Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

C

cdcolo

2 Posts

15267

October 14th, 2008 18:00

AVG 8.0 keying off of C:\Program Files\Dell\Support\bin\ - Most likely false positive

Am using AVG 8.0 Free on a "community/guest" computer here at the residence.

 

As of Oct 14 2008 it is constantly FPing a PSW.Agent.VQA detection.

 

Interested parties all ready contacted but more users getting on the band wagon won't hurt. ;-)

 

I even did some preliminary research using such wonderful tools/communities as VirusTotal.com and BleepingComputer.com etc.

 

But it is not a primary/frequented machine by any means.

 

Oct 14 2008 ~1PM Mountain

AVG 8.0 Free - AVI 270.8.0/1724

Windows XP Home SP3 - Updated since Oct 2008 "Black Tuesday"


Thanks and Later, Mr. C. D. (cdcolo)

----

 

C:\Program Files\Dell\Support\bin\Dell Support.exe;"Trojan horse PSW.Agent.VQA";"Moved to Virus Vault"  

 

C:\Program Files\Dell\Support\bin\DS Tutorial.exe;"Trojan horse PSW.Agent.VQA";"Moved to Virus Vault"

 

C:\System Volume Information\_restore{REDACTED-BYME-XXXX-XXXX-USERPARANOIA}\USER!\CHOICE!!.exe;"Trojan horse PSW.Agent.VQA";"Moved to Virus Vault"

 

C:\System Volume Information\_restore{REDACTED-BYME-XXXX-XXXX-USERPARANOIA}\USER!\CHOICE!!.exe;"Trojan horse PSW.Agent.VQA";"Moved to Virus Vault"

 

C:\WINDOWS\Installer\XXXX.msi;"Trojan horse PSW.Agent.VQA";"Moved to Virus Vault"

 

C:\WINDOWS\Installer\XXXX.msi:\Binary.NewBinaryXX;"Trojan horse PSW.Agent.VQA";"Moved to Virus Vault"

 

EDITED: To add a wayward file path for Dell Support.exe...

Message Edited by cdcolo on 10-14-2008 01:20 PM

Bugbatter

20.5K Posts

October 14th, 2008 18:00

Thanks for the info. I'm sure we'll be seeing more of these if this isn't fixed soon.

Interested parties all ready contacted but more users getting on the band wagon won't hurt. ;-)
I hope that means that you contacted AVG Free Forum to report it.

cdcolo

2 Posts

October 14th, 2008 18:00

You're quite welcome!

 

As far as contact procedures,

let's say the AVG (a.k.a. Grisoft) "free" forum is a little hesitant to acknowledge FP reports,

so I've contacted interested parties directly through

their preferred contact points and means for such issues.

 

Note: This is no derision on any security company or their procedures, by any means. False Positives happen to all and all my postings are my own.

 

 

Bugbatter

20.5K Posts

October 14th, 2008 18:00

Perhaps they are too busy trying to fix the Zone Alarm FP, and will get to the Dell problem as time permits.
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=312149&messageID=2881226&tag=forums06;forum-threads

Bugbatter

20.5K Posts

October 14th, 2008 20:00

ky331

3 Apprentice

 • 

15.2K Posts

October 14th, 2008 20:00


cdcolo wrote "let's say the AVG (a.k.a. Grisoft) "free" forum is a little hesitant to acknowledge FP reports...".

 

AVG's forum is one of the least-friendly, least-cooperative forums we've encountered.   There are a handful of (non-employee) "moderators" there, who seem to have complete control in terms of derailing and censoring posts... but who, when ultimately questioned about their actions, then "cling" to the fact that they don't work for AVG.

 

Rather than taking simple compassionate steps to help novice/distressed users, they typically bypass many problems by claiming that the user didn't properly follow their stringent guidelines on how to post there.

 

when someone else replies to a thread, either to corroborate the original poster's findings, or to offer their own solution, such posts are often censored entirely, with the "moderators" typically asserting that the post was non-responsive or non-helpful.  

 

This is not just my own experience, but the experience of many others who have had problems trying to contact the AVG forum.

 

As BB has noted, there seems to be a mild avalanche of likely-FP's bombarding AVG at the moment.   Unfortunately, there's not much you can do with AVG, unless/until they finally decide to get around to the problem.

Message Edited by ky331 on 10-14-2008 06:07 PM

ky331

3 Apprentice

 • 

15.2K Posts

October 14th, 2008 20:00

(post deleted... was having problems EDITing...)
Message Edited by ky331 on 10-14-2008 05:56 PM

joe53

1 Rookie

 • 

5.8K Posts

October 15th, 2008 03:00

I totally agree with ky331's opinion of the AVG Free forum.

 

Not only does the mod's attitude discourage reporting of false positives, it delays their fixing. And although the AVG forum may be moderated by "non-employees", it is owned by AVG, unlike many other malware forums. I do not know of any other reputable vendor support forum that discourages the reporting of FPs- most say "thanks!", and fix them quickly.

 

This is only one (and by no means the least) of the reasons why I no longer recommend AVG Free. I say this as a long-time former user who once did recommend it. Alwil's avast! or Avira's AntiVir are far better free AVs, IMHO.

 

 --------------------------------------------

 

Free security software: A primer

 

 

ky331

3 Apprentice

 • 

15.2K Posts

October 15th, 2008 15:00

I've just seen a report at the AVG forum alleging the problem has been fixed.

 

1) UPDATE your avg to get the latest definitions.

2) restore the files (only those from this particular problem) that were quarantined

3) run an avg scan, and hopefully, it won't pick up on this again

 

View More

View All

No Events found!

Top