AVG (Free) Late Detection of Viruses

[SpainLover]

Twice I posted the following query on the free AVG forum and twice it appears to have been deleted! Evn if they found the message embarrassing, I would have expected a personal reply. I would be pleased to receive comments (and answers!)


Can someone please explain to me why AVG is now finding viruses in files some of which were downloaded up to 6 months ago?
Most of the viruses found are described as "Virus found Proxy" although it also found "Trojan horse Downloader.Generic2.LKM and "Trojan horse BackDoor.Generic4.QSO".

The last file was found in a program that I downloaded last September!

I run a "Complete Test" every day.

One last question - What is the "Proxy" virus?

 

[Ian]

I'm not sure about the specifics, but what may be the case is that the virus definitions have only been picked up in the most recent update. Seems strange that it has taken 6 months though!

Does the file you downloaded seem likely to contain viruses, or was it from a trusted source?

 

[SpainLover]

No the files weren't from a trusted source and I'm not amazed that they contained virus/trojans.
What I DO find amazing is that AVG didn't detect them for so long!
Also, why should they delete my message?
I don't know what the Proxy virus is, but why should it take so long to detect?

 

[muckshifter]

Sorry, but on my bandwagon it is one of the reasons I recommend people use anther AV program instead of AVG ... they are very slow with their updates to new nasties.

Now, I could be wrong, and it could be a very clever virus/trojan/worm that has evaded detection, but I sure wouldn't put MY trust in AVG.

Go do an "on-line" scan from housecall or the likes ... and get Anti-Vir while your at it.

 

[WinkingPig]

Another good program to look at using is Comodo Antivirus, totally free, it's what i'm currently using.

http://antivirus.comodo.com/

Oh and for those who don't know of Comodo, they are a large SSL certificate provider, so i would've thought it's trustworthy, i use their SSL's daily anyway.

But each to their own i suppose

 

[muckshifter]

Another good program to look at using is Comodo Antivirus, totally free, it's what i'm currently using.

http://antivirus.comodo.com/

Oh and for those who don't know of Comodo, they are a large SSL certificate provider, so i would've thought it's trustworthy, i use their SSL's daily anyway.

But each to their own i suppose

I did a lot of "research" into them when they first released their Comodo Firewall ... the company had a very shady past ... I still wonder if that leopard has changed its spots. I does look that way?

Each to their own.

 

[Abarbarian]

This site gives good info on anti virus suites

http://www.virusbtn.com/vb100/index

 

[WinkingPig]

They may of had a shady past but their applications are true to their word and work perfectly.

I don't recall any bad news as of late, so it seems they have changed their ways.

 

[fastartcee]

SpainLover,

Something similar happened to me a few months ago.

What happens is some string of code within the 'innocent' file happens, by chance, to match a virus signature that AGV is using, which causes a 'false positive' result.

This is from the AVG forum:

If you suspect a file to be a false positive. Test the file at [virusscan.jotti.org] and if it is a false positive, archive (zip, arc, tar etc) the file using a password and email a copy to (e-mail address removed) with a brief description as well as the password you used to archive it with.

If it is a false positive , turn off hueristic scanning for the time being. When Grisoft adjusts the virus defintions you can turn it back on. If turning off Hueristics still doesn't allow access to the file while testing and emailing... disable the resident shield temporarily.
​

I followed through on my false positive, and AVG responded within about 1 day -- fantastic service for a free program! In their next virus definition update the problem was corrected.

I think AVG Free is a tremendous program; it updated automatically -- and flawlessly -- every day, and I have not had a single virus get in since I installed it. (I've double-checked this by running an entirely different anti-virus program.)

Art

 

[SpainLover]

Thank you fastartcee, you give me some confidence back in AVG. They may well have been false positives. I was still thinking about Muckshifter's suggestion about changing to Anti-Vir or cImrie's suggestion of Comodo. However, at the moment I'm sticking with AVG - better the devil you know (!?)

What still worries me is why my posting on the AVG forum (similar to the initial posting above) was twice removed without comment. Why wasn't I given an answer similar to the last post? It makes me think they could be hiding something or am I being over-suspicious?

 

[fastartcee]

I don't know why that happened to your posts. When I posted I received a reply from someone similar to my reply to you. I zipped the executable file involved in the false positive, sent it to AVG, and received a reply back with 24 hrs confirming the false positive, and stating that their definitions would be modified immediately ...and they were corrected, with a day or so.

 

[beevale]

I'm also looking at the free possibilities of Comodo's anti- virus and firewall protection byt AVG seems to serve me well and I'm using the free PC Tools Firewall Plus without any problems (also free) and I've not had any problems so far. It passed the online symantec security test.