sudden strange infections
Posted by: richard.a (IP Logged)
Date: October 31, 2007 07:35PM
Good morning. I'm a new forum member,
in Australia. I've been retired many years. I run three computers on a
LAN and experiment.
Today 31st October 2007 All three machines tell me after downloading latest update that four zips dating from late 1990s have "PSW.OnlineGames.PLZ" virus
Your encyclopedia and database seem to have no record of this. Nor does Symantech. Nor does Google.
The products are archives for which I paid - Drag-and-File, Drag-and-Zip and Drag-and-View; a much superior file manager to Windows Explorer, and which is no longer available. Manufacturer was Canyon Software.
I think it unlikely that all three machines should become infected at the same time, when running today's update.
The fourth is another competing product with Windows. SuperNoteTab, a superior notepad-like product. Can you please advise if you have released a buggy update? The setup and uninstall executables of the installed versions have also been removed by your latest update.
Look forward to hearing any thoughts, please,
Richard Ashton
Adelaide, South Australia.
beta tester for Linux and BSD.
Today 31st October 2007 All three machines tell me after downloading latest update that four zips dating from late 1990s have "PSW.OnlineGames.PLZ" virus
Your encyclopedia and database seem to have no record of this. Nor does Symantech. Nor does Google.
The products are archives for which I paid - Drag-and-File, Drag-and-Zip and Drag-and-View; a much superior file manager to Windows Explorer, and which is no longer available. Manufacturer was Canyon Software.
I think it unlikely that all three machines should become infected at the same time, when running today's update.
The fourth is another competing product with Windows. SuperNoteTab, a superior notepad-like product. Can you please advise if you have released a buggy update? The setup and uninstall executables of the installed versions have also been removed by your latest update.
Look forward to hearing any thoughts, please,
Richard Ashton
Adelaide, South Australia.
beta tester for Linux and BSD.
Re: sudden strange infections
Posted by: BIG AL 43 - Moderator (IP Logged)
Date: October 31, 2007 08:20PM
richard.a
Please pay attention to where you are posting and make it fit the subject of the forum area you are in. This wasn't an 'Update Issues' question which was the forum area you posted it in... moved to the 'Removing Viruses, Virus Removal Tools' area.... For an explanation of the Forum areas see [forum.grisoft.cz]...
With AVG Free please have a look @ this Sticky post [forum.grisoft.cz] if you suspect a file to be a false positive.
Please pay attention to where you are posting and make it fit the subject of the forum area you are in. This wasn't an 'Update Issues' question which was the forum area you posted it in... moved to the 'Removing Viruses, Virus Removal Tools' area.... For an explanation of the Forum areas see [forum.grisoft.cz]...
With AVG Free please have a look @ this Sticky post [forum.grisoft.cz] if you suspect a file to be a false positive.
Re: sudden strange infections
Posted by: richard.a (IP Logged)
Date: November 12, 2007 06:50PM
I disagree. If it had happened to you immediately after having updated, you would have thought so too, I suspect.
I have had legacy files (as in straight html files that could not possibly contain a nastie) deleted today and yesterday too.
No it is a problem associated with your upgrade, automatically downloaded and installed.
Thankyou
Richard Ashton
Retired CAD and PC trainer
past CAD consultant
Past contributor to Australia's premier CAD monthly
beta tester for PC-BSD and PuppyLinux
insider at linspire.com
I have had legacy files (as in straight html files that could not possibly contain a nastie) deleted today and yesterday too.
No it is a problem associated with your upgrade, automatically downloaded and installed.
Thankyou
Richard Ashton
Retired CAD and PC trainer
past CAD consultant
Past contributor to Australia's premier CAD monthly
beta tester for PC-BSD and PuppyLinux
insider at linspire.com
Re: sudden strange infections
Posted by: richard.a (IP Logged)
Date: November 12, 2007 06:56PM
I have no idea what a false positive is, my friend.
All I know is that on three computers on my home LAN (no, not commercial, I am retired, and do opensource system development to help the industry which handsomely supported me during my working life), suddenly since an update a few minutes before my previous post I am having straight html files being deleted as well as other files which could not have possibly been infected.
I believe that for the last few days that AVG Free has turned into a lemon.
And as this was my first post, and you went to the trouble to move this post without reading it properly, when you could have with far less effort PM'd me for fuller details, I have rather lost confidence in the product.
I have actually been sharing my distrust of AVG free with a number of Windows users who are rather surprised at what has happened.
So instead of sneering at me about what you perceived to be my mistakenly posting in a wrong thread, I would like to find out what if anything is going to be done about what appears to be rogue updates from your download server.
