| View previous topic :: View next topic |
| Author |
Message |
jimVO
Lieutenant
Premium Member
Joined: Mar 17, 2008
Posts: 153
Location: USA
|
 Posted: Sun Mar 30, 2008 3:25 am Post subject: Grisoft AVG Disables Complainterator! |
|
|
For some reason Grisoft AVG is disabling my Complainterator installation. I just downloaded their update (free edition, I do it daily) and when their Resident Shield is enabled it says that Complainterator.exe is a trojan downloader.
I'm sending some feedback to Grisoft now.
Anyone else see this?
|
|
| Back to top |
|
 |
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2889
|
| Posted: Sun Mar 30, 2008 5:11 am Post subject: |
|
|
I just uploaded it to Virus Total. The scan is at http://www.virustotal.com/analisis/3b276c1784392db23933de9c3777510e
Some of the other AV's are identifying it as Schanaud, which does not affect XP systems and which apparently spreads through Vietnamese language messages on Yahoo Instant Messenger. Not sure what the resemblance is.
|
|
| Back to top |
|
|
jimVO
Lieutenant
Premium Member
Joined: Mar 17, 2008
Posts: 153
Location: USA
|
| Posted: Sun Mar 30, 2008 6:22 am Post subject: |
|
|
Great. Thanks. I hadn't seen that service before. I guess it just underlines one of the problems with signature searching.
|
|
| Back to top |
|
|
jimVO
Lieutenant
Premium Member
Joined: Mar 17, 2008
Posts: 153
Location: USA
|
| Posted: Sun Mar 30, 2008 4:27 pm Post subject: |
|
|
Looks like GriSoft responded pretty quickly. This morning's update seems to have fixed the problem.
|
|
| Back to top |
|
|
tembow
Blue Angel
Premium Member
Joined: Oct 10, 2005
Posts: 2942
|
| Posted: Sun Mar 30, 2008 9:15 pm Post subject: |
|
|
Phew, just in time.
I was about to make a subtle change where Complainterator detects and disables Grisoft AV.
[just kidding]
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2889
|
| Posted: Sun Mar 30, 2008 10:34 pm Post subject: |
|
|
| jimVO wrote: | | Great. Thanks. I hadn't seen that service before. I guess it just underlines one of the problems with signature searching. |
Since I started checking, I have become pretty disillusioned with the usefulness of AV programs. If fewer than half of them fail to detect a file as malware, that's considered so good that it won't be added to the malware listserve here. Even those that do detect malware will usually all disagree about which malware program it is.
Knowing the provenance of a program (where it came from -- a download from a known reputable site vs. a link from a spam email promising a porn video, for instance) is a much better indication of what is malware. Even so, good sites get hacked and end up handing out drive-by downloads. It even happened to TrendMicro recently.
Relying on using Firefox/Mozilla with NoScript is only a short term solution, as the bad guys are going to regard the increasing number of people using that as an attractive target.
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
