Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Avira antivirus incorrectly identifies ASC as Trojan


Phil P

Recommended Posts

ASC notified me today that there was a new version of Flash Player. As soon as I clicked on 'update' Avira decided that virtually any files associated with ASC contained a Trojan TR/Decep.IObit.** and shoud be quarantined.

I thought that something had infected ASC so I ran a full scan and then ran Malwarebytes which seemed to confirm my suspicions as it identified all ASC files as needing to be quarantined.

**See seperate Post re Malwarebytes identifying ASC as a PUP in error.**

Once I read the posts in this forum I realised that Avira was identifying a false positive. Unfortunately it is notoriously difficult to tell Avira that a file is OK. You can list it as an exception and it will still quarantine the file.

So I swopped to Avast. :-)

This post is intended as a heads-up for anyone else experiencing the same problem and also for IObit so try and rectify.

Link to comment
Share on other sites

Exactly the same for me 2 days ago.

Even the free version re-installation failed immediately the same supected pattern was recognized by AVIRA.

The PRO version of ASC 10.2 was a succès while installing but immediately 26 EXE's where put in quarantine.

I has to disable temporarely the RT protection and put a new exception to be capable of running ASC 10.2

I do'nt believe completely thsi is a false positive.

Something in the coding must be repetitive to be detected by AVIRA (see attachment)

I sended a possible false positive ti AVIRA.

 

Jojoke

Link to comment
Share on other sites

I am having just the same problem as above. I have been using Avira Pro for years and also ASC and Malware Fighter, IObit Uninstaller, Smart Defrag with no problems at all.

 

I switched on my PC this morning and it took a lot longer than usual to boot. I went off for a moment, came back and found that Avira was running and told me that I had lots of TR/Decep.IObit.XX files on the system. I thought there might have been an error and re-ran Avira and got the same result.

 

ASC 10 now does not run correctly and some components need to be downloaded, such as Winfix and Internet Booster, which when I try to download Avira flags them as containing harmful files and copies them to quarantine. However, some components do work. I have not checked them all.

 

I have sent all these files to Avira and they all come back as correctly identified. I also looked at the Avira Virus Lab page here

https://www.avira.com/en/support-virus-lab?vdl[first]=T and I see that they have suddenly started listing many (well, 13) TR/Decep.IObit.XX files as Trojans. Why now all of a sudden?

 

If anyone can explain why this has started to happen and what can be done, I'd love to know. Screenshot is a partial view of my Avira quarantine older which now contains 71 items!

 

 

Link to comment
Share on other sites

Following my post above, just after sending it I received an email from Avira regarding one of the many file submissions I sent them. It says the file in the submission I made was 'KNOWN CLEAN'.

 

Unfortunately I cannot determine from their email just what file they are referring to!

 

This is what I received -

 

Dear Sir or Madam,

 

Thank you for your email to Avira's virus lab.

Tracking number: INC02129774.

We received the following archive files: [TABLE]

[TR]

[TD]File ID[/TD]

[TD]Filename[/TD]

[TD]Size (Byte)[/TD]

[TD]Result[/TD]

[/TR]

[TR]

[TD]28974168[/TD]

[TD]quarantine.zip[/TD]

[TD]299.17 KB[/TD]

[TD]OK[/TD]

[/TR]

[/TABLE]

A listing of files contained inside archives alongside their results can be found below: [TABLE]

[TR]

[TD]File ID[/TD]

[TD]Filename[/TD]

[TD]Size (Byte)[/TD]

[TD]Result[/TD]

[/TR]

[TR]

[TD]132373114[/TD]

[TD]005b15c1.vir[/TD]

[TD]590.78 KB[/TD]

[TD]KNOWN CLEAN[/TD]

[/TR]

[/TABLE]

Please find a detailed report concerning each individual sample below: [TABLE]

[TR]

[TD]Filename[/TD]

[TD]Result[/TD]

[/TR]

[TR]

[TD]005b15c1.vir[/TD]

[TD]KNOWN CLEAN[/TD]

[/TR]

[/TABLE]

The file '005b15c1.vir' has been determined to be 'KNOWN CLEAN'. In particular this means that we could not find any malicious content.

