Is Deep Freeze Really Clean?

Discussion in 'sandboxing & virtualization' started by camelia, Apr 16, 2013.

Thread Status:
Not open for further replies.
  1. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Hi,

    I wonder why always I have FP with latest DFE Version and Avira Internet Security...

    01Avira.JPG

    Avira is a good Antivirus but I will never be happy about any software that tries to install a useless Toolbar..

    If i were in panic about this FP should I pay extra? That is what suggest me their new service...
     
    Last edited: Apr 16, 2013
  2. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Well, back to the topic...

    Here are some screenshots where Avira detects DFE as trojan

    02Avira.JPG

    03Avira.JPG

    04Avira.JPG

    05Avira.JPG

    Avira Removes some files and now I don't have the DFE icon in my tray, but I have a hidden object... Which one? The report only reads

    Starting search for hidden objects.
    Hidden driver
    [NOTE] A memory modification has been detected, which could potentially be used to hide file access attempts.

    06Avira.JPG

    I give up

    Thanks

    Came
     
  3. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    it is official Avira declared file DFServ.exe as malware

    08Avira.JPG

    How could install this software for my small school if it contains malware?

    Any other suggestion? No SD

    TIA

    Cam
     
  4. Jim1cor13

    Jim1cor13 Registered Member

    Joined:
    Aug 4, 2012
    Posts:
    453
    Location:
    US
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Hi Cam :)

    Thank you for your detailed information on how Avira is handling DeepFreeze files. I would think this is a false positive, although I have never used DF.

    I would suggest submitting your details and what Avira analysis has stated to Faronics. This is something that must be worked out between Faronics and Avira in my opinion. At least let Faronics know and be aware that some of their modules are being flagged as malware by Avira so they can handle it from their end. Also, I would include your screen shots detailing what Avira IS is stating so they can see how it is being handled.

    Hope that helps :)

    Jim
     
  5. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues


    Thank you Jim, you gave me a great idea so I sent an email support@faronics.com, with this issue, I will post back what they reply

    Cam
     
  6. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    If you sent the detection, as suspicious , it will come back as malware. You must send the sample as a suspicious false positive :)
     

    Attached Files:

  7. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Hi mick92z

    Where is that option in order to send the sample as a suspicious false positive?

    BTW IMHO the advice by Jim1cor13 is the correct one

    TIA

    Cam
     
  8. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    You can send sample via this link, https://analysis.avira.com/en/submit Just drag and drop, it clearly says suspicious file or suspected FP.
    Alternatively, if the file has been quarantined, go to quarantine, right click on the file, and choose ' send file ' , From my previous picture https://www.wilderssecurity.com/showpost.php?p=2217912&postcount=6 you will see the drop down options of suspicious file or suspicion of FP. :)
    If it is a FP, and update will be made to stop Avira from flagging the file
     
  9. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    2,825
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Almost every AV that I run or have run, states Deep Freeze as a virus. Its quite annoying. I submit the files as a fp and it never seems to get fixed. I end up creating an override for it and I'm done.
     
  10. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    This is the reply from Faronics


    ~Private information removed per forum TOS. Use your own wording.~

    Now...

    If a software is clean is clean, period.
    I don't have to add exceptions!!!
    :mad:

    Same issue with Drive Vaccine?
    http://www.drivevaccine.com/

    PLK

    Cam
     
    Last edited by a moderator: Apr 18, 2013
  11. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    I am very sorry to post private information

    Here I go again

    Dear me,

    The only option we have is to report the Deep Freeze file as False Positive to Avira.

    ---

    Faronics has to report it with all the antivirus, NOT only Avira :mad:

    Thank you

    Cam
     
  12. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Hi

    Now, king of FP's in town aka HitmanPro

    01hitmanpro.JPG

    Thank you
    Cam
     
    Last edited by a moderator: May 11, 2013
  13. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Hello cam,
    Have you uploaded the file to virustotal and jottiscan etc.?

    You may get more information this way.
    Sorry if it does not help you.

    Regards.
     
  14. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Hi AMIGA500,

    Yup I have uploaded some file to virustotal and jotti scan, they are clean, I will do a list later of these files...

    Meanwhile I will continue uploading some screen shots of antivirus, firewalls and anti-malware and what they report about Deep Freeze...

    Outpost Firewall Pro V. 8.0

    01OFWP8.JPG

    NEXT avast! Pro Antivirus

    Thank you

    Came
     
  15. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Re: Is Deep Freeze Really Clean? And AIS 2013 paid version issues

    Hi,

    avast! Pro Antivirus screen shot

    03avast.JPG

    NEXT KIS Or KAS

    Thank you

    Came
     
Loading...
Thread Status:
Not open for further replies.