Page 1 of 2 12››
March 17, 2013 09:11 Results Of AVG Scan #226156
Top
LucyMay2

Avatar

Novice
Join Date: 25.6.2011
Posts: 17
Hi everyone

I recently did an AVG scan which showed up some problems and I’m unsure what to do so would be grateful for any advice.

At the end of the scan it said:

AVG detected 3 potentially dangerous threats – not all were removed. I clicked on address issues but the option to remove the threats wasn’t highlighted and so nothing happened when I clicked that.

I clicked on each of the 3 ‘problems’ to get more information and they were as follows:

1)Detection name: Trojan Horse Generic 32 HRP
Description: C:\Program Files [x86] Hewlett-Packard\HP Health Check\Active Check\product_line\Detection_CountryCode.exe
Severity: Message
State: false detection
Source: scan

2)Detection name: Trojan Horse Startpage.TJT
Description: C:\Program Files [x86] Hewlett-Packard\HP Health Check\Active Check\product_line\Detect_Internet Security.exe
Severity: Message
State: false detection
Source: scan

3)Detection name: Trojan Horse. TJQ
Description: C:\Program Files [x86] Hewlett-Packard\HP Health Check\Active Check\product_line\Detect_RevGenCounty.exe.
Severity: message
State: false detection
Source: scan

So I’ve turned the laptop off since this happened and re-scanned and now it’s showing no threats? I just wondered if this is because it said false detection and therefore means it is nothing to worry about or once it has scanned and showed the threats would they not show up again in another scan? If I look in scan history they are still there.

The only other thing I did was checked my recent downloads. There was a file I was going to look at a few days ago and when I went to open it AVG said it had detected a threat and did I want to remove it. I clicked remove and didn’t think any more about it but when looking in the downloads I noticed the files were still there so I deleted them. I don’t know if this could have been a cause for the above problems? I have just found the threat AVG detected the other day in my virus vault and this is:

Detection name:
Trojan Horse Dropper.Generic7.CGYK.
It said the severity of this was high and the source was resident shield. Is it OK to remove this from the virus vault now? This one has 3 red dots next to it but the above 3 just a yellow dot – just mentioning this last one in case it’s linked? (and also to double check its OK to remove it from the virus vault now?)I’m a bit confused!

Thank you very much for any help.

Lucy





March 17, 2013 12:25 Re: Results Of AVG Scan #226160
Top
Dimandas

Avatar

Novice
Join Date: 28.1.2013
Posts: 62
LucyMay2, 1-3 detection were false and were corrected.
March 18, 2013 12:28 Re: Results Of AVG Scan #226196
Top
LucyMay2

Avatar

Novice
Join Date: 25.6.2011
Posts: 17
Hi, Thank you for your reply. Please can I ask what is the reason you get false detections and are they never anything to worry about? Also if I go into my scan history and view that scan it still says :
AVG detected 3 potentially dangerous threats – not all were removed.

Is it because they are not showing up in the scan now that you mean they are corrected?

Also please can you tell me if it is OK to remove the last threat (Detection name:
Trojan Horse Dropper.Generic7.CGYK.) from the virus vault? Is it always OK to remove things from the virus vault once they've been moved there?

Thanks again
Lucy
March 18, 2013 12:46 Re: Results Of AVG Scan #226197
Top
BIG AL 43

Avatar

Moderator
Join Date: 18.6.2009
Posts: 23783
@ LucyMay2

Please can I ask what is the reason you get false detections

False Positives are actually mistakes made by antivirus and sometimes antispyware utilities. The companies that are trying to protect us against the threats are under enormous pressure to get the malware identified and a fix created that there isn't enough time except, for very basic testing, before they must release these identifications and fixes. Add to this fact that the authors of the malware are also using the same program compilers and software libraries that often a good program may get misidentified as a bad one. Typically, the protection programs quarantine area that is made to safely hold a malware will allow you to restore these if you don't get impatient and empty it first. If you report the false positive to your protection company, they will be able to correct their mistake.

If users will not report a false positive then they cannot be corrected. AVG Pro versions do have the ability to exclude files/folders from being scanned but still if a false happens it needs to be reported instead of being ignored.

What many people fail to realize with the subject of false positives... is that ALL antivirus and antispyware programs are prone to these. This is because they must also try and detect unknown malware that has just been released also. Its a case of trying to be safe and making a false detection instead of not being safe and letting the systems get infected.

Another issue that many do not understand and is why a good program may get detected as a malware after an update is that the authors of the virus's and spyware also use the very same programs and code libraries that normal program authors are using... So many times regular programs have some of the very same code that malware may have.

