Tech Support Forum banner
Cancel

[SOLVED] AVG Free 8.0.100

2433 Views 13 Replies 3 Participants Last post by  tetonbob
Geekgirl
After installing Spywareblaster 4.1, AVG Free 8.0.100 has been giving me the following alert(s):

Resident Shield:
Torjan horse Dropper.Agent.IPC C:\Program Files\Spywareblaster\sbautoupdate.exe

2 instances, same location

False / positive alert?
Save
Like
Status
Not open for further replies.
1 - 14 of 14 Posts
tetonbob
Re: AVG Free 8.0.100

Hi TJ -

I would think that's got to be an FP. Scan it at VirusTotal to see what other engines think, and submit it to AVG, please.
Save
Like
Geekgirl
Re: AVG Free 8.0.100

Okey dokey boss :laugh:

Will report back findings
Save
Like
tetonbob
Re: AVG Free 8.0.100

Hiya, TJ -

I decided to install the new version on a test box, and scanned the file at VT. Seems 6/32 vendors are seeing it as malicious/suspicious. I've alerted javacool, and uploaded the file where multiple vendors can see it.

I strongly believe this to be a false positive report. javacool is reputable software.
Save
Like
Geekgirl
Re: AVG Free 8.0.100

I tried to send to Virus Total....dang Vista wouldnt allow me to do nothing with it. I tried attaching via email and also using the uploader but when I right click and hit Send to, Virus Total was not in the list....grrr

So I moved it to the AVG vault and sent it that way. I didnt want to move to the vault just yet but was forced to. I will need to restore it.

It most likely is a fp because its a new version 4.1
Save
Like
tetonbob
Re: AVG Free 8.0.100

Subject: Re: VVSAMPLE analysis

This email is an auto-response message. Please do not reply.

AVG Anti-virus Research Lab has analyzed the file(s) you have sent from your AVG Virus Vault. Below you can find the results for each file. The final verdict on the file is either a correct detection or a false positive detection.

Further information about the verdicts are available at our website:
http://www.avg.com/faq-1184

"C:\Program Files\SpywareBlaster\sbautoupdate.exe" - detection is correct
Click to expand...
:upset:


1. Correct detection

In case the file is detected correctly, it will not be removed from the AVG detection. If you believe that the file should not be detected by AVG, please contact our Technical Support.

If you decide to keep the file and use it with the risk of possible payload it may carry, you can restore it from the AVG Virus Vault, and manually exclude it from the AVG detection:

* If the file is detected as a Potentially Unwanted Program
o Please open AVG - menu "Tools" - "Advanced settings" - "PUP Exceptions".
o Click "Add exception" and browse to the file.
* If the file is detected as a virus
o Please open AVG - menu "Tools" - "Advanced settings" - "Resident Shield" - "Exceptions".
o Enable the option "Use excludes in Resident Shield" and "Add path" to the folder which contains the file.
o Please note that the file will be still detected by AVG test. However, you can disable automatic healing in AVG - "Computer scanner" - double-click on scheduled scan - "How to scan" - disable the option "Automatically heal/remove infections".
Click to expand...
Save
Like
Geekgirl
Re: AVG Free 8.0.100

I got the same results, so its a trojan?

I'm confused :rolleyes:
Save
Like
tetonbob
Re: AVG Free 8.0.100

I seriously doubt it....it means that real analysts at Grisoft (and the other 5 vendors) will have to look at the file, rather than the automated system.

It's an updater file, so it's understandable that it gets flagged, but they should be able to whitelist the new version so it doesn't.
Save
Like
tetonbob
Re: AVG Free 8.0.100

Javacool is working hard with the vendors trying to get this False Positive rectified.

The legitimate sbautoupdate.exe file is digitally signed by "Javacool Software LLC", and has the following checksums:

MD5: 5D0E5821EB35CDA9C320C1BDF1A4B695
SHA1: 62B09B3503C05A3CC853BB8BDFCC8292FD200E53
Save
Like
Geekgirl
Re: AVG Free 8.0.100

I am hope AVG's next update with resolve this issue, otherwise I will need to place it as an exception or whatever the term is they use....:rolleyes:
I tried this already but it wouldnt allow me navigate to the file, only to the spywareblaster folder nothing beyond that ....
Save
Like
TheShadowFl
Re: AVG Free 8.0.100

A service pack is shortly forthcoming for AVG 8.0.
Many concerns are being addressed and will be fixed.

AVG and Javacool work closely together and I'm sure they will work out any problems in short order.

For now, lets just wait it out.
AVG 8.0 FREE is having NO problems with my Spyware Blaster 4.0.

I'd suggest continuing to use that version for now.

Cheers mates!
The Shadow :cool:
See less See more
Save
Like
tetonbob
Re: AVG Free 8.0.100

An update has been pushed, and AVG Free 8 is no longer detecting this false positive.

Please update your definitions manually now, or wait for the next autoupdate.

Edit for informative link:

http://www.wilderssecurity.com/showthread.php?t=212191
Save
Like
Geekgirl
Re: AVG Free 8.0.100

I installed the same 2 programs on a computer today and there was no detection of the trojan. BUT it was XP not Vista like the original pc.

Well, at least they are aware and are fixing the issue

Thanks Bob
Save
Like
tetonbob
My tests were on XP. Yep, I think this one's solved.

:wave:
Save
Like
1 - 14 of 14 Posts
Status
Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top