AVG and Rising signatures update detects Windows files as malware
Yesterday, a signatures update pushed by AVG falsely labeled a critical Windows file as a banker malware, prompting the company to quickly fix the issue and issue a workaround, following end users complaints at its support forums.AVG's false positive causing downtime for Windows users is happening a week after Rising antivirus apologized to its customers for falsely detecting Outlook Express as malware leading to loss of emails, and yes, productivity too.
Yesterday, a signatures update pushed by AVG falsely labeled a critical Windows file as a banker malware, prompting the company to quickly fix the issue and issue a workaround, following end users complaints at its support forums.
"An update for the AVG virus scanner released yesterday contained an incorrect virus signature, which led it to think user32.dll contained the Trojan Horses PSW.Banker4.APSA or Generic9TBN. AVG then recommended deleting this file; this causes the affected systems to either stop booting or go into a continuous reboot cycle. So far, the problem only appears to affect Windows XP, but there is no guarantee that other versions of Windows don’t have the same issue."
"Unfortunately, the previous virus database might have detected the mentioned virus on legitimate files. We can confirm that it was a false alarm. We have immediately released a new virus update (270.9.0/1778) that removes the false positive detection on this file. Please update your AVG and check your files again.
We are sorry for the inconvenience and thank you for your help.
AVG Technical Support"
AVG and Rising aren't an exception to previous cases where components of Microsoft's Windows have been detected as false positives. In fact, in 2006 Microsoft's Anti-Spyware was detecting a competing solution as a piece of malware :