B
brianedow
Does anyone know about a false positive for AVG reporting Win32/
DH.CAFF82037E "may" "unknown" virus?
DH.CAFF82037E "may" "unknown" virus?
F
FromTheRafters
brianedow said:
Submit the file to virustotal.com, jotti.org, or virscan.org to see what
other scanner's report.
Also, it is important to know the filename and the location in which it
was found (full path).
D
David H. Lipman
From: "brianedow" <[email protected]>
| Does anyone know about a false positive for AVG reporting Win32/
| DH.CAFF82037E "may" "unknown" virus?
What FromTheRafters said and...
Please upload a copy of the suspect file to; http://www.uploadmalware.com/ for analysis.
Post the information from Virus Total and the fully qualified name and path of the file
and that you uploaded it to Upload Malware.
| Does anyone know about a false positive for AVG reporting Win32/
| DH.CAFF82037E "may" "unknown" virus?
What FromTheRafters said and...
Please upload a copy of the suspect file to; http://www.uploadmalware.com/ for analysis.
Post the information from Virus Total and the fully qualified name and path of the file
and that you uploaded it to Upload Malware.
B
brianedow
I got response from AVG! It appears to be a false positive!
"
Dear customer,
Thank you for your email.
Unfortunately, the previous virus database might have detected the
mentioned virus on some legitimate applications. We can confirm that
it was a false alarm. We have immediately released a new virus update
that removes the false positive detection on this file. Please update
your AVG and check your files again.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
In case that we can be of any further assistance, please do not
hesitate to contact us again.
Thank you.
Best regards,
Martin Valchev
AVG Customer Services"
"
Dear customer,
Thank you for your email.
Unfortunately, the previous virus database might have detected the
mentioned virus on some legitimate applications. We can confirm that
it was a false alarm. We have immediately released a new virus update
that removes the false positive detection on this file. Please update
your AVG and check your files again.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
In case that we can be of any further assistance, please do not
hesitate to contact us again.
Thank you.
Best regards,
Martin Valchev
AVG Customer Services"
D
David H. Lipman
From: "brianedow" <[email protected]>
| I got response from AVG! It appears to be a false positive!
| "
| Dear customer,
| Thank you for your email.
| Unfortunately, the previous virus database might have detected the
| mentioned virus on some legitimate applications. We can confirm that
| it was a false alarm. We have immediately released a new virus update
| that removes the false positive detection on this file. Please update
| your AVG and check your files again.
Well that's that....
Thank you for the update.
| I got response from AVG! It appears to be a false positive!
| "
| Dear customer,
| Thank you for your email.
| Unfortunately, the previous virus database might have detected the
| mentioned virus on some legitimate applications. We can confirm that
| it was a false alarm. We have immediately released a new virus update
| that removes the false positive detection on this file. Please update
| your AVG and check your files again.
Well that's that....
Thank you for the update.
F
FromTheRafters
Thanks for the update.
The value of an antivirus lies in it's support. It's good to see a
support channel that works.
For future reference, those file submission sites mentioned are all ones
that help the participating vendors get early warning of new malware or
false positive detections so that they can react to them quickly.
I got response from AVG! It appears to be a false positive!
"
Dear customer,
Thank you for your email.
Unfortunately, the previous virus database might have detected the
mentioned virus on some legitimate applications. We can confirm that
it was a false alarm. We have immediately released a new virus update
that removes the false positive detection on this file. Please update
your AVG and check your files again.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
In case that we can be of any further assistance, please do not
hesitate to contact us again.
Thank you.
Best regards,
Martin Valchev
AVG Customer Services"
The value of an antivirus lies in it's support. It's good to see a
support channel that works.
For future reference, those file submission sites mentioned are all ones
that help the participating vendors get early warning of new malware or
false positive detections so that they can react to them quickly.
I got response from AVG! It appears to be a false positive!
"
Dear customer,
Thank you for your email.
Unfortunately, the previous virus database might have detected the
mentioned virus on some legitimate applications. We can confirm that
it was a false alarm. We have immediately released a new virus update
that removes the false positive detection on this file. Please update
your AVG and check your files again.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
In case that we can be of any further assistance, please do not
hesitate to contact us again.
Thank you.
Best regards,
Martin Valchev
AVG Customer Services"
A
Alan
On the morning of July 10, 2010 pacific time my Free AVG version
9.0.830 conducted a scheduled scan and found two infections: one was
"removed and healed" and the other was "not removed or healed". This
is what is stated on "scan results":
"C:\Windows\System32\svchost.exe (5860):\memory_0b990000";"May be
infected by unknown virus Win32/DH.CAFF82037F";"Object is
inaccessible."
"C:\Windows\System32\svchost.exe (5860)";"May be infected by unknown
virus Win32/DH.CAFF82037F";"".
The first's "Object Type" is file and "SDK type" is Core, and the
"Result" is "object is inaccessible". For the second, the "Object
Type" is process and the "SDK Type" is Core.
After this scan, AVG updated itself (in the afternoon of 7/10/10)
Now early this afternoon (7/11/10) my AVG scheduled scan was conducted
again and the same two infections showed up, one being "removed and
healed" and the other "not removed or healed". Why would the same two
infections show up after an update?
Thank you.
F
FromTheRafters
On the morning of July 10, 2010 pacific time my Free AVG version
9.0.830 conducted a scheduled scan and found two infections: one was
"removed and healed" and the other was "not removed or healed". This
is what is stated on "scan results":
"C:\Windows\System32\svchost.exe (5860):\memory_0b990000";"May be
infected by unknown virus Win32/DH.CAFF82037F";"Object is
inaccessible."
"C:\Windows\System32\svchost.exe (5860)";"May be infected by unknown
virus Win32/DH.CAFF82037F";"".
The first's "Object Type" is file and "SDK type" is Core, and the
"Result" is "object is inaccessible". For the second, the "Object
Type" is process and the "SDK Type" is Core.
After this scan, AVG updated itself (in the afternoon of 7/10/10)
Now early this afternoon (7/11/10) my AVG scheduled scan was conducted
again and the same two infections showed up, one being "removed and
healed" and the other "not removed or healed". Why would the same two
infections show up after an update?
Thank you.
***
Maybe you need *another* update.
***
B
Bill
No big surprise there.