I ran a full scan today just after my morning updates. PC Tools Antivirus found hundreds of occurrences of the threat:

Exploit.HTML.Agent

It seemed to flag every single html, htm, and other script files on my computer. It also flagged backups that I made several years ago... files that were scanned hundreds of times before and never brought up this threat.

I ran a few more scans: 1 with AVG, 1 with BitDefender, and 1 with Trend Micro. None of these programs found the threat.

Anyone else get this threat today? Should I be worried?

At first glance this looks like a false positive with the most recent PC Tools update.

1pm EST 7-16-08

RE: Exploit.HTML.Agent.AO

You are not alone. We're having the same problem with our PC Tools Antivirus software.... after today's update the scans revealed over 500 infections on our desktop and over 100 on the laptop. Bitdefender found nothing. I've left everything quarantined in hopes that it IS in fact a false-positive.

I have the same problem here.
exploit.html.agent.h
after today's update, pc tools antivirus detect more than 1000 exploit.html.agent.h

Same here... I have however "Removed" some, and the rest I just quarantined. Hopefull someone from pctools will have a look into this.

I have the same problem here guys, kept getting a virus alert in PC TOOLS Spyware Doctor with Anti virus 5.5.1.322 after recent update 16/7/2008 saying that a program was attempting to open or use c:\windows\system32\mshtmler.dll. I did a full scan which detected Exploit.HTML.Agent.h in 50+ files that were scanned a few days ago and were clean. It was also detecting this virus in lots of other places where I've had files for years and which were scanned with other antivirus progs and found them clean.
So for the moment I think I will take no action, this must be a false positive. Problem is; Does anyone know how to let PCTOOLS know this so they can check this, as I'm not sure how often they read these posts.

PC Tools may be contacted at this address: support@pctools.com
I have sent them a message alerting them to this issue. Hopefully they will act soon.

Yup, same issue with me. When my avast downloaded their database update, on guard came up and gave me the "antivirus detected files"

Threat Name - AntiVirus Detected Files
Details - Spyware Doctor has blocked an application attempting to access a file.
Risk Level - High
Infection - C:\WINDOWS\TEMP\_AVAST4_\UNP109970688.TMP


For a while, I couldn't even download my mail! Then when I removed it to invoke the alert again, I allowed it, but it still wouldn't work! The second time I removed it it seemed to be ok, though.

I tried to updated avast again, but it says the db is up to date. Hopefully that is the case.

Hi Guys,

Thanks for the info :)
We are aware of this issue and the developers are currently working on a solution. I'll provide an update shortly.

This should now be resolved :) Please run a Smart Update.
Let me know if you are still experiencing problems.

This should now be resolved :) Please run a Smart Update.
Let me know if you are still experiencing problems.
Had the same problem here with loads of exploit.html.agent.h found. I ran Smart Update just now and then re-ran the complete scan of my system. The scan started to find the same 'threats' again. I stopped it and turned off Intelliguard before it had finished.

Is this problem actually fixed and the exploit.html.agent.h is actually residing on my system or are the false positives still occurring?

Had the same problem here with loads of exploit.html.agent.h found. I ran Smart Update just now and then re-ran the complete scan of my system. The scan started to find the same 'threats' again. I stopped it and turned off Intelliguard before it had finished.

Is this problem actually fixed and the exploit.html.agent.h is actually residing on my system or are the false positives still occurring?

What DB version is currently displayed on the status screen? is it 10.100.003? If not, could you please run another Smart update?

What DB version is currently displayed on the status screen? is it 10.100.003? If not, could you please run another Smart update?

Hi Anthony

Yes, 10.100.003

I've been clicking Smart Update since but it says everything is up to date.

Add me to the list. I ran my first full scan with PCTAV this afternoon and got 71 hits!

Once a Smart Update has been run and the status screen displays DB version 10.100.003, please reboot-> start up and perform a scan and the problem should be resolved.

Once a Smart Update has been run and the status screen displays DB version 10.100.003, please reboot-> start up and perform a scan and the problem should be resolved.
Yep... a reboot has done the trick. Thanks a lot. :)

Are reboots required after all updates?

Yep... a reboot has done the trick. Thanks a lot. :)

Are reboots required after all updates?

Most of the times - No, only when PCTAV gives a notification that a reboot is required after a specific update.
This problem requires a reboot in order to resolve the issue :)

I had this one affect me and quarantine over 8000 files. Now after rebooting I still have files in my quarantine folder but they are not showing up in the list of quarantined items that I can restore. How can I restore these other files?

I had this one affect me and quarantine over 8000 files. Now after rebooting I still have files in my quarantine folder but they are not showing up in the list of quarantined items that I can restore. How can I restore these other files?

Could you please send us you're history file and I will be able to assist you further. I'll send a private message with my email address.

9:30am EST 7-17-08

I received a reply via email from tech support verifying that it IS a false-positive and advising me to run Smart Update for the corrections then rescan the system. After running the updates, restarting my computer, then rescanning, I found zero infections.