Alternatively you can see the analysis result here:

<Removed by Borborygmus>

An overview of all your submissions can be found here:

<Removed by Borborygmus>

Please note: If you have specific questions, please visit our website http://www.avira.com/en/support for further details.

 

Kind regards

Avira Virus Lab

 

---------------------------------------------

Avira Operations GmbH & Co. KG

Kaplaneiweg 1, 88069 Tettnang, Germany

Phone: +49 (0) 7542-500 0

Fax: +49 (0) 7542-500 3000

Internet: http://www.avira.com

 

CEO: Travis Witteveen

Headquarter: Tettnang

Commercial register: AG Ulm HRB 630992

---------------------------------------------

Link to comment
Share on other sites

I'm having same problem. I have been using Avira PRO, ASC and Smart defrag for years.

Approximately 1 to 2 weeks have passed since updating to ASC 10.

Today, Avira pro is detect virus on all of IOBIT softwares.

I am thinking very seriously about this problem. This software became untrustworthy.

Link to comment
Share on other sites

I'm having same problem. I have been using Avira PRO, ASC and Smart defrag for years.

Approximately 1 to 2 weeks have passed since updating to ASC 10.

Today, Avira pro is detect virus on all of IOBIT softwares.

I am thinking very seriously about this problem. This software became untrustworthy.

 

I agree, but which software is maybe untrustworthy? Is it IOBit software or is it Avira software?

 

And why would Avira suddenly start finding that almost every piece of IOBit software is suspect?

 

My ASC Pro is due for renewal next month and I think I shall put that on hold until I get some answers from IOBit. Also my Avira Pro is due for renewal in June and I might delay that as well.

 

As I typed the above, Avira popped up to tell me that two more incidents of malware have appeared in IOBit products,

 

Then a window popped up from IOBit Uninstaller that there was an incomplete uninstall of Rogue Killer, a heavy duty malware removal tool. I did not ask for Rogue Killer to be removed so it looks as though some software has decided to do it without being told by me. This looks serious if maybe something by Avira is letting this happen. I think it would not be IOBit that would automatically remove anti-malware software.

 

 

 

Link to comment
Share on other sites

From another post I made in a different thread on here.

 

There seems more to this issue than meets the eye, and it could be that we consumers may be the victims of spats and disputes between large software companies attempting to deny users the use of rival companies products, and in doing so, deny us the use of software we have legitimately paid for.

 

I have managed to find more information on previous disputes between IOBit and MBAM, and it is well worth looking here - https://forums.malwarebytes.com/topi...tual-property/ for more details.

 

What seems to be inferred in my searches is that some large AV companies may be colluding in adding other companies legitimate software to their PUP lists and that is not only to the detriment of the companies whose software is being denied, but also to the users who which only yo use what they have paid for.

 

This seems very high-handed and even arrogant. From my point of view I will just stop using software which denies me the use of other software I have bought and paid for.

 

Now that MBAM have issued their recent policy change to PUPs, other AV and anti-Malware companies just seems to be unquestioningly copying them and so there will be more and more of these programs 'taking over' your PC and disallowing access to software you have bought and paid for, and have been using without problems for years.

 

Try reading these links and make your own minds up as to what seems to be happening.

 

https://forums.malwarebytes.com/topi...tual-property/

 

https://www.enigmasoftware.com/legal...-complaint.pdf This is a MUST READ

 

http://forums.iobit.com/forum/advanc...-asc-as-trojan

 

https://www.google.co.th/search?q=io...hrome&ie=UTF-8

 

https://www.bleepingcomputer.com/for...iobit/?hl=+asc

 

http://www.thewindowsclub.com/malwar...wanted-program

 

https://forums.malwarebytes.com/topi...-up-my-pc-why/

 

Link to comment
Share on other sites

From another post I made in a different thread on here.

 

There seems more to this issue than meets the eye, and it could be that we consumers may be the victims of spats and disputes between large software companies attempting to deny users the use of rival companies products, and in doing so, deny us the use of software we have legitimately paid for.

 

I have managed to find more information on previous disputes between IOBit and MBAM, and it is well worth looking here - https://forums.malwarebytes.com/topi...tual-property/ for more details.

