avg and hjt

hawklord · Sep 8, 2007

hi,

thought you might like to know that the latest definitions for avg are picking up a trojan in the hijackthis v2 program downloaded from trend micro and from ourselves,
just up-loaded the zip file to jotti file scanner and only avg found any problem, worm/generic.dht,
false positive i think

DavidGP · Sep 8, 2007

Cheers for the heads up Hawklord, it seems AVG is having a glut of false positives of late, keep on like this and it will be one freebie I will start not to recomend.

But lets see how quick Grisoft fix this, I have forwarded your mesage to our malware fighters as no doubt they will have a few threads mentioning this malware, so thanks for this alert, please also if you get time post back if the next defs for AVG fix this malware alert?

hawklord · Sep 8, 2007

hi halo,

found the same problems on mine, the last f/p i had was updating spyware terminator (i know about the pro's and con's)

evilfantasy · Sep 8, 2007

It is doing the same to Brute Force Uninstaller.
AVG alerted me to and removed them both out last night.

chaslang · Sep 8, 2007

The worm type false detections have happened many times with programs like this. They are sometimes triggered by the compression/packing schemes used to create the EXE files. McAfee used to detect version 1.99.1 of HijackThis to have a p2p worm in it. Since BFU is also from Merijn, it is not surprising to possibly see similar false detections.

Now back to AVG, as Halo, mentioned there have been quite a few false positives showing up in AVG over the last 3 months or so. It's a shame but it does happen with many programs. Sometimes a new feature/detection that is added to truly detect real malware can also trigger the detection of other things that are not valid.

evilfantasy · Sep 8, 2007

Thanks chaslang. I had pretty much forgotten I had BFU until last night. And didn't make the Merjin connection until you mentioned it.

Merjin fans are saying it is a direct attack from AVG as they are competitors. But who knows.

I have to say I was in shock. Two programs in a row. I thought I was under full assault.
Hopefully it is taken care of soon.

greenknight32 · Sep 9, 2007

The FP on HJT is fixed already. I installed the latest update, then I was able to restore HJT.

DavidGP · Sep 9, 2007

Cheers for update Greenknight, good for Grisoft getting this fixed quickly, sadly in some occasions important files and software can be flagged and an unsupecting user can delete the FP and kill some software of theirs, so quick fixes from the AV companies are needed.

SO good for Grisoft.

greenknight32 · Sep 10, 2007

Yep, they are quick. I went to their forum to report the issue, found it had already been discussed at length - and the last post in the thread said the fix would be in the next update. This, in fact, proved to be the case.

Log in or Sign up

avg and hjt

hawklord Master Sergeant

DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

hawklord Master Sergeant

evilfantasy Malware Fighter

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

evilfantasy Malware Fighter

greenknight32 Sergeant

DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

greenknight32 Sergeant