Fellas,
I may/not be correct on this, but my subscription to PCTools Softwear is due to renew and I have not done anything to renew yet...I just got this same error message. I'm betting this is absolutely nothing and all it is, is something that was loaded upon my last update from PCTools so it would pop up and make me think I got some virus's going on....prompting me to re-subscribe. Are any of you due to have your subsription run out?
If this what I think it is, then I will be terribly disappointed and my guess is they will get a class action lawsuit against them for pushing unsolicited programs onto PC's with the intent to scare the "crap" out of users and promop them into thinking their computer is going to go down unless they do something right now....PCTools to the rescue for a nominal fee...right?
I'm going to look in on this...seriously, if you are due to have your subsription run out, let me know how far /how many days it is until it runs out to the day that you got the message..Thanks a bunch and I"ll check back iwth any developments.
Mike
Grand Rapids MI

I had this one affect me and quarantine over 8000 files. Now after rebooting I still have files in my quarantine folder but they are not showing up in the list of quarantined items that I can restore. How can I restore these other files?
Dude,
I would check back with PCTools. I think its something they sent to open up on your computer to scare the crap out of you so that you reup your subscription. Was your subscription about to run out? .....think about it, if it was, perhaps that may answer alot ofyour questions. The bad part is that their scare tactic made you quarentine a bunch of files....if this is in fact what happened, then I am going to have a HUGE issue with these guys. I guarantee that they will hear from more thanjust me.

Being a complete novice, I just followed instructions on the tech support page where I still had infections when I rescanned after removal. Starting up in Safe Mode means nothing to me but the instructions were simple and seem to have done the trick. However, to be on the safeside, I will do a Smart Update and rescan just to be sure! Never thought I would find these pages useful. Thanks guys.

Dude,
I would check back with PCTools. I think its something they sent to open up on your computer to scare the crap out of you so that you reup your subscription. Was your subscription about to run out? .....think about it, if it was, perhaps that may answer alot ofyour questions. The bad part is that their scare tactic made you quarentine a bunch of files....if this is in fact what happened, then I am going to have a HUGE issue with these guys. I guarantee that they will hear from more thanjust me.

Why would a reputable company such as PC tools do this on purpose, especially when they have a free version of the PCTAV?
False positives occur with any AV vendor. The bigger the database/detection rates, obvioulsy going to get more FP's that are unintended.

Dude,
I would check back with PCTools. I think its something they sent to open up on your computer to scare the crap out of you so that you reup your subscription. Was your subscription about to run out? .....think about it, if it was, perhaps that may answer alot ofyour questions. The bad part is that their scare tactic made you quarentine a bunch of files....if this is in fact what happened, then I am going to have a HUGE issue with these guys. I guarantee that they will hear from more thanjust me.


No.. I have a feeling they are going to probably hear from just you.


FYI: My subscription isn't due to expire until october, and I encountered the FP issue as well, when avast updated. When a subscription expires, the only thing, if memory serves, that happens is that you no longer have access to live update so you can update your signature database... that's it. You can still use the program and run scans, it just won't be current. Not a good idea.

No anti-malware software is 100%, (trust me, Ive been having FP problems with both avast and SD this month. Not sure why July, of all things. Possibly coincidence.) only packages that are actually malicious in nature would do such a thing, such as giving you false positives to encourage you to buy their illicit product, or actually infect you to encourage you to do so. Spyware doctor is a reputable product, and if you doubt me, do research online.

http://www.spywarewarrior.com/rogue_anti-spyware.htm

A very useful page... allow me to direct you to this:

http://www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy

The page is a little over a year old since its last update, but I still refer to it often.

I have the free version and also got dozens of false positive warnings, but the 'reboot and run again' solution didn't work for me, so I had to uninstall and reinstall it...

I have the free version and also got dozens of false positive warnings, but the 'reboot and run again' solution didn't work for me, so I had to uninstall and reinstall it...

If you received more FP's you should post some extra info, like a screenshot of the detections or something that will help us check out if it is an FP or not. I don't think other people are getting this problem anymore as it looks like its been resolved.

Cheers,
Chippa

I had this one affect me and quarantine over 8000 files. Now after rebooting I still have files in my quarantine folder but they are not showing up in the list of quarantined items that I can restore. How can I restore these other files?

i have the same problem... my PCTAV qarantine a lot of files and now i can't restore because the list of quarantine's files is empty, but the folder contains the files.

How can i resolve this?

thanks

i have the same problem... my PCTAV qarantine a lot of files and now i can't restore because the list of quarantine's files is empty, but the folder contains the files.

How can i resolve this?

thanks

We will need to view the scan logs so we can proceed investigating this problem. To send us the scan logs, please follow the steps below.

1. Launch "PC Tools AntiVirus"
2. Click on "Settings"
3. Click on "Log Settings"
4. Select "Current Log"
5. Click on "View Log"

Your Browser should then launch and show you the log. On your browser, do the following to save the log.

6. Click on File
7. Click on Save As
8. On the new window, type in "Scan Logs" under file name and save the file to your desktop.

Please send the "Scan Logs" to my email address sent via Private Message :) and I'll assist you further.