a genuine TH why aren't the other AV softwares not picking it up?

Postcards is still alerting on my machine.

DG

Link to comment
Share on other sites
Ken Cox Advanced Member

Ken Cox

Posted
Posted

MY TROJAN SOFTWARE [Malwarebytes and superantispyware] are NOT PICKING UP THE Provence/Postcard show

too bad you are not getting any response -- when we get these false things we need everybody's input ASAP --

the 2011 fiasco was a sin - thankfully you wised us up to 2012

ken

Link to comment
Share on other sites
Gérard de Lux Advanced Member

Gérard de Lux

Posted
Posted

Either this problem is version specific or it's a genuine Trojan Horse (not a false positive) but if it were a genuine TH why aren't the other AV softwares not picking it up?

when we get these false things we need everybody's input ASAP --

You should make a test with VirusTotal; the file will be scanned online by several (I think it's 30) anti-malware tools, and if only 2-3 report a Trojan then it's more than likely a false positive. It' free and fairly quick.

Like Gérard, I have moved to Microsoft Security Essentials - its free, very efficient and doesn't report PTE .exe files as malware ! Good to hear from you Gérard. How is the motor bike?

Good on you, Robert that you also use Microsoft Security Essentials ! It should be more widely known and used.

The motorbike is very fine, thank you... it drove me last Sunday along the River Mosel where the light and coulours where amazing !

Link to comment
Share on other sites
Ken Cox Advanced Member

Ken Cox

Posted
Posted

AVG UPDATE

i went back and tested the the main folders of v 6.5 i have

6.5, 6.5 b1. 6.5 b8 and 6.5 b9 and all passed ok

i then opened the contents of shows made with said programs from the respective pte - all ok

as i very seldom make exe's any more i did not go that route

ken

Link to comment
Share on other sites
Ken Cox Advanced Member

Ken Cox

Posted
Posted

Dave

when you unpack the program from Igor there are exe's within - i tested the complete folder in each case

then opened each version's folder and then using the associated pte opened recent shows

these shows were before my win 7 system - only have active ver 7's on the win 7 - which i am on at present

i have not had good luck on my win 7 system with p2e so i make show on xp and xfer over network to win 7 -- open show on win 7 and if i want to make changes - do it then transfer back to xp so that both are the same -- not enough hrs in the day to learn the intracities of win7 so do on xp

"LOF"

KEN

Link to comment
Share on other sites
fh1805 Advanced Member

fh1805

Posted
Posted

I have just completed an exercise with interesting results. I downloaded and installed MalwareBytes and let it upgrade itself to the latest software version and database version. I then set it off to do a full scan of my C: drive (all my installed software), my K: drive (a clone of my digital images disk) and my M: drive (a clone of my general data disk). It took it about 40 minutes to complete and it found nothing to report. But during that processing, as files were opened, AVG found four "infected" PTE EXE files. All four were files I had created on my own systems. None were ones I had downloaded.

"Postcards from Provence" was not flagged by MalwareBytes - nor by AVG, which surprised me. On checking, I realised that AVG was not checking the contents of zip files. So there's a weakness in the protection that it provides. When I try to run the Provence EXE from within the zip file (i.e. I do not unzip the file, I let the software make that decision) then AVG does report a threat. I then manually unzipped the file to a USB flash drive and let Malwarebytes take a look at it. It reported no threat - AVG reported a threat.

Since Malwarebytes is touted as one of the very best of the threat detectors and removers, I am inclined to believe it and disbelieve AVG. I am going to try and establish the version of PTE that was used to make the four sequences that AVG quarantined. I'll report back shortly.

regards,

Peter

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...