Fake positive and request of refound

Site Feedback
12

Hi Alessandro,
For help on this issue please try refer to (http://kb.avg.com/articles/en_US/How_to/How-to-report-a-false-incorrect-detection/)
Thanks

9

I have discovered that AVG 2014 obeys the exclusions on both the resident shield and scheduled scans but AVG 2015 only ignores Ammyy (AA_v3.exe) via the resident shield when excluded from both the resident shield and the scanner but is removed to the vault on the next scheduled scan.  I have tried excluding Ammyy by full path name, by name in any location and by name even if updated but the scanner quarantines it every time.  AVG 2015 should treat exclusions like AVG 2014 and previous versions.  All you have to do to prove that AVG is at fault is to download Ammyy from http://www.ammyy.com and save it anywhere on your PC (you don't have to run it or anything) then open the folder where you saved it.  You AVG will popup warning you to protect or allow.  If you allow and remember then it will be added to your exclusion but go on to your exclusion settings anyway so that you can manually exclude to make sure there is a tick in both the resident shield and Scans, Just so that you can see that exclusions settings are ignored in AVG 2015, also add the folder that the AA_v3.exe file is in to the exclusions for resident and scans.  You can also add the exclusion a couple more times with the options "Even if it is moved" and "Even if it is updated".  When you are sure that you have explicitely told AVG to ignore this file, run a scan and watch what happens to the AA_v3.exe file.

7

I have discovered that AVG 2014 obeys the exclusions on both the resident shield and scheduled scans but AVG 2015 only ignores Ammyy (AA_v3.exe) via the resident shield when excluded from both the resident shield and the scanner but is removed to the vault on the next scheduled scan.  I have tried excluding Ammyy by full path name, by name in any location and by name even if updated but the scanner quarantines it every time.  AVG 2015 should treat exclusions like AVG 2014 and previous versions.  All you have to do to prove that AVG is at fault is to download Ammyy from http://www.ammyy.com and save it anywhere on your PC (you don't have to run it or anything) then open the folder where you saved it.  You AVG will popup warning you to protect or allow.  If you allow and remember then it will be added to your exclusion but go on to your exclusion settings anyway so that you can manually exclude to make sure there is a tick in both the resident shield and Scans, Just so that you can see that exclusions settings are ignored in AVG 2015, also add the folder that the AA_v3.exe file is in to the exclusions for resident and scans.  You can also add the exclusion a couple more times with the options "Even if it is moved" and "Even if it is updated".  When you are sure that you have explicitely told AVG to ignore this file, run a scan and watch what happens to the AA_v3.exe file.

13

It's more than a month that I send report about fake positive e no one make anything

10

So it is confirmed detection, since it is PUP you can allow it in detection dialog or disable detection of all PUPs.
Thanks

1

Good morning
I'm write because no one in AVG reply to my request and AVG Italy Support in Avangate are unable to help me
It's more than 1 mounths ago that i maked a request for remove Ammyy Admin Client from AVG Blacklist but no one make nothing.
I can't use it for remote admin of customer server, normal activity on customer support and in many installation I was forced to disable AVG.
All of my customers are fed up with having these problems every time we run a remote help.
Naturally the useless function of Permit don't run (like always)
I payd for something like 15000€ of license so I NEED YOUR SUPPORT
If AVG decide to do nothing I will be forced by grisoft to request a total refound. Yeah, also the other AV have a problem whit ammyy but a simple click on PERMIT BUTTON solve the problem.
Thank you very much
Bye
Paladino Alessandro 
Software Point
ITALY

 

3

Though Paladino's english might be broken, he said precisely what was wrong and how, for more than a month, he was being ignored by AVG (Business) support so he asked for help on this forum.  Ammyy Admin Remote (AA_V3.exe) has been around for a long time and is a legitimate Remote support tool used by many ITs around the world.  It is unfortunate that some scammers pretending to be from Microsoft Support, convinced people by phone to download it and  give them access to their PC where they eventually tried to extort money from them.  This does not make Ammyy a virus, trojan or PUP and AVG should not label it as such.

If I were the owners of Ammyy, I would sue AVG and any other Security Products makers who labled my product incorrectly as Malware and potentially affected my sales.  At the most, AVG should notify the user that the Ammyy found on their PC has been known to be used by hackers to defraud and give them a chance to have it removed or keep it,

In the past, I have been able to tell AVG, using the exclusions (Resident Shield and Scans) to ignore the "C:\Utilities" folder on my clients PCs where I put Ammyy and other tools that generally get quarantined but the latest version started what appeared to be randomly, quarantining aa_v3.exe (Ammyy).  I finally realized that the resident shield honoured the exclusion but the scheduled (mon, wed, fri) scans would then quarantine the file.  I searched forums trying to find why and finally stumbled on the following which explains that scans won't ignore viral files…

From: http://www.avgsecurity.co.za/faq/technical-faq/avg-90/computer-protection/scanning-and-resident-shield
These exceptions can be used for "Potentially unwanted programs" only. If you set the exception for a viral file (Trojan horse, I-Worm, Worm, W32…), this file will be still detected by AVG scans and the AVG Resident Shield. 

The Event History in AVG 2015 detects AA_v3.exe as a "Potentially Unwanted Application RemoteAdmin.CYY" which means that the exclusion should work but it just works on the Resident Shield.

In Feb 2014, AVG and other Products gave Ammyy a clean bill of health (See: Antivirus report for AA_v3.exe - Ammyy Admin 3.0) so why did they start again ignoring the exclusion from scans.

If you don't feel that you are treating this product wrong and don't intend to stop quarantining it whan the User has intentionally excluded, I will try to convince the people at Ammyy to seek compensation for loses caused by AVG;s refusal to allow this program to run.

​James

5

Hello, here i come again
the problem is that Ammyy is not a Virus/Malware/Ransomware or anything like this
Is a questionable choise of AVG to put the client in the PUP List. You had more than a year to check that the client is not dangerous (Why grisoft don't mark Teamviewer like Ammyy?)
I slowly move all of my customers to another product…the reason?..the button PERMIT work and I don't have to waste my time for "incredible" rule to setup on your software.
It's incredible that all of my question in your ticket system are whitout answer by one year. You have to be ashamed

4

Hi James,
If it is detected as "Potentially Unwanted Application" than it means that it is not an infection. You can disable detection of PUP in advanced AVG settings.
Thanks

8

Alessandro, Is it a 'Business Products' issue?. If so, Please follow my previous posting.
AVG Guru

11

Alessandro, Is it a 'Business Products' issue?. If so, Please follow my previous posting.
AVG Guru

6

It's more than a month that I send report about fake positive e no one make anything

2

Hi Alessandro,
For help on this issue please try refer to (http://kb.avg.com/articles/en_US/How_to/How-to-report-a-false-incorrect-detection/)
Thanks