Folder AVG Forums » AVG SMB » AVG Client » Program Suddenly Infected!?
February 7, 2013 13:25 Program Suddenly Infected!? #224222
Reply with Quote | Quick Reply | Top
saint056a

Avatar

Novice
Join Date: 7.2.2013
Posts: 2
Hello, before one or two weeks AVG Interenet security Business edition tells me that one .exe file in our network server is infected (identity protection deleted it....and i must install program again) The computer is with Windows 7 and AVG. Interesting is that other computers with Windows XP and the same version of AVG did'nt threat the file like virus. The file is part of Human resource program.
February 7, 2013 15:50 Re: Program Suddenly Infected!? #224235
Reply with Quote | Quick Reply | Top
Optic

Avatar

Moderator
Join Date: 27.10.2009
Posts: 939
Hi saint056a,

Thanks for the file. Unfortunately Identity protection detects files by behaviour so we need the file in its captured stated in order to whitelist it. Would it be possible to get the following please:

- Induce the detection and allow Identity Protection to remove the file
- Navigate to:

XP - C:\Documents and Settings\All Users\Application Data\AVG*\IDS
Vista\7 - C:\ProgramData\AVG*\IDS

- Add the 'Quarantine' directory to a zip file and attach it to your next post. If over 2 mb, please upload it to our FTP Server using your login address - http://www.avg.com/gb-en/faq.num-2142#num-2142

- After gathering the sample, the file can be restored by opening AVG > History > Virus Vault > Restore

To whitelist the file in AVG settings, please visit this FAQ - http://www.avg.com/gb-en/faq.num-4493

Thanks,

Michael Allen

AVG Customer Services

http://www.avg.com



Join the AVG community!

http://www.facebook.com/AVGFree

http://www.twitter.com/avgfree

http://www.youtube.com/officialavg
February 8, 2013 07:37 Re: Program Suddenly Infected!? #224261
Reply with Quote | Quick Reply | Top
saint056a

Avatar

Novice
Join Date: 7.2.2013
Posts: 2
Optic wrote
Hi saint056a,

Thanks for the file. Unfortunately Identity protection detects files by behaviour so we need the file in its captured stated in order to whitelist it. Would it be possible to get the following please:

- Induce the detection and allow Identity Protection to remove the file
- Navigate to:

XP - C:\Documents and Settings\All Users\Application Data\AVG*\IDS
Vista\7 - C:\ProgramData\AVG*\IDS

- Add the 'Quarantine' directory to a zip file and attach it to your next post. If over 2 mb, please upload it to our FTP Server using your login address - http://www.avg.com/gb-en/faq.num-2142#num-2142

- After gathering the sample, the file can be restored by opening AVG > History > Virus Vault > Restore

To whitelist the file in AVG settings, please visit this FAQ - http://www.avg.com/gb-en/faq.num-4493

Thanks,

Michael Allen

AVG Customer Services

http://www.avg.com

Hi Optic, here is the file.

Exceptions list didn't help me, because the computer uses user account and didn't allow to add an exception. If i log on with admin account and make an exception it worked, but only for admin account! If i log on with user account, identity protection tries to delete the file again. I tried from admin console to add an axception for this computer, but result is the same.

PS: Only combination of windows 7 + AVG detects virus, the another one computer with Windows XP + AVG worked normally with this program.
February 8, 2013 13:38 Re: Program Suddenly Infected!? #224293
Reply with Quote | Quick Reply | Top
Optic

Avatar

Moderator
Join Date: 27.10.2009
Posts: 939
Hi saint056a,

Thanks for the file as requested.

File has been sent to the virus lab for analysis.

Cheers,

Michael Allen

AVG Customer Services

http://www.avg.com



Join the AVG community!

http://www.facebook.com/AVGFree

http://www.twitter.com/avgfree

http://www.youtube.com/officialavg