Trojan horse proxy.ahiy and AVG
A lot of people seem to be reporting today that AVG is finding files to be infected with trojan horse proxy.ahiy or trojan horse proxy ahiy. From what I’ve seen, although that may be a valid virus designation from AVG, they are also reporting many legitimate files as this trojan proxy ahiy. AVG is acknowledging that they are getting false positives from the current virus database and are saying that the next update of their virus database the issue should be resolved.
Further they offer the following advise if legitimate files have been quarantined due to this:
From the AVG forums:
If you need to restore deleted files from AVG Virus Vault you can do it this way:
– Open AVG user interface.
– Choose “Virus Vault” option from the “History” menu.
– Locate the file that was incorrectly removed and select it (one click).
– Click on the “Restore” button.
Make certain that you are only choosing to restore files that were falsely tagged as viral.
They are also advising AVG users to force an update of AVG and then recheck the files in question to verify that they really are not this trojan horse proxy ahiy.
I know some people will be wanting to dump AVG over this, but just about every antivirus vendor deals with false positives from time to time. (McAfee just last week.) I have heard good recommendations of avira (which also has a free for personal use antivirus.) But, the decision is really up to you. Unfortunately false positives happen and can mess a system up badly if the wrong files are quarantined.
The test is, how frequent do you run into false positives and headaches from your antivirus and is it better than what you might experience with the competition?
For your information…. the files currently detected as trojan horse proxy.ahiy that I’ve seen reported are:
C:\Program Files\Google\Google Toolbar\Component\Google ToolbarUser_FCDD4C5F33EE805C.exe
and
C:\Program Files\Google\Google Toolbar\Google ToolbarUser.exe
Also, there is this forum thread explaining how to test and report a suspected false positive (good to have for future reference.)