Page 1 sur 2
[Solved] FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:02Today my Avira Anti-Virus [Avira Premium Security - Product version 9.0.0.392, Search Engine version 8.02.01.180] started giving alert! for file "RealtimeSync.exe" residing inside the application folder of "FreeFileSync" as ADSPY/AdMedia.IB Adware or Spyware.
I uploaded the file to virustotal.com and got the following results 4/42 (9.53%).
The report link is here
Any Idea??
Is it a FALSE POSITIVE?? OR....
I uploaded the file to virustotal.com and got the following results 4/42 (9.53%).
The report link is here
Any Idea??
Is it a FALSE POSITIVE?? OR....Re: FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:16Hello akhouri_sarvesh.
It's very certainly a false positive.Result on Virus Total indicate : Riskware, potentially unwanted program, or not a virus.
When an app accesses processes near the core of Windows they are often regarded as potentially dangerous by the antivirus. The more processes are neighbors, the more they are often regarded as dangerous.
JP4U
It's very certainly a false positive.Result on Virus Total indicate : Riskware, potentially unwanted program, or not a virus.
When an app accesses processes near the core of Windows they are often regarded as potentially dangerous by the antivirus. The more processes are neighbors, the more they are often regarded as dangerous.JP4U
Re: FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:19False positive or real adware ?
Identified by Kaspersky as an Adware...
Identified by Kaspersky as an Adware...
Re: FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:28Issue is reported on bugs tracker page.
Re: FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:29You are right. But I was little confused because although
McAfee+Artemis detected it as potentially unwanted program Artemis!C4EF8C3AF93A.
It is not a virus - but could it be a adware/spyware?
still a threat !!....
- aSquared detected it as Riskware.AdWare.Win32.AdMedia!IK
- Ikarus detected it as not-a-virus:AdWare.Win32.AdMedia
- Kaspersky detected it as not-a-virus:AdWare.Win32.AdMedia.ib
McAfee+Artemis detected it as potentially unwanted program Artemis!C4EF8C3AF93A.
It is not a virus - but could it be a adware/spyware?
still a threat !!....Re: FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:34If you want to validate if it is an adware, you can check (and clean) the admedia traces in registry and windows folder:
http://www.exterminate-it.com/malpedia/remove-admedia
http://www.exterminate-it.com/malpedia/remove-admedia
Re: FreeFileSync - Is it False Positive ?
Posté: 09 Mars 2010, 15:39skybird a écrit:Issue is reported on bugs tracker page.
Thanks for the Info !!
Dji a écrit:If you want to validate if it is an adware, you can check (and clean) the admedia traces in registry and windows folder:
http://www.exterminate-it.com/malpedia/remove-admedia
Thanks for the link. I will try to check.
Re: FreeFileSync - Is it False Positive ?
Posté: 10 Mars 2010, 10:39Hello akhouri,
Some news :
Some news :
zhnmju123 (FreeFileSync Project Administrator) a écrit:Definitively a false positive:
I recompiled v3.4 again:
http://www.file-upload.net/download-233 ... c.exe.html
The total difference of v3.4 new and v3.4 official is 6 bytes! Still
totally different virus scanners suddenly find this adware. This is clearly
a heuristic failing its job:
official:
http://www.virustotal.com/analisis/8ec8 ... 1268121250
new:
http://www.virustotal.com/de/analisis/0 ... 1268157216
Re: FreeFileSync - Is it False Positive ?
Posté: 12 Mars 2010, 00:12Thanks for the News !!
I will wait for the new release....
Since it is mentioned by the Author that 3.3 version also had some virus type patterns.
I am not sure WHY a virus type pattern may not be a virus indeed ?
I will wait for the new release....
Since it is mentioned by the Author that 3.3 version also had some virus type patterns.
I am not sure WHY a virus type pattern may not be a virus indeed ?
Re: FreeFileSync - Is it False Positive ?
Posté: 12 Mars 2010, 09:23heuristic detection is not an exact science 