Avira detects virus in 360 [NOT ANYMORE]

[sticks]

greetings,

 

Avira detected this in my C files:

 

Virus or unwanted program 'TR/Dropper.Gen2 [trojan]'

detected in file 'C:\Program Files\IObit\IObit Security 360\IS360Init.exe.

Action performed: Deny access

 

Is this a false positive?

 

what is a trojan doing in a IObit exe file?:-(

 

plz advise

[samr]

Hi sticks,

 

Have a look at this thread:

 

http://forums.iobit.com/showthread.php?t=4315

 

samr.

[sticks]

thx!

 

yah.. I saw the posts after I posted...

 

I did submit to Avira so they can fix it!

 

BTW... nice guitar!:grin:

[samr]

Thanks sticks,

 

It's a '65 Strat. Had it about 35 years now. Worn but sweet!

 

samr.

[Cicely]

Hello All,

 

The false positive of file 'IS360Init.exe' has been solved by Avira Virus Lab. And detection will be removed from Avira virus definition file (VDF) with one of the next updates.

 

Alternatively you can see the analysis result here:

http://analysis.avira.com/samples/details.php?uniqueid=ShBqc5tN81BxVyBrm83vsLtyhrhf6VT6&incidentid=376992

[enoskype]

NO VIRUS IN IS 360.

 

PLEASE SEE THIS POST !!

 

Cheers.

[solbjerg]

Thanks to cicely and enoskype

 

Hi cicely

 

Thanks for your feedback - it is appreciated and should alliviate the virus concerns expressed here. :-)

False positives is a pain in the ..., but will crop up from time to time especially when using heuristic scanning. IS360 generates them too!

But people tend to put more trust in their anti-virus applications.

 

Thanks to enoskype too!!

 

Cheers

solbjerg

 

Hello All,

 

The false positive of file 'IS360Init.exe' has been solved by Avira Virus Lab. And detection will be removed from Avira virus definition file (VDF) with one of the next updates.

 

Alternatively you can see the analysis result here:

http://analysis.avira.com/samples/details.php?uniqueid=ShBqc5tN81BxVyBrm83vsLtyhrhf6VT6&incidentid=376992

[lonewolf]

IS360Init.exe STILL False Positive

 

Hello All,

 

The false positive of file 'IS360Init.exe' has been solved by Avira Virus Lab. And detection will be removed from Avira virus definition file (VDF) with one of the next updates.

 

Alternatively you can see the analysis result here:

http://analysis.avira.com/samples/details.php?uniqueid=ShBqc5tN81BxVyBrm83vsLtyhrhf6VT6&incidentid=376992

 

Hi everybody,

 

I have the last Avira virus definition file (VDF) version: 7.1.6.75. But Avira still detects IS360Init.exe as trojan 'TR/Dropper.Gen2.'

 

I think the false positive of file 'IS360Init.exe' has not been solved yet by Avira Virus Lab. and detection is not removed from Avira virus definition file (VDF) with the version: 7.1.6.72. as it is said here: http://analysis.avira.com/samples/details.php?uniqueid=ShBqc5tN81BxVyBrm83vsLtyhrhf6VT6&incidentid=376992

[enoskype]

Hello Everybody,

 

I have sent IS360Init.exe file again to Avira now, and the result is as below:

 

 

Suspicious Files and Miscellaneous Uploads

 

Thank you for your submission. Below you can see the current status of the uploaded files.

-------------------------------------------------------------------------------------------

 

A listing of files alongside their results can be found below:

 

File ID ............. Filename...........Size (Byte)..................Result

-------------------------------------------------------------------------------------------

25464314........ IS360Init.exe ......... 94.27 KB ............. FALSE POSITIVE

 

Please find a detailed report concerning each individual sample below:

 

Filename ................................ Result

-------------------------------------------------------------------------------------------

IS360Init.exe ..................... FALSE POSITIVE

 

The file 'IS360Init.exe' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection is removed from our virus definition file (VDF) with the version: 7.1.6.72.

 

Please note that you will receive an email which will contain the results shown above. In case the final outcome of the analysis is not yet finished for all files the notification will be sent once ready.

____________________________________________________________________________________________________________

 

 

 

Avira users should contact Avira and let them know that their declaration is as above when the sample is sent, even if the definition file (VDF) is 7.1.6.75.

 

Cheers.

[darrenhzx]

the latest scanning in virustotal another false detections from ikarus

Ikarus T3.1.1.72.0 2009.10.06 Downloader.Delphi

 

http://www.virustotal.com/analisis/2fc04d7b670be6e544756be5cbcc7aa97f6c5722d660dde5fc47c2c8db3850fd-1254809567

 

File IS360Init.exe received on 2009.10.06 06:12:47 (UTC)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 3/41 (7.32%)

Loading server information...

