SAS v5.0.1108 being reported as trojan by AntiVir antivirus

[mandelmus]

I just installed the latest version of SAS v5.0.1108 and, now, AntiVir antivirus software is reporting SUPERANTISPYWARE.EXE as a trojan = TR/Spy.Spatet.BC Trojan

[naty1dnt44]

I just installed the latest version of SAS v5.0.1108 and, now, AntiVir antivirus software is reporting SUPERANTISPYWARE.EXE as a trojan = TR/Spy.Spatet.BC Trojan

Same here!

[Seth]

Hello.

It's an Avira false positive.

https://forums.superantispyware.com/index.php?/topic/5049-spyspatetbc-detected-in-executable-update-failed/

[Kabocha]

Same here, but not only with the .exe file, another files of this program appears as the same Trojan too :S

[Nitrothor]

Regarding this problem with AntiVir, I chose to exclude the entire program files folder for SAS from AntiVir's Guard.

In order to do this:

1. In the main window of AntiVir, click "Configuration".

2. Put a check in the box that says, "Expert Mode".

3. Go to: Guard > Scan > Exceptions

4. In that window, find "File objects to be omitted by the Guard".

5. Search for your SAS program files folder by clicking, "..."

6. Then click, "Add".

7. At the bottom of the window, click "Apply"; then "OK".

This solved the whole problem for me.

Additionally, if you have AntiVir set to automatically delete any malware finds, then installing the latest version of SAS simply will not be possible. In order to work around this issue, I have my AntiVir scanner set as follows:

1. Again, in the "Configurations" panel, make sure there is a check in the "Expert Mode" box.

2. Go to: Scan > Scanner > Action on detection

3. Put a dot where it says, "Interactive", (NOT "Automatic"!).

4. At the bottom of the window, click "Apply" and then "Ok".

This will prevent AntiVir from outright deleting the "SuperAntiSpyware.exe" file.

I tend to use maximum heuristic on AntiVir's Guard and Scanner. However, when one opts to do that, false positives are likely to occur. However at the same time, AntiVir is not going to miss anything either.

My suggestion is to "know" what programs you have installed and are running on your computer. Sadly, many poorly designed programs run in the background where the software designer wants their programs to be subtly screaming at their clients all the time, hogging and bloating computer resources, even if you are not actively using them at the moment. Many of these programs can be manually altered in your "Services" panel.

If you do not know what you are running on your computer, then you might not be able to discern what is a false positive or not. The Windows Task Manager is the place to start, in order to find out what is running on your computer. However, if you are suspecting some process to be malware, you can also go to SAS's main interface and down in the lower left you will see a link that says, "Find out what's running on your computer!". Click that link. Your browser will open. Follow the prompts. Shortly in your browser window you will see an entire printout of all the processes that are running on your computer. Additionally, you can see the location pathway of each process that is running. This is helpful information, so that you can determine whether it is a valid program in your program files folder. I make it a point to study this list regularly. I also print these out to a [dated] PDF so that I can compare my running processes over time.

I hope this helps.

-Nitrothor