 

What seems to be inferred in my searches is that some large AV companies may be colluding in adding other companies legitimate software to their PUP lists and that is not only to the detriment of the companies whose software is being denied, but also to the users who which only yo use what they have paid for.

 

This seems very high-handed and even arrogant. From my point of view I will just stop using software which denies me the use of other software I have bought and paid for.

 

Now that MBAM have issued their recent policy change to PUPs, other AV and anti-Malware companies just seems to be unquestioningly copying them and so there will be more and more of these programs 'taking over' your PC and disallowing access to software you have bought and paid for, and have been using without problems for years.

 

Try reading these links and make your own minds up as to what seems to be happening.

 

https://forums.malwarebytes.com/topi...tual-property/

 

https://www.enigmasoftware.com/legal...-complaint.pdf This is a MUST READ

 

http://forums.iobit.com/forum/advanc...-asc-as-trojan

 

https://www.google.co.th/search?q=io...hrome&ie=UTF-8

 

https://www.bleepingcomputer.com/for...iobit/?hl=+asc

 

http://www.thewindowsclub.com/malwar...wanted-program

 

https://forums.malwarebytes.com/topi...-up-my-pc-why/

 

I agree that there are many similar cases that this issue.

 

Actually, after I wrote other post, I confirmed some additional issue.

1. After updating ASC 10.2, a virus was detected. (Other laptops using ASC do not detected viruses because laptop have not yet updated.)

2. On a PC not using Avira AV, no virus was detected. (until now)

 

I can not concluded what kind of software is untrusted software.

However, I think there is a problem with IOBIT's response.

It is necessary to notify the consumer that the IOBIT software has no problem and to reassure the consumer using a quick update.

Link to comment
Share on other sites

Hi everyone

 

Our programs are absolutely clean and so sorry about the detection by Avira. Currently, we are contacting them to remove the detection and our experts are diligently working on this issue.

 

To solve the issue temporarily before get it solved, please refer to the solution to add IObit programs into exceptions for Avira antivirus.

1. Launch Avira program and turn off Real-time Protection temporarily.

2. Download ASC from the link and reinstall it: http://www.majorgeeks.com/files/deta...emcare_10.html

3. Click the Settings icon behind Scan system on the main screen. Another window will pop-up.

4. Go to ‘PC Protection’, click on ‘Exceptions’under ‘Scan’. Here, please add the following items to be omitted by scanner.

 

1) Installation folder.

By default, the program is installed on Disk C: \ as following:

C:\Program Files\IObit\ (32bit computer)

C:\Program Files (x86)\ IObit\ (64bit computer)

Note: If your program is not installed on Disk C:, please right click on the desktop icon of the program and choose Open file location.

 

2) %appdata%\IObit

3) %programdata%\IObit

4. Click on ‘Real-Time Protection’, and select ‘Exceptions’ under ‘Scan’. Here, please also add the same items as above to be omitted by Real-time Protection.

Thanks for your understanding.

Link to comment
Share on other sites

hurry up!

"temporarily" solution is not a solution, cause Avira doesn't allow create exception with recursive subdirectories, and ASC has a great bunch of that...

 

Hi myf,

 

We are still working on this, which may take some time. Please try our detailed steps to add IObit programs into exceptions for Avira antivirus.

 

Much appreciated for your understanding.

Link to comment
Share on other sites

Hi everyone,

 

The false positive made by Avira has been removed in our latest version. Please re-install the latest version from the links below:

 

From MajorGeeks: http://www.majorgeeks.com/files/details/advanced_systemcare_10.html

 

From Download.com: http://download.cnet.com/Advanced-SystemCare-Free/3000-2086_4-10407614.html?part=dl-&subj=dl&tag=button

 

Thanks.

 

 

 

 

 

 

Link to comment
Share on other sites

Can we combine these threads under one topic? Maybe name the topic: Security Software Effecting ASC

 

http://forums.iobit.com/forum/advanced-systemcare/advanced-systemcare-v10/219679-malwarebytes-quarantines-advanced-systemcare10

 

 

Hi supertweaker,

 

These threads are about different safety programs and maybe it's easier to find relevant content under different topics.

 

Thanks and best regards.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...