Convivea
Bit Che => Bugs & Feature Requests => Topic started by: strettonbull on April 23, 2008, 08:49:18 pm
-
Since this morning AVG Anti Virus is now saying that bitche.exe 1.0.60 is infected with the klone virus. Could someone check this out and report back? I've had to go back to 1.0.59.
Many thanks.
-
same problem occuring for me as welll
possibly the mirrors were infected ?
-
Same problem here - maybe a false positive from the latest AVG definitions file? I won't be switching it off to check!
-
hello everyone.. this is definitely a FALSE POSITIVE detection. Bit Che is NOT infected.
i use a file packer to keep the file size down and also to ensure that Bit Che can't be infected with a virus. the file packer checks itself to see if bit_che.exe has been modified (by a virus or anything else) and will not start up if it has been modified.
the problem is that from time to time, virus creators themselves will use similar file packers and then AntiVirus companies do their best to determine what is actually a virus and what isnt. in this case, the latest AVG updates are detecting Bit Che as infected with a virus that it IS NOT. this is actually more common than you would think with AntiVirus companies.
here is an online scan using the latest updates:
http://www.virustotal.com/analisis/cf7599bfdb5f6232befbda1f7409e035
as you can see, AVG is the only one reporting Bit Che as infected, and the 4 others are simply saying.. hey this file is suspicious (not a big deal). the 27 other virus scanners detect it as CLEAN, as it should.
so what do we do about this? well.. we need to let AVG know that they have a false positive detection.
from the FAQ for AVG: http://www.grisoft.com/ww.faq.num-1203#faq_1203
In case AVG detects some file on your PC as infected, this file was moved to AVG Virus Vault, and you are sure that this file is correct and clean, it is possible that the detected file is a false alarm.
If so, we shall prepare the correction as soon as possible.
Unfortunately, false alarms do appear from time to time in every Anti-Virus software.
To solve the problem, please send us this file for analysis directly from the AVG program this way:
* Open AVG User Interface.
* Choose the "Virus Vault" option from the "History" menu.
* Select the false positive file (one click) and click on the "Send to analysis" button.
* Fill in your e-mail address
* Confirm the dialog
This way file will be sent to our virus specialists for analysis and we will inform you about the result.
If all of you can please report this to AVG as soon as possible, they should remove this from their virus detection soon.
Also, I dont have AVG installed (yet), so could you guys report back if you have done the above steps to submit the file?
Thanks!
-chip
PS, if you haven't already and would like to continue using Bit Che 1.0 build 60, you can add Bit_Che.exe to your exception list to avoid having AVG detect it, until they update their definitions :)
-
Going back to an earlier version (like 1.0.59) won't help. The code that AV detects as Klone is common to everything available for download.
The instructions for submitting the file for analysis work only for the full version of AVG. The free version doesn't have a "Send to analysis" button.
-
Not quite that simple for AVG Free users.
See here...
http://forum.grisoft.cz/freeforum/read.php?4,104930,backpage=,sv=
If you suspect a file to be a false positive. Test the file at [virusscan.jotti.org] and if it is a false positive, archive (zip, arc, tar etc) the file using a password and email a copy to virus@avg.com with a brief description as well as the password you used to archive it with.
I've failed miserably in trying to upload to jotti, I'm afraid...
-
Going back to an earlier version (like 1.0.59) won't help.
It worked for me (having to put up with some really bad column format problems, mind).
-
I've just updated to AVG 8, licensed. The virus is not showing yet, if it does i will report it to AVG
-
I turned off AVG and now when I run Bit Che I get 'Unable to Execute file: [path to bit che] ShellExecuteEx failed; code5. Access is denied. Is this still from AVG not allowing me to execute it?
Edit: Nvr mind, i didn't shut it off completely.
-
I have emailed AVG so I'm hoping for a quick turn around with a fix for their virus definitions. I will definitely keep this post updated when I hear back from AVG.
-
I don't use AVG (did one time along time ago) I use Norton 2005 and ran a scan with no problem, so it remains that AVG and klone is all in AVG detecting a script problem
TheHalf™
-
Good news, AVG Technical Support wrote back: :)
Dear Sir/Madam,
thank you for your email.
We can confirm that it was a false alarm. This false will be fixed in
next AVG update. Please make sure that your AVG is actual.
If you need to restore deleted files from AVG Virus Vault you can do
it this way:
A) Using AVG 7.5
- Open AVG Virus Vault (Start -> Programs -> AVG 7.5 -> AVG Virus
Vault).
- Locate the file that was incorrectly removed.
- Right click on it and choose the "Restore File(s)" option.
B) Using AVG 8
- Open AVG user interface.
- Choose "Virus Vault" option from the "History" menu.
- Locate the file that was incorrectly removed and select it (one
click).
- Click on the "Restore" button.
We are sorry for the inconvenience. Thank you for your cooperation.
Best regards,
Karel Bachura
AVG Technical Support
website: http://www.avg.com
mailto: support@avg.com
-
I can confirm the latest AVG update is no longer falsely reporting the Klone virus in Bit Che 1.0 build 60.
AVG update: 2008.04.25
http://www.virustotal.com/analisis/8fac544f2743cf27f6723e35a8878834
If AVG removed it, you can now re-install and use Bit Che as normal.
Thanks to everyone who reported this. I'm glad this was taken care of swiftly! :)
-chip
-
That, my friends, is customer service!
Chip - any chance you could give VirginMedia a few lessons?! :D
Many thanks.
-
To Chip, AVG, and everyone else who responded so promptly and professionally:
There are people with a lot more financial incentive than you have, who could learn from you.
Thanks!
-
Thanks Chip
-
fantastic news, well done to all involved.
-
Seeing as I started the thread - may I close it with a big THANK YOU to everyone!
-
Chip's a virus writer...... :D :D :D
I knew it all along.....j/k
-
Chip's a virus writer...... :D :D :D
I knew it all along.....j/k
OMG Minlo, he's not a hacker as well, is he?? [hmm]
[LOL!]