Just installed a new security setup which I am really liking: Defensewall and Avira Antivir.

Guard Heuristics is set to medium. Avira just updated and now whenever I use SAS, Avira detects "SSUpdate.exe" as a virus.

Most definitely a false positive. Anyone else who is using SAS and Avira with its latest definitions can reproduce this too?

Thanks.

I get this too. Avira Antivir 9 free, heur high.

I do believe that they know well what they will find in our computers but they still deny to test their software and definitions against common software. Is it possible that Avira does not test its software against MBAM, SAS etc?

SSUPdate.exe is not included in the trial version of DefenseWall, send the file to heuristik2@avira.com and I will fix the detection.

-{ Quote: "SSUPdate.exe is not included in the trial version of DefenseWall, send the file to heuristik2@avira.com and I will fix the detection." }-

SSUPdate.exe is part of the SuperAntiSpyware http://www.superantispyware.com/. Nothing to do with DefenseWall.

I just updated my Superantispyware with no probs at all.I'm using Avira Premium though.

-{ Quote: "Why would using Avira Premium make a difference? I thought both the free and paid versions used the same signatures/heuristics. Perhaps I'm wrong.

Anyone else can reproduce this issue with "SSUpdate.exe"?

EDIT: By the way, file sent to heuristik2@avira.com. Thanks for the help." }-
My answer to that is how come you got the false positive and I never?My Avira and Superantispyware has the latest definitions as well.

-{ Quote: "My answer to that is how come you got the false positive and I never?My Avira and Superantispyware has the latest definitions as well." }-

Have you tried to go into the installation folder of SuperAntiSpyware? I'm suggesting this since on one pc of mine had to visit the folder in order to trigger the alert. Actually had no alert using SuperAntiSpyware.

On my other pc I had the alert appear without running SuperAntiSpyware and when I tried to run the program. Go figure...These are the cases that make me feel really secure.

-{ Quote: "Why would using Avira Premium make a difference? I thought both the free and paid versions used the same signatures/heuristics. Perhaps I'm wrong.

Anyone else can reproduce this issue with "SSUpdate.exe"?

EDIT: By the way, file sent to heuristik2@avira.com. Thanks for the help." }-
Same here with Avira premium.I'd guess that the settings for Avira Guard would determine this showing up or not (ie.scan on read turned on or off)

I am having the same false positive too.I changed the guard heuristics from high to medium and I still get the virus alert.Even putting SSUPDATE.EXE in the guard exception list I still get the false virus alert.This is really annoying.

I sent the file to VirusTotal and the results are:
AntiVir - - ADSPY/Vundo.bhh
McAfee-GW-Edition - - Ad-Spyware.Vundo.bhh
Prevx1 - - High Risk Worm
So it is not the antivir which has the only false positive.LOL.

Mcafee GW probably use the same engine as Avira,so it's the same thing ,and Prevx usaully when it comes to other security software tends to give FP's.

Strange really. I've used them both together on my Vista Home (sp1) and WinXP pro (sp3) machines without a hitch. I have heuristics set to high. Must be about 2 years and I've never encountered this FP.

Ice

maybe another piece of malware altered it from its orginal state and Avira caught it.

-{ Quote: "Strange really. I've used them both together on my Vista Home (sp1) and WinXP pro (sp3) machines without a hitch. I have heuristics set to high. Must be about 2 years and I've never encountered this FP.

Ice" }-

I've been using Avira and SAS together for well over a year and just got the alert

I think this has been fixed now. Update and try..
So it was an Avira FP. This for those who have doubted or tried to imagine other scenarios.

-{ Quote: "I think this has been fixed now. Update and try..
So it was an Avira FP. This for those who have doubted or tried to imagine other scenarios." }-
If that's the case it's good to see that the FP was swiftly dealt with.Mind you considering the number of people using those 2 utilities together they must have been inundated with reports.
It does make you wonder about the level of FP quality control though when such a well known product as SAS can be flagged up.