AVG False Positive on Clean Access

Unanswered Question
Apr 1st, 2009
User Badges:

Hey All,

I've had a couple laptops come in over the past two days with a supposed infection. They are all running Vista and AVG 8.0/8.5. They are showing that ccaagentlauncher.exe is infected/trojan. I'm pretty sure it's a false positive. The only solution I can think of is to add the file to the exception list and wait for new definitions. Anybody else encounter this? Any help or input is appreciated.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
greg.washburn Wed, 04/01/2009 - 10:22
User Badges:

Is it reported as a specific trojan / virus or generically as a potential trojan?

thenrylander Wed, 04/01/2009 - 12:44
User Badges:

AVG identifies it as Trojan Horse BackDoor Generic10.AXMA.

greg.washburn Wed, 04/01/2009 - 13:18
User Badges:

As far as I'm aware AVG will not flag it as false positive (and therefore fix it in their definitions) if it is not reported on their forums. So if it is a false positive it needs to be reported.

To verify it is a false positive I would do a couple things.

Check the properties of the file and ensure it matches up with the version number and such that you hand out of the NAC (or login script or distribution media).

I would also download a different scanner (like the sysclean free scanner from trend) with the latest definitions and ensure it does not detect the same "infection".

thenrylander Thu, 04/02/2009 - 07:16
User Badges:

I've now had about 15 laptops come in with the same problem. I've scanned one of them with a separate antivirus program and it's clean. The file properties look unchanged. I'm going to report it to AVG as a false positive.

rklingaman Thu, 04/02/2009 - 07:17
User Badges:

We also have seen this just for FYI. ON a couple of laptops with vista and AVG 8.0 detecting clean access as a trojan. Will have to report it to AVG.


This Discussion