Virus IDP.ALEXA.51 in Birdiesync.exe ?

If BirdieSync 3.x constantly replaces your girlfriend's photo with your mother's one, this forum is for you...
jkohan
Posts: 3
Joined: Mon Feb 15, 2016 2:49 pm

Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by jkohan » Mon Feb 15, 2016 2:55 pm

Hi. Today AVG started to warn that Birdiesync.exe contains this malware.
I dont know whether my installation was compromised or Birdiesync contains code that makes AVG throw a false positive.
Anybody is experimenting this ?
Thanks,

Javier

Birdy
Site Admin
Posts: 3015
Joined: Tue Apr 18, 2006 11:43 am
Contact:

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by Birdy » Mon Feb 15, 2016 5:35 pm

Hello Javier,

Anti-virus use heuristics, and not perfect algorithms to detect viruses. So they try to "guess" if a file could be infected and sometimes they signal "false positive".
Each time in the past an anti-virus detected BirdieSync as a virus, it was a false positive.
I submitted last BirdieSync.exe (version 3.0.0.6) to http://www.virustotal.com and no virus was detected. You may also do it with your own version.
It will test this file with more than 40 different anti-viruses (AVG is among them). If your anti-virus is the only one to detect the file as a virus, then it's very likely a false positive.
You may then signal this false positive to the antivirus editor so that they correct their heuristic.
Also ensure that your anti-virus is up-to-date with the lastest virus database.
Thanks.
Birdy

jkohan
Posts: 3
Joined: Mon Feb 15, 2016 2:49 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by jkohan » Tue Feb 16, 2016 12:33 am

Hello Birdie. I just downloaded BS 3.0.0.6 to reinstall (because this morning, in the doubt, I clicked "protect me" in AVG and it quarantined birdiesync.exe). When i try to install, AVG stops saying Birdiesyncsetup.exe is infected by an "Unknown" virus).
I´m using AVG Free in Win10 Pro.

Birdy
Site Admin
Posts: 3015
Joined: Tue Apr 18, 2006 11:43 am
Contact:

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by Birdy » Tue Feb 16, 2016 1:02 am

I installed last version of AVG Free and had no problem installing BirdieSync version 3.0.0.6 (dowloaded from BirdieSync web site). I also scanned BirdieSync.exe and no problem was detected.

AVG Free version 16.41.7442
Virus Database: 4530/11633 (2/15/2016, 10:56PM)

I also analyzed again BirdieSync.exe on virustotal and no problem was detected with 54 different antivirus.

Which version of AVG do you have ? Which version of virus database ?
(you may check it in "Protection Free"", in menu "Options/About AVG", and if necessary update your software and database with menu "Update from Internet").
Birdy

jkohan
Posts: 3
Joined: Mon Feb 15, 2016 2:49 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by jkohan » Wed Feb 17, 2016 6:26 pm

Hello. After last night actualization of AVG ( this time asked me to reboot), I could install BIrdiesync normally.
Thank you for your help.
Regards

Javier

pkfraser
Posts: 7
Joined: Fri Jan 07, 2011 4:59 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by pkfraser » Thu Jul 21, 2016 7:13 pm

Just had the same problem - AVG flagged a "threat" associated with the birdiesync.exe file when I did a restart on the PC, so I "removed" it.

This seems to have removed Birdiesync from the PC altogether. When I now run the setup, it says that it cannot write to the birdiesync.exe file.

I have disabled AVG and run the setup again, but I still get the error.

Apart from blaming MS (again!) what can I do?

Thanks.

Birdy
Site Admin
Posts: 3015
Joined: Tue Apr 18, 2006 11:43 am
Contact:

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by Birdy » Fri Jul 22, 2016 8:27 am

Hello pkfraser,

I checked BirdieSync.exe (3.0.1.1) with virustotal and no problem was found with 52 antivirus, including AVG (with update 20160722).
Could you please ensure you have the latest version of AVG software, including the latest update of the virus definition database ?
Thanks.
Birdy

pkfraser
Posts: 7
Joined: Fri Jan 07, 2011 4:59 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by pkfraser » Fri Jul 22, 2016 8:46 am

AVG says that it is up to date...
AVG Version: 2016.0.1601
Virus database version: 4627/12659 (22nd July 2016).

I "allowed" the "threat" in AVG, and can run the Birdiesync setup (with AVG still on) until I get the message "Error opening the file for writing" for the .exe file.
Do you reckon that AVG has messed things up?
Thanks.

pkfraser
Posts: 7
Joined: Fri Jan 07, 2011 4:59 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by pkfraser » Fri Jul 22, 2016 8:59 am

What I don't understand is that it says there is an error opening the file for writing, when the file has not been created...

Birdy
Site Admin
Posts: 3015
Joined: Tue Apr 18, 2006 11:43 am
Contact:

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by Birdy » Fri Jul 22, 2016 9:36 am

Do you have a "BirdieSync" directory already created in Program files (x86) ? (if yes, remove it manually)
Does the problem only occurs with BirdieSync.exe ? I mean, can BirdieSyncSetup install other files in BirdieSync directory before stopping on BirdieSync.exe ?

When you look at the icon of BirdieSyncSetup.exe, do you see the small UAC shield in yellow and blue ? (indicating that BirdieSync will need to be run as administrator)
When you launch BirdieSyncSetup.exe do you have the "User Account Control" (UAC) window asking you to allow the app to make changes to your PC ