AVG Help please.

daisyrose

I have scanned with AVG and it has picked up 2 viruses which are unhealed.When I try to remove the infections (hit the heal icon) I get the following message.
Moved object is bigger then the archive size limit.
C\Toshiba\Drivers\Value Added Package\Data1.cab

Go to file Ignor (icons)

What happens if I go to file? I have ignored so far. I have also scanned with windows defender and downloaded and run the Sophos Virus Remover but after completing full scans the message came back that I have no viruses and my system is working normally on both. I have automatic update set up everywhere. The only problem that I have is that I cannot update from Microsoft although I did update one security definition manually but another the massage came back that it did not support my system yet I got the number from my failed update.

I would be grateful for any not too technical help please.

Thank you in advance.

closed

if thats the file thats detected

C\Toshiba\Drivers\Value Added Package\Data1.cab

it's probably a false positive, if its not too big, try uploading it here www.virustotal.com to check

scan system with http://www.filehippo.com/download_malwarebytes_anti_malware/

consider uninstalling/disabling defender realtime scanning, it's not worth the update hassles, and avast free might be a better choice than avg

bubblegun

IMHO it appears to be a false positive.

I would presume you have a Toshiba pc/laptop in which case this file appears to be inside a windows archive file which is part of the setup.

If the other scanners do not detect a problem then don't worry.

If you are worried then note the file location, do not input anything that is security sensitive for a few days. Set AVG to ignore the file location, then download latest update and rescan a few days later. False positives are usually fixed quite quickly.

Alternatively google the file name. If it isn't essential then you could boot windows into safe-mode and delete the file.

But do the virustotal upload first, it is much more likely to be a false positive unless you download lots of Warez in which case you wouldn't be asking the question here!

waddler_8

Ignore it.

Firstly it's in a Toshiba sub-folder, so possibly a false positive as has been said.

Secondly it's in archive type file (.cab) - so even if it was a true detection, unless you are going to extract the file and execute it yourself it has no way of harming your system.

daisyrose

Thank you all for your replies.
I forgot to say that the infection is trojan horse generic 30 heh.

I have this twice.The files it is on are
toshiba\drivers\value added package\data1.cab and again on toshiba\drivers\value added package\data1.cab:\_ (followed by a lot of numbers and letters)

The message in my first post shows when I try to heal or remove the infection. I am sorry to repeat this but I just thought that I would be able to get rid of it.

I am interested to know please. What is a false positive?

Thank you

waddler_8

A false positive is when an antivirus wrongly detects a legitimate, clean file as being infected.

Generic detections are prone to false positives.

What a .cab file is, is an archive type - cabinet - a file which contains other (compressed) files inside it. AVG is detecting the files inside the .cab file.

As I said before - even if they were infections, unless you extract the files from the cabinet file and execute them, you're perfectly safe.

You can submit the file to AVG for analysis (Max 20MB).

http://samplesubmit.avg.com/gb-en/false-detection

daisyrose

Thank you again and for the link. I will try that.
You have explained it very well for me but how do I avoid executing the files in error? I have no idea whats in them.

waddler_8

It's unlikely that you'd click on them in error. You'd have to click to open the C: drive, then the Toshiba folder, Drivers folder, Value Added Package folder... and then extract the files from Data1.cab & click to execute them.

You've no reason to do any of that - besides, I'm pretty sure they are false positives. I wouldn't worry

I have a folder on my hard drive full of the nastiest of malware - I have to configure my antivirus to ignore them. They just sit there, totally harmless unless executed.

daisyrose

Thank you so much for the help I will leave it where it is now that I understand it a bit better and as long as it is not going to do any harm I am happy. Now I have started there are a few other things that I need to address. I am having problems with failed windows updates. Do I go to microsoft to solve this or are there other ways please?

waddler_8

Do you know the KB numbers for the failed updates? You can find these through your windows update history.

http://windowsupdate.microsoft.com/

daisyrose

Would it be 80070570? it said that was the code of the failed error but having just looked at the log I can see that a couple of them have failed including KB2658846 and KB2744842. I'll go to the link thank you and see how I get on.