Avira false positive

Discussion in 'other anti-virus software' started by ssj100, Apr 7, 2009.

Thread Status:
Not open for further replies.
  1. ssj100

    ssj100 Guest

    Just installed a new security setup which I am really liking: Defensewall and Avira Antivir.

    Guard Heuristics is set to medium. Avira just updated and now whenever I use SAS, Avira detects "SSUpdate.exe" as a virus.

    Most definitely a false positive. Anyone else who is using SAS and Avira with its latest definitions can reproduce this too?

    Thanks.
     
  2. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    I get this too. Avira Antivir 9 free, heur high.
     
  3. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    I do believe that they know well what they will find in our computers but they still deny to test their software and definitions against common software. Is it possible that Avira does not test its software against MBAM, SAS etc?
     
  4. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    701
    SSUPdate.exe is not included in the trial version of DefenseWall, send the file to heuristik2@avira.com and I will fix the detection.
     
  5. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    SSUPdate.exe is part of the SuperAntiSpyware http://www.superantispyware.com/. Nothing to do with DefenseWall.
     
  6. rookieman

    rookieman Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    409
    I just updated my Superantispyware with no probs at all.I'm using Avira Premium though.
     
  7. rookieman

    rookieman Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    409
    My answer to that is how come you got the false positive and I never?My Avira and Superantispyware has the latest definitions as well.
     
  8. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Have you tried to go into the installation folder of SuperAntiSpyware? I'm suggesting this since on one pc of mine had to visit the folder in order to trigger the alert. Actually had no alert using SuperAntiSpyware.

    On my other pc I had the alert appear without running SuperAntiSpyware and when I tried to run the program. Go figure...These are the cases that make me feel really secure.
     
  9. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Same here with Avira premium.I'd guess that the settings for Avira Guard would determine this showing up or not (ie.scan on read turned on or off)
     
    Last edited: Apr 7, 2009
  10. cet

    cet Registered Member

    Joined:
    Sep 3, 2006
    Posts:
    867
    Location:
    Turkey/İzmir
    I am having the same false positive too.I changed the guard heuristics from high to medium and I still get the virus alert.Even putting SSUPDATE.EXE in the guard exception list I still get the false virus alert.This is really annoying.
     
  11. cet

    cet Registered Member

    Joined:
    Sep 3, 2006
    Posts:
    867
    Location:
    Turkey/İzmir
    I sent the file to VirusTotal and the results are:
    AntiVir - - ADSPY/Vundo.bhh
    McAfee-GW-Edition - - Ad-Spyware.Vundo.bhh
    Prevx1 - - High Risk Worm
    So it is not the antivir which has the only false positive.LOL.
     
  12. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    Mcafee GW probably use the same engine as Avira,so it's the same thing ,and Prevx usaully when it comes to other security software tends to give FP's.
     
  13. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Strange really. I've used them both together on my Vista Home (sp1) and WinXP pro (sp3) machines without a hitch. I have heuristics set to high. Must be about 2 years and I've never encountered this FP.

    Ice
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    maybe another piece of malware altered it from its orginal state and Avira caught it.
     
  15. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    I've been using Avira and SAS together for well over a year and just got the alert
     
  16. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    I think this has been fixed now. Update and try..
    So it was an Avira FP. This for those who have doubted or tried to imagine other scenarios.
     
  17. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    If that's the case it's good to see that the FP was swiftly dealt with.Mind you considering the number of people using those 2 utilities together they must have been inundated with reports.
    It does make you wonder about the level of FP quality control though when such a well known product as SAS can be flagged up.
     
Loading...
Thread Status:
Not open for further replies.