Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avg Found 428 Warnings That They Listed As Trojans


  • Please log in to reply
9 replies to this topic

#1 Black9296

Black9296

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 29 April 2008 - 02:17 AM

Hello all,

Any insight you can give me will be helpful. I have read this forum a lot but never had to post. Thought I was pretty good with computer and don’t understand how both of my computers are infected with almost the same registry keys.

I formatted both computers less than 2 weeks ago because I suspected a problem and thought I would be clean. Tonight after reading some stuff on the new AVG from Grisoft just released I thought I would download it and see what it was like for giggles. It found 476 or some odd registry keys it listed as warnings and that they were Internet Explorer Active X registry key entries. I don't even use Internet Explorer and if I do it is once in a great while. My laptop I am almost 100 percent since the format that I have not even launched internet explorer. Which is why this is puzzling me?

I use:

Firefox
Zone Alarm Professional Firewall
Avast Free Edition
Threatfire from PC Tools and Spyware Doctor - Those three are actively running all the time. I also have PC Tools Antivirus, Spyware Terminator (on desktop), Super Antispyware, Antivir installed but they do not run as an active scanners. I also have Mcafee Siteadvisor and No Script for firefox which tells me what sites to stay away. I know a little bit paranoid but some of things I have been reading lately kind of justifies it and since AVG just found all this crap.

I started to think that I had a hacked version of AVG so I triple checked that it was the right Grisoft website so it is not that unless there site was jacked.

I just can't figure out where I got the infection I know 100 percent that my laptop has not been on any warez, porn, or any other malware sites because I have been the only once using it and not that much. The desktop however not so sure if anyone else used it. I don't have shared directories on the computers because I have kept them in an internet zone and not a trusted zone to each other.

I restarted and did another scan and it is finding the same registry keys again. I will figure that out I hope probably reformat but I need to figure out how they are getting on both computers. I will keep it clean but I would like to cuss my head off. It is not detecting what ever is putting them back there.

Can someone take a look at the picture files that I have placed and see what they think. I made a list of software that I have on both computers and I think I might just have to format again and check after each software is installed (that sounds like so much fun).

My gut is telling me it is a root kit somehow or rogue software which I have tried like hell to stay away from. Anyone know of a good root kit software. AVG and Antivir did not find anything.

Any suggestions on programs to find out how they got there. Or what it is AVG is finding stuff but not what is placing it there.

I would like to find a program that will detect the infection so that I won’t use that CD or External Hard drive. There is no way I can just trash everything including backups without having something that will catch it.

I was going to attach the pictures but I don't see that option. I would paste the export of the scan but it is 23 pages a bit long I think. Can you attach a text file?

One other thing I don't see why they are listed as warnings is it cause they are registry entries.

Edited by Black9296, 29 April 2008 - 02:18 AM.


BC AdBot (Login to Remove)

 


#2 Black9296

Black9296
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 29 April 2008 - 03:19 AM

I will leave my post up without deleting it just in case someone else has the same problem and panics. I looked at the results of the scans and both scans came up with 476 warnings which I thought was kind of odd and got me thinking. I disabled Spyware doctor and let AVG remove the registry entries. Restarted and they were not put back in with Spyware doctor disable. I am almost 100 percent positive that those where the immunization files from Spyware Doctor. After this scan which has found nothing so far I am going to re-enable Spyware Doctor. If that is it, which I know it is (pretty damn sure) AVG just dropped a notch in my book. I used to use it on some of my slower computers but this is ridiculous especially if you are someone that doesn't have that much computer experience and it would have happened to them.

Edit: That is exactly what it was, that really irritates me. I will be uninstalling AVG immediately.

Edited by Black9296, 29 April 2008 - 03:30 AM.


#3 Alan D

Alan D

  • Members
  • 144 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 29 April 2008 - 05:10 AM

You're right in your diagnosis, and I'm afraid AVG has shot itself in the foot over this. There's been a lot of feedback to them about this issue, but they persist in declaring that they're not going to fix it. They call it 'incompatibility' and say the solution is to remove the software in question. But I call them false positives, and in my view AVG should fix them.

