Wierd virus warning. Could be false positive?

 

I don't know quite what to make of this. I got a virus warning, specifically a Trojan warning, on one of TurboCC's programs on an AVG scan last night. I've never actually used the program, it's just part of the mass download I did from his site and I haven't had any previous warnings about it, or any of his other programs, but I do know that previously unrecognized threats are added to virus databases all the time. Alternatively it could just be a false positive from some recent database update.

Anybody else using AVG, or any other antivirus program, had anything similar?

A screenshot of the actual notification is at http://imgur.com/tJGeEUa

it's false

It's a known problem with AVG

--
Illiterate? Write for free help.

False positive?

Get a second opinion at https://www.virustotal.com/. But most likely a false positive.

--
-Quest, Nuvi 1390T

good for you--

congratulations for paying attention to the warning, then being skeptical and following up!

--
Nuvi 2460, 680, DATUM Tymserve 2100, Trimble Thunderbolt, Ham radio, Macintosh, Linux, Windows

Similar Problem With Norton

I had a similar message from Norton, but it was different virus that was listed. I can't recall the name of the virus, but it showed it as a low threat.

This occurred when I started having problems due to the Google earth change and I used the EPE Installer program to try to reinstall.

--
NUVI2555LMT, NUVI350

Same with Norton Internet

Same with Norton Internet Security here. I refused to load it and let Norton get rid of it.

--
I never get lost, but I do explore new territory every now and then.

Considering TurboCCC's Methods

Considering turboCCC's careful approach to security issues, I would bet on a false positive.

Issues related to false positives with turboCCC's files have been discussed here before: http://www.poi-factory.com/node/32163

TurboCCC reported in that thread (3rd post) that, prior to posting his files, he scanned all of them using VirusTotal - which at the time consisted of some 43 anti-virus programs.

(PS - Like all others here who learned from turboCCC and benefited from his work, I miss his presence on POI Factory; give him thanks for all of his help; and, wish him the best in his current endeavors!)

--
Garmin nüvi 3597LMTHD, 3760 LMT, & 255LMT, - "Those who wish for fairness without first protecting freedom will end up with neither freedom nor fairness." - Milton Friedman

Went Back

Personally, I went back to using Microsoft Security Essential.

Tried others but they all tax the system and gave false positives

Just my experience.

--
Bob: My toys: Nüvi 1390T, Droid X2, Nook Color (rooted), Motorola Xoom, Kindle 2, a Yo-Yo and a Slinky. Gotta have toys.

Went Back

Personally, I went back to using Microsoft Security Essential.

Tried others but they all tax the system and gave false positives

Just my experience.

--
Bob: My toys: Nüvi 1390T, Droid X2, Nook Color (rooted), Motorola Xoom, Kindle 2, a Yo-Yo and a Slinky. Gotta have toys.

MSE is Not Good

rlallos wrote:

Personally, I went back to using Microsoft Security Essential.

Tried others but they all tax the system and gave false positives

Just my experience.

Trouble is, Microsoft released a press notice in the last 2 weeks admitting the MSE rated at the bottom for Virus Protection and suggested actually installing a commercial Virus Protection Program.

--
Frank Nuvi 3597LMT 37.322760, -79.511267

Try ESET, I have been using

Try ESET, I have been using it for years and one of the best AV and light weight

--
NickJr Nuvi 3597LMT

PC Pro article

According to the PC security community, PC Pro got it wrong. Start with Corrine's Security Blog here:
http://securitygarden.blogspot.com/2013/09/sensationalist-pr...

--
-Quest, Nuvi 1390T

Ask Leo

ddeerrff wrote:

According to the PC security community, PC Pro got it wrong. Start with Corrine's Security Blog here:
http://securitygarden.blogspot.com/2013/09/sensationalist-press-got-it-wrong.html

I was going to reference an article by my favorite computer geek, Leo Notemboom, but this link makes that reference for us.

You can also look at
http://www.pcmag.com/article2/0,2817,2388652,00.asp#
and
http://www.pcmag.com/image_popup/0,1871,iid=376446,00.asp

Scanned it at virustotal.

ddeerrff wrote:

Get a second opinion at https://www.virustotal.com/. But most likely a false positive.

Scanned it at virustotal. 22 positives out of 47 scans, so about 50/50. I know that some programs which do low-level out of the ordinary operations can trigger false positives but I can't see how a gps update file should be doing anything similar to what a trojan needs, though I don't really know enough about what the tool does to properly judge.

Anyway I haven't had a need to use it so it's probably academic for me, but anyone aiming to use it might want to set a restore point or use one of the sysinternals tools to see what changes the program actually does process, just in case.

Scanned it at virustotal.

Dupe post.

Several layers of protection

I understand MSE isn't the best but is basic, free, and light. That's 3 reasons I like it. Perhaps even a top commercial AV isn't the best by itself, month in and out.

