Avira Probs

Discussion in 'other anti-virus software' started by Albinoni, Dec 9, 2007.

Thread Status:
Not open for further replies.
  1. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    I've downloaded a software called Advanced IP Scanner and installed it onto my desktop. Now during the installation process Avira kept popping up warning me that a virus or unwanted program was found, quite surprisingly when I'm running NOD32 ISS on my laptop and I dont get this error or warning from NOD32 ISS.

    In the options on Avira I did choose Ignore and it just keeps popping up and warning me, plus I doubt this software is a virus or trojan.

    www.famatech.com
     
  2. Arup

    Arup Guest

    Add it to exceptions.
     
  3. JohnnyBravo

    JohnnyBravo Registered Member

    Joined:
    Jan 26, 2006
    Posts:
    82
    Add it to exceptions.
     
  4. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    if you had nod set to automatic setting you will not ever see the pop ups.. if you had nod set to interactive mode nod def is better about the answer once and be done with it than avira. the one item i am not super fond of with the avira suite is the firewall
     
  5. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    What name does Avira give to it?
    I assume is something beggining with APPL\ or SPR\ which are just possibly dangerous applications or security risk software. Generally, Avira recommends not to have them enabled for personal computers.
     
  6. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    Also just to let you know I'm using the free version of Avira not their ISS.
     
  7. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    It comes up as SPR.

    Basically this is what I get:

    SPR/Tool.IPScan
     
  8. R8y

    R8y Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    33
    Location:
    South Africa
    Are you sure? The Free Avira version is the classic which does NOT come with Adware/Spyaware Detection, So this detection of SPR/TOOL.IPSCAN is from?? o_O
     
  9. FRug

    FRug Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    309
    SPR has nothing to do with ADWare/Spyware and is not a limitation of the free version. But it is deactivated by default for a reason.
     
  10. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Sometimes IP scanners are considered as HackTools by AV and added to detections... these are IMO "grey" areas where its debatable whether they should be added to detections or not, so all AVs may not add it. They're not malicious in themselves though and wont do harm to your computer... although sometimes hackers may put it into a victim's computer and do scans via the zombie so they don't get traced as the ones doing the scan and get suspicions.
     
  11. R8y

    R8y Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    33
    Location:
    South Africa
    Thank you for pointing this out. I mistaken this SPR/ with spyware category. :p
     
  12. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    So whats the answer ??

    And yes I am using Avira Personal Edition classic.
     
  13. R8y

    R8y Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    33
    Location:
    South Africa
    It's a Security Piracy Risk program defined by Avira. This is actually a grey area for Antivirus products and software vendors. These tool may pose a risk/threat to user and some antivirus program have the option to detect it, althought with different names such as SPR from Avira, not-a-virus.risktool from Kaspersky and Potential unwanted Program by Mcafee. Due to legal issues most of the antivirus will not detect such program by default and user need to decide him/herself that if you would like to use it.
     
  14. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Add it to exceptions as previously stated by users
     
  15. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    IMHO , It's not detected as a virus, but a Security/Privacy Risk (SPR).

    If it was installed without your knowledge, and if possible used maliciously, then it could be a different story.

    So you could either add this to exceptions, or disable SPR detections in extended threat categories (default setting), in configuration, to avoid the detection popups in your case.

    Looking at Virustotal, ipscan15.exe
    File has already been analysed:
    MD5: b7959a4332d8b57325b1ca6d382dc681
    Date: 11.16.2007 13:54:06 (CET) [>23D]
    Results: 0/32
    Permalink: http://www.virustotal.com/resultado.html?539ed28ff3d29b3d1e690b42e2f48e9e


    Again that's my opion.
     
  16. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Exactly as I supposed. R8y explained what is all about here, so basically when you find such a thing you could exclude it or delete it regarding the source of your file and your knowledge of what is this program doing. :)
     
  17. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Add it to exceptions.

    It's a righteous alert. Not everyone is a flasher who suddenly flips open his raincoat. Even so, it's best to be put on notice when such a fellow visits your kid's playground.:shifty:
     
  18. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Uncheck SPR and Applications. These categories were checked by default in Avira until the Sept upgrade. At that time Avira unchecked them by default because of so many FP's. I can't use Avira with those checked as Avira will alert on half my programs. That's an exaggeration but it does alert a great deal if I have those checked. Excluding is not that easy with Avira either). Avira thinks most everything is a virus so you have to do whatever possible to mitigate all the FP's you get with Avira. it is the one bad thing about Avira.
     
  19. Leo2005

    Leo2005 Registered Member

    Joined:
    May 31, 2007
    Posts:
    179
    Location:
    Braunschweig (Germany)
    these are NO false Positive!!
    if they were they wouldn't be detected. I don't no if you evere read the helpfile with the explanation of this detections. SPR (Security Privacy Risk) means files, which are not malware but could be used as such or has functions similar to malware, such as terminating processes ..
    APPL (Applicytions) means files from suspicious sources. this function was never activated in the personal edition. it is used in the professional version of antivir.
     
  20. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    It is one of the good things about Avira. We have them all checked-even beyond the Avira default values. We have dozens of boxes and hundreds of programs and many terabytes of data, and have never had a FP. Use it for full protection.
     
  21. Arup

    Arup Guest

    On Avira premium I have SPR checked, all of them, heuristics on high for scanner and guard, no FPs.
     
  22. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    Same here.
     
  23. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    They ARE FP's! Avira is the ONLY vendor who detects them. You detect PSkill.exe from Sysinternals. It makes Avira look like an idiot. You detect a bunch of stuff that is in no way a virus. You cannot claim with a straight face that programs from Sysinternals are "from suspect sources". You cannot claim that about a single program that Avira has detected on my computer. None of them are from suspect sources and ONLY Avira detects them. The authors have nicely asked Avira to stop detecting (such as the author of EvID4226patch.exe and Avira will not do so because Avira wants to push its moral standards on all users. I don't know how Sysinternals programs are amoral nor how the tcpip.sys is amoral (Microsoft made a stupid mistake in SP2 and we users have to fix it or continue to use SP1) but I had an Avira employee tell me they are. Not everyone uses P2P to steal movies and it is not Avira's place to make a decision about the use of either of these programs.


    An antivirus program is supposed to detect viruses, worms, trojans and not spyware or suspect programs. Spyware should be detected by a separate antispyware program and suspect programs should not be detected at all. Avira wants to become Symantec and detect net nanny programs? That is right where you are headed. Leave the spyware to anti spyware vendors. That is why we all use a layered approach. Putting all your eggs in one basket is extremely risky and stupid.
     
  24. R8y

    R8y Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    33
    Location:
    South Africa
    As I had mentioned above, this is a grey area, some claims false positive, some stated those are riskware type. PSkill.exe is detected not just by Avira, but Kaspersky and a few others also flag it as not-a-virus.risktool. Same goes for the evid program, which mcafee also detect it as a tool or PUP.

    Security solutions had become more intergrated then before, some product includes Antivirus, Anti-spam, Anti-spyware/adsare, Anti-phishing, Anti-rootkit, Anti-hacker (Firewall), Parental Contral, Adblocker all in one. I think these packages are mainly cater for the cyber security uninformed individuals (Market segmentation), whom prefers one product sort out all problems. In the other hand for frequent visitors of wilders, we will always customize our own protections, don't we?

    It's a very contraversial topic
     
  25. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    One thing to keep in mind is, Avira is working on a new engine that is different then version 7. So I would think the end result would be a positive one when it comes to issues as this. Actually some surprises have yet to be unleashed.;) :)
     
Loading...
Thread Status:
Not open for further replies.