I've already emailed them once about this issue (I'm a paying AVG7.5 user who will not upgrade to AVG8 while this situation persists), and I received the usual answer. It seems to me that only weight of customer response will make them change their mind.

Edited by Alan D, 29 April 2008 - 05:11 AM.

Windows XP Home SP2; AVG 7.5 Internet Security Suite (AV/AS r.t.p, and firewall); Windows Defender (r.t.p on); SuperAntispyware Free; a-squared Free 3.5.0.15; Spybot 1.4 (Immunised, but no Tea-timer); AdAware SE Free; AVG Anti-Rootkit Free; Spywareblaster; MVPS Hosts file (with HostsMan); McAfee Site Advisor.

#4 Black9296

Black9296
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 29 April 2008 - 05:46 AM

That is indeed ridiculous that they tell you to uninstall the software. Do they give you any facts that those are problems or admit that they are false positives.

Edit: that is bull if they are not false positives and indeed it was a problem why would it not detect Spyware doctor placing them there. What a load!

Edited by Black9296, 29 April 2008 - 05:59 AM.


#5 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:04:11 AM

Posted 29 April 2008 - 06:46 AM

It appears to be the same problem AVG is having, with SpywareBlaster:

Avg 8 And Spywareblaster - Conflicts Are Occuring
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#6 Black9296

Black9296
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 29 April 2008 - 07:16 AM

It seems there might be a pattern that they are only trying to get you to use there product and possibly pay to use there full software. Huh. I actually thought about buying it before I figured out what it was. Figures Although I don't recommend most users taking my opinion, just cause I am not all knowledgeable, but this makes me consider AVG as questionable software if they do not fix this and keep giving that kind of answer.

Edit: Hell even Microsoft was quicker to fix there false positive with Spyware Terminator. LOL

Edited by Black9296, 29 April 2008 - 07:19 AM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,119 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:11 AM

Posted 29 April 2008 - 12:25 PM

AVG FAQ 1198: Infection detected in "ActiveX Compatibility" registry key
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Alan D

Alan D

  • Members
  • 144 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 29 April 2008 - 04:46 PM

Take a look at this thread:

http://www.wilderssecurity.com/showthread....666#post1231666

It's starting to look as though AVG are moving on this issue, at last. And at least some of what they've been saying about the whole issue has been wrong, if I understand correctly what I'm reading here.

Edited by Alan D, 29 April 2008 - 04:47 PM.

Windows XP Home SP2; AVG 7.5 Internet Security Suite (AV/AS r.t.p, and firewall); Windows Defender (r.t.p on); SuperAntispyware Free; a-squared Free 3.5.0.15; Spybot 1.4 (Immunised, but no Tea-timer); AdAware SE Free; AVG Anti-Rootkit Free; Spywareblaster; MVPS Hosts file (with HostsMan); McAfee Site Advisor.

#9 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 29 April 2008 - 04:55 PM

with respect; you seem to have numerous antivirus programs installed?

AVG, Avast, PC tools antivirus , antivir.......



if you wish for a known AVG 7.5 download try

http://www.oldapps.com/AVG_antivirus.php

#10 Black9296

Black9296
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 30 April 2008 - 04:04 AM

I actually only have Avast which is running and PC Tools Antivirus installed but not actively running its scanner. Antivir was something that I tried and so was AVG to see how I liked there products. I occasionally like to see what else is out there. From what I have gathered the current version of Avast is a little bit better than the 7.5 version of AVG. Personal preference because it is pretty close. But Avast scans for spyware and Rootkits. Antivir doesn't scans for spyware and up until this recent version of AVG they had eliminated spyware scans and still don't have rootkits. I don't think Avast scans the registry however and that was why I was evaluating some more. I don't know if I will find a free one that does it all on its own. Although I am not positive on the Avast not scanning the registry.

Edited by Black9296, 30 April 2008 - 04:16 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users