On my Windows systems, I run 3...MSE, Malwarebytes, and Webroot. On older systems, it's MSE and Malwarebytes. Out of these three, Webroot is the higher resource drain, but it's still pretty good compared to the other commercial giants out on the market. Plus, Webroot is different from the usual AVs. On some NEW programs, Webroot 'may' dig deep into the program, like a root canel, and slow the system down a bit. Other than that, all 3 play nice.

I Agree

nickjr wrote:

Try ESET, I have been using it for years and one of the best AV and light weight

I'm with you, I too have been using Eset Smart Security for years. I don't have a router so I disabled Windows Firewall and use Eset's Firewall in Manual mode. It uses little resources and unlike Norton products is easy to remove if needed.

Using Eset, I scanned Turboccc's RGN tool and it found no problems.

--
Nuvi 2460LMT 2 Units

ditched AVG

gpsaccount wrote:

Anybody else using AVG, or any other antivirus program, had anything similar?

AVG used to be my antivirus software of choice, but quite a while back I ditched it due to false positives. In addition to looking for known virus signatures, AVG uses heuristic analysis to look for virus-like things (http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&i...). AVG isn't the only AV to do this, but they seem to be overly aggressive - in my case alerting on files I've had around for years that had been scanned countless times with tons of different software - stuff I knew was clean.

I switched to the free version of Avast and never looked back. BTW, I have a few of TurboCC's programs and I've never had a virus warning on any of them.

Extension

I have the "web of trust" extension installed for FireFox and it tells me some websites are not safe when I know they are. I belong to the Marlin forum and some of the guys using Chrome for a browser report that Chrome flags that site as unsafe. Hard telling what they are seeing.

--
Anytime you have a 50-50 chance of getting something right, there's a 90% probability you'll get it wrong.

I agree

I agree about NOD32 (Eset) being a great choice. I was looking for something that was both low resource and regular updated definitions, and NOD32 was what my research led me to. The fact I get Norton Security Essentials free from Comcast but choose to pay for NOD32 instead might give a clue about which I think is better. NSE is a better value since it's free, but Eset is a better all around program and doesn't kill my system performance like NSE does.

Marlin

Don B wrote:

I belong to the Marlin forum and some of the guys using Chrome for a browser report that Chrome flags that site as unsafe. Hard telling what they are seeing.

Either something fishy, or it's not shooting straight. wink

Ever since Symantec bought Norton...

...it has tanked. I know personally of 3 people that have gotten viruses running various version of Norton AV and the Internet Security suite. It's crap. And never let the subscription run out and keep using it.... Your computer will slow down to a c..r..a..w..l.....

--
Striving to make the NYC Metro area project the best.

Any idea from those 3 people

Any idea from those 3 people how often Symantec updates virus definitions? I can tell you Eset updates every few hours. If it's like once a week for NAV that would explain their getting infected.

NIS

My opinion:

I've been using NIS (and it's predecessors) for at least 10 years on our 3 home desktop pcs and 2 laptops, with 2 teenagers in the house and have never had a virus that Norton did not stop. I also run Malwarebytes on a regular basis. I also take care of 2 friends PCs, one of which used to use free AV and had lots of problems. Convinced her to purchase NIS and has not had a problem since. Currently installed on a XP desktop, a vista laptop, 2 W7 desktops, and one W8 laptop. Would NEVER go to AV!

BTW: I just retired after working as a PC installation and repair technician for 17 years, (equipment and software) for a 25+ location business. NIS installed on all machines.

Your mileage may vary and you may disagree. Won't make any difference to me. To me this is akin to arguing about politics or religion. It's a personal preference.

--
I never get lost, but I do explore new territory every now and then.

Agreed!

KenSny wrote:

Your mileage may vary and you may disagree. Won't make any difference to me. To me this is akin to arguing about politics or religion. It's a personal preference.

Amen brother!

--
Striving to make the NYC Metro area project the best.

AVG

Avg is famous for so many false virus ,one more reason to stay away from it I use AVAST never had any problem with it,and it is free too.

Spybot

KenSny wrote:

My opinion:

I've been using NIS (and it's predecessors) for at least 10 years on our 3 home desktop pcs and 2 laptops, with 2 teenagers in the house and have never had a virus that Norton did not stop. I also run Malwarebytes on a regular basis. I also take care of 2 friends PCs, one of which used to use free AV and had lots of problems. Convinced her to purchase NIS and has not had a problem since. Currently installed on a XP desktop, a vista laptop, 2 W7 desktops, and one W8 laptop. Would NEVER go to AV!

I like Malwarebytes and I also run Spybot on a regular basis. With three laptops, two desktops, and a netbook I haven't had any virus problems so far.

--
Anytime you have a 50-50 chance of getting something right, there's a 90% probability you'll get it wrong.

I will keep an eye out

I will keep an eye out

Norton Internet Security issue with EPE

Norton Internet Security returns the following virus warning when attempting to install EPE:

http://www.symantec.com/security_response/writeup.jsp?docid=...