AnVir.exe flagged as malware?

Discussion in 'malware problems & news' started by beethoven, Apr 9, 2009.

Thread Status:
Not open for further replies.
  1. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,040
    I just did a scan with A2 and got an alert that AnVir.exe is considered to be Backdoor.Win32.Hupigon.qqby!A2.

    As this is the official exe of AnVir Task Manager I assumed it to be a FP. I went to Jotti to upload the file and was surprised to see 8 other AV flag the same file. Disregarding some of the more "sensitive" programs, this includes Kaspersky and AVG.

    Virustotal shows 12 out of 40 alerting - what gives?
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
  3. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    If you downloaded AnVir from official site, then it's a false positive. I am using AnVir Task Manager Pro myself, and KIS has never identified it as malware here.


    Probably best if you start mailing the vendors that detect it. You don't want flagging of legit product to spread too far and wide.
     
  4. Kessler

    Kessler Registered Member

    Joined:
    Feb 27, 2008
    Posts:
    6

    I got the same thing with Antivir. Same signature too and mine is a legit version that's been installed for over a year. Definitely a false positive.
     
  5. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,040
    I submitted the file to Avira and they responded that the file is clean. Holding Avira in high regards and given that similar to Kessler my file is from a legal source and in operation for almost a year, I also think this is most likely a FP. I still find it strange though not just one or two but so many AV seem to disagree.
     
Loading...
Thread Status:
Not open for further replies.