The specific question that started this thread, on Tue Nov 04, 2008 10:50 pm,
I have had an answer from AVG.cnebrandt wrote:AVG has found the following infection on my vista computer.
THREAT DETECTED
File Name: C:Program Files\OpenOffice.org 2.4\program\msi-pkgchk.exe
Threat Name: Trojan horse Downloader Generic8.BCQ
Detected on open ...
...
Any help out there?
CB
This specific case is now confirmed as a False Positive - by AVG.
Here is an edited version of their reply to me
--
Time: Wed, 12 Nov 2008 11:31:04 +0100 (CET)
From: AVG Technical Support
To: DJ-Leith
Subject: Re: G#0803268009 - Technical Support Form
Dear Sir/Madam,
thank you for your email.
Unfortunately, the previous virus database might have detected the
Trojan horse Downloader.Generic8.BCQ on some legitimate applications.
We can confirm that it was a false alarm. We have immediately released
a new virus update that removes the false positive detection on this
file. Please update your AVG and check your files again.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience.
If you restore your files from the Virus Vault and with the latest
Virus Definitions they are still detected as threats, please send us
those files for analysis again.
...
** DJ-Leith adds in here, I did this on Sunday 09 November 2008.
When AVG 'tested the files taken out of the vault' they all passed.
See my post of Sun Nov 09, 2008 5:17 pm (above).
Since then my daily (at 02:05) scan has also been OK.
Now, continuing to quote my communication with AVG.
**
...
In case you need any further information, please do not hesitate to
contact us again.
Best regards,
Ivaylo Simeonov
AVG Technical Support
website: http://www.avg.com
mail: support AT avg.com
Answers to the most common questions can be found here as well:
http://www.avg.com/faq
On Thu Nov 06 00:55:51 CET 2008, DJ-Leith wrote:
...
> OS: Vista
> Service pack: sp1
> Program version: 8.0
> Build version: 8.0
> Virus DB version: 270.9.0/1770
> Area: Virus Vault
> Issue: False detection
>
> Issue description:
> Dear AVG,
>
> I tried to send you a sample by
> 1. Selecting the file in the Virus Vault.
> 2. Adding an E-Mail Address (this one).
...
...
> Please can you reply to confirm whether this is a
> false positive or not. If it is a false positive
> can I restore the files from the vault?
>
> If this is a false positive please can you put some
> information on your web site.
...
...
> See also
>
> http://user.services.openoffice.org/en/forum/viewtopic.php?f=49&t=11718&st=0&sk=t&sd=a
>
> --
> I think this might be a false positive.
>
> On 05/11/2008 (November 5th, 2008) AVG (v8) did a
> Scheduled scan of whole Computer at 02:05.
...
--
End of my communication with AVG.
--
As I said in my first post on Wed Nov 05, 2008 8:51 pm
"I think this might be a false positive..."
It is reassuring to have this confirmation from AVG.