Your file is queued in position: 8.

Estimated start time is between 110 and 157 seconds.

Do not close the window until scan is complete.

The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.

If you are waiting for more than five minutes you have to resend your file.

Your file is being scanned by VirusTotal in this moment,

 

Antivirus Version Last Update Result

a-squared 4.5.0.24 2009.10.06 -

AhnLab-V3 5.0.0.2 2009.10.05 -

AntiVir 7.9.1.33 2009.10.05 TR/Dropper.Gen2

Antiy-AVL 2.0.3.7 2009.10.05 -

Authentium 5.1.2.4 2009.10.06 -

Avast 4.8.1351.0 2009.10.06 -

AVG 8.5.0.420 2009.10.04 -

BitDefender 7.2 2009.10.06 -

CAT-QuickHeal 10.00 2009.10.06 -

ClamAV 0.94.1 2009.10.05 -

Comodo 2522 2009.10.06 -

DrWeb 5.0.0.12182 2009.10.06 -

eSafe 7.0.17.0 2009.10.05 -

eTrust-Vet 31.6.6779 2009.10.06 -

F-Prot 4.5.1.85 2009.10.05 -

F-Secure 8.0.14470.0 2009.10.06 -

Fortinet 3.120.0.0 2009.10.06 -

GData 19 2009.10.06 -

Ikarus T3.1.1.72.0 2009.10.06 Downloader.Delphi

Jiangmin 11.0.800 2009.10.06 -

K7AntiVirus 7.10.862 2009.10.05 -

Kaspersky 7.0.0.125 2009.10.06 -

McAfee 5762 2009.10.05 -

McAfee+Artemis 5762 2009.10.05 -

McAfee-GW-Edition 6.8.5 2009.10.06 Heuristic.BehavesLike.Win32.Trojan.L

Microsoft 1.5101 2009.10.06 -

NOD32 4482 2009.10.05 -

Norman 6.01.09 2009.10.05 -

nProtect 2009.1.8.0 2009.10.06 -

Panda 10.0.2.2 2009.10.05 -

PCTools 4.4.2.0 2009.10.05 -

Prevx 3.0 2009.10.06 -

Rising 21.49.22.00 2009.09.30 -

Sophos 4.45.0 2009.10.06 -

Sunbelt 3.2.1858.2 2009.10.05 -

Symantec 1.4.4.12 2009.10.06 -

TheHacker 6.5.0.2.031 2009.10.05 -

TrendMicro 8.950.0.1094 2009.10.06 -

VBA32 3.12.10.11 2009.10.05 -

ViRobot 2009.10.6.1971 2009.10.06 -

VirusBuster 4.6.5.0 2009.10.05 -

[enoskype]

Hi darrenhzx,

 

I have noticed a strange thing in your VirusTotal report that, although

AntiVir 7.9.1.33 2009.10.05 resulted with TR/Dropper.Gen2,

this VirusTotal Report with exactly same version and date, but 6 hours earlier, shows nothing.

 

The Additional Information respectively are:

 

File: IS360Init.exe

File size: 96528 bytes

MD5 : 7e5e55d12670c6029e951da3f40510d7

SHA1 : 788026919cab16113ca75620624c6f815a816a11

SHA256:2fc04d7b670be6e544756be5cbcc7aa97f6c5722d660dde5fc47c2c8db3850fd

PEInfo: PE Structure information

( base data )

entrypointaddress.: 0xB158

timedatestamp.....: 0x4A8A7EF8 (Tue Aug 18 12:14:16 2009)

machinetype.......: 0x14C (Intel I386)

----------------------------------------------------------------------------------

 

File: is360setup.exe

File size: 9304024 bytes

MD5 : adca825742ceacfbe639469de22511f1

SHA1 :91b619c9fa1e87c181dbf7ce3bf593625e0e537d

SHA256:5d51fb2ac3e6b35d3eb173bb6720efebeec8bb2174b375f4a1ace079317ee4e2

PEInfo: PE Structure information

( base data )

entrypointaddress.: 0x163C4

timedatestamp.....: 0x4ABA0151 (Wed Sep 23 13:06:57 2009)

machinetype.......: 0x14C (Intel I386)

 

 

The file you are using seems to be one month older one!!!

 

I think they are not exactly the same files.

 

Cheers.

[enoskype]

Please have a look at THIS post.

 

Cheers.