Thankyou
Richard Ashton
Retired CAD and PC trainer
past CAD consultant
Past contributor to Australia's premier CAD monthly
beta tester for PC-BSD and PuppyLinux
insider at linspire.com
All I know is that on three computers on my home LAN (no, not commercial, I am retired, and do opensource system development to help the industry which handsomely supported me during my working life), suddenly since an update a few minutes before my previous post I am having straight html files being deleted as well as other files which could not have possibly been infected.
I believe that for the last few days that AVG Free has turned into a lemon.
And as this was my first post, and you went to the trouble to move this post without reading it properly, when you could have with far less effort PM'd me for fuller details, I have rather lost confidence in the product.
I have actually been sharing my distrust of AVG free with a number of Windows users who are rather surprised at what has happened.
So instead of sneering at me about what you perceived to be my mistakenly posting in a wrong thread, I would like to find out what if anything is going to be done about what appears to be rogue updates from your download server.
Thankyou
Richard Ashton
Retired CAD and PC trainer
past CAD consultant
Past contributor to Australia's premier CAD monthly
beta tester for PC-BSD and PuppyLinux
insider at linspire.com
Re: sudden strange infections
Posted by: BIG AL 43 - Moderator (IP Logged)
Date: November 12, 2007 08:27PM
richard.a
Quote 'I have no idea what a false positive is, my friend'.... Please have a look @ this link [www.google.co.uk] & then read thro' the false positive link provided in the 1st post again.
Quote 'I have no idea what a false positive is, my friend'.... Please have a look @ this link [www.google.co.uk] & then read thro' the false positive link provided in the 1st post again.
Re: sudden strange infections
Posted by: richard.a (IP Logged)
Date: November 17, 2007 11:04AM
Quote:
Please have a look @ this link [www.google.co.uk] & then read thro' the false positive link provided in the 1st post again.
Okay, thanks for that, and I had made the assumption it meant that. But it really concerns me that these forums do little apart from either ignore those who post, or criticise or brow-beat them.
I have been well mannered all along because I believe in support forums (like where I assist) that maintaining your cool is important. No good getting your knickers in a knot. Really.
But still no comment by the forum about my concern that AVG has suddenly (and potentially dangerously) turned into a lemon - which is not a criticism but an observation.
Further unanswered posts by others with a similar tale of woe only go to confirm my opinion. I have used this product for many years, around the time that Steve Gibson wrote about ZoneAlarm - also a product I now view with skepticism, and which I've stopped using.
However I've found some of those whose comments your forum has ignored have been spread far and wide on other lists, which I'm sure is not good PR for your product.
Today AVG deleted an executable for a music file format conversion application on a computer that is seldom on-line, and which is checked regularly and is always clean.
Fortunately my backup server runs on Linux and its drives are not set up as shared drives which MAY (no guarantees) have saved me some of this time-consuming strife. However no guarantees there are there? AVG will likely delete them again, right?
I wrote this in my opening post - which was totally ignored...
Quote:
Your encyclopedia and database seem to have no record of this (meaning PSW.OnlineGames.PLZ). Nor does Symantech. Nor does Google.
That is still the situation I notice, from looking. How can AVG find a fictitiously nameed infection?
That is more than a false positive. It is invention - a very different thing.
Oh, and yes, these quotes from the google link you asked me to check out are interesting in the perspective of this thread...
Quote:
From VirusList
False positive
Synonyms: False alarm
A false positive is another way of saying ‘mistake’. As applied to the field of anti-virus programs, a false positive occurs when the program mistakenly flags an innocent file as being infected. This may seem harmless enough, but false positives can be a real nuisance.
* You waste productivity due to user down-time.
* You may take e-mail offline, as a security precaution, thus causing a backlog and more lost productivity
* You waste even more time and resources in futile attempts to disinfect ‘infected’ files. And if you load a backup, to replace ‘infected files, the backup appears to be infected too.
In short, false positives can be costly nuisances.
The term is not confined just to the anti-virus world. It also applies, for example, to anti-spam protection, where it refers to the misidentification of a legitimate e-mail message as spam. This too could be very costly, since the undelivered e-mail may be a business critical message.
Quote:
From Symantec
A false positive, also known as a false detection or false alarm, occurs when an antivirus program detects a known virus string in an uninfected file. The file, while not infected with an actual virus, does contain a string of characters that matches a string from an actual virus.
A false positive can also occur when a program performs an action, which appears to the antivirus program to be a virus-like activity.
Norton AntiVirus and Symantec AntiVirus Corporate Edition use Bloodhound heuristics to detect virus-like activity.
Examples of such activity can include, but are not limited to, writing to the master boot record of the hard disk, making changes to a system file, or running a custom macro in a program such as Microsoft Word.
False detections, once confirmed, are usually corrected as soon as possible
I know many people who never admit they made a mistake. I didn't think that your company would be one of them
I rest my case.
Richard in Australia
Where we usually fix things that are broken with fence wire
(Not possible here)