Today my Avira Anti-Virus [Avira Premium Security - Product version 9.0.0.392, Search Engine version 8.02.01.180] started giving alert! for file "RealtimeSync.exe" residing inside the application folder of "FreeFileSync" as ADSPY/AdMedia.IB Adware or Spyware.

I uploaded the file to virustotal.com and got the following results 4/42 (9.53%).

The report link is here

Any Idea?? Is it a FALSE POSITIVE?? OR....

Hello akhouri_sarvesh.

It's very certainly a false positive.Result on Virus Total indicate : Riskware, potentially unwanted program, or not a virus.

When an app accesses processes near the core of Windows they are often regarded as potentially dangerous by the antivirus. The more processes are neighbors, the more they are often regarded as dangerous.


JP4U

False positive or real adware ?
Identified by Kaspersky as an Adware...

Issue is reported on bugs tracker page.

You are right. But I was little confused because although

• aSquared detected it as Riskware.AdWare.Win32.AdMedia!IK
• Ikarus detected it as not-a-virus:AdWare.Win32.AdMedia
• Kaspersky detected it as not-a-virus:AdWare.Win32.AdMedia.ib

BUT
McAfee+Artemis detected it as potentially unwanted program Artemis!C4EF8C3AF93A.

It is not a virus - but could it be a adware/spyware? still a threat !!....

If you want to validate if it is an adware, you can check (and clean) the admedia traces in registry and windows folder:
http://www.exterminate-it.com/malpedia/remove-admedia

skybird wrote:Issue is reported on bugs tracker page.

Thanks for the Info !!

Dji wrote:If you want to validate if it is an adware, you can check (and clean) the admedia traces in registry and windows folder:
http://www.exterminate-it.com/malpedia/remove-admedia

Thanks for the link. I will try to check.

Hello akhouri,

Some news :

zhnmju123 (FreeFileSync Project Administrator) wrote:Definitively a false positive:
I recompiled v3.4 again:
http://www.file-upload.net/download-233 ... c.exe.html

The total difference of v3.4 new and v3.4 official is 6 bytes! Still
totally different virus scanners suddenly find this adware. This is clearly
a heuristic failing its job:

official:
http://www.virustotal.com/analisis/8ec8 ... 1268121250
new:
http://www.virustotal.com/de/analisis/0 ... 1268157216

Thanks for the News !!

I will wait for the new release....

Since it is mentioned by the Author that 3.3 version also had some virus type patterns.

I am not sure WHY a virus type pattern may not be a virus indeed ?

heuristic detection is not an exact science