The user has to ask themselves would they rather their protection program be a little bit paranoid and make a false detection... or would they rather it miss a newly released malware and end up with an infected computer instead.

(There are about 20,000 - 30,000 new malware found daily)

Is it always OK to remove things from the virus vault

Standard info. for the items in the Virus Vault... leave them there for a little while to ensure that your system is working ok... then you can empty the vault at that time. If something is going wrong... then that info. may be helpful in finding a resolution such as possibly replacing a file that may have gotten infected etc.. It won't matter if you just leave the files in the vault, just don't leave them there long so you can reclaim the space they currently take up. As to how long... will depend on how much you use the computer.. if its often... usually a week will be more than long enough.

'Empty' is for all the files in the vault. 'Delete' allows you highlight & select individual files in the vault.... Either way they are gone completely!....

Also have a look @ FAQ #2432 http://free.avg.com/ww-en/faq.num-2432#num-2432.


AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan
How-To Articles | FAQ | Free Support
March 18, 2013 14:12 Re: Results Of AVG Scan #226204
Top
Dimandas

Avatar

Novice
Join Date: 28.1.2013
Posts: 62
Hi, Thank you for your reply. Please can I ask what is the reason you get false detections and are they never anything to worry about?

These problems were the user swil412 (http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=225923&page=3&type=0). Which was corrected when updating AVG. The other antivirus anything in these files are not found. I think the worry is not necessary.

Also if I go into my scan history and view that scan it still says :
AVG detected 3 potentially dangerous threats – not all were removed.

This is the result remained the last scan. Remove this result that he can't push you.

Is it because they are not showing up in the scan now that you mean they are corrected?

This detection has been fixed in the latest update of the definitions of AVG.

Also please can you tell me if it is OK to remove the last threat (Detection name:
Trojan Horse Dropper.Generic7.CGYK.) from the virus vault? Is it always OK to remove things from the virus vault once they've been moved there?

BIG AL 43 above already wrote down the answer.
March 19, 2013 11:56 Re: Results Of AVG Scan #226265
Top
LucyMay2

Avatar

Novice
Join Date: 25.6.2011
Posts: 17
Thanks for your replies - I'm glad it's nothing to worry about! I assume I don't need to report it now that it has been corrected?
Also just to double check as I'm still a bit confused - if I run a scan that shows something up, then I update and run another scan that doesn't show anything does this always mean it's been corrected?
In other words if the problem was still there would repeat scans keep picking it up? I wasn't sure if problems would only be picked up once by a scan or would keep being picked up by repeat scans if they weren't sorted out?
Thanks very much
Lucy
March 19, 2013 13:30 Re: Results Of AVG Scan #226277
Top
Dimandas

Avatar

Novice
Join Date: 28.1.2013
Posts: 62
I assume I don't need to report it now that it has been corrected?

Don't need these problems have been fixed.

Also just to double check as I'm still a bit confused - if I run a scan that shows something up, then I update and run another scan that doesn't show anything does this always mean it's been corrected?

There are different cases. Exactly can't answer.

In other words if the problem was still there would repeat scans keep picking it up? I wasn't sure if problems would only be picked up once by a scan or would keep being picked up by repeat scans if they weren't sorted out?

If this is a new file which appeared to have you recently I recommend that you believe AVG (even in this case can be a false alarm). If you think that a detected threat is the false positives I recommend that you send in AVG (http://forums.avg.com/ww-en/avg-forums?sec=thread&act=show&id=395). They'll answer within one working day. If the answer write that false positives are that it will be corrected in the next update. If the file is not sent to AVG, false positives can't fix it. If this is the file old big possibility that it is a false alarm.
March 19, 2013 13:51 Re: Results Of AVG Scan #226278
Top
LucyMay2

Avatar

Novice
Join Date: 25.6.2011
Posts: 17
Hi, Thanks for your reply. I haven't had a new file show up. Its just the original 1 - 3 above but they aren't showing now so I assume its OK. I'm probably just worrying too much but don't like these things! Lucy
March 19, 2013 14:02 Re: Results Of AVG Scan #226279
Top
BIG AL 43

Avatar

Moderator
Join Date: 18.6.2009
Posts: 23783
@ LucyMay2

Just for your general info if during a scan any files detected by AVG are moved to the virus vault & they subsequently prove to be a false positive, when the false positive is corrected by a virus database update, the files are auto restored from the virus vault back to their original location.


AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan
How-To Articles | FAQ | Free Support
March 19, 2013 15:20 Re: Results Of AVG Scan #226284
Top
Dimandas

Avatar

Novice
Join Date: 28.1.2013
Posts: 62
LucyMay2, I told you what to do in future if AVG detects a threat in a new file.
Page 1 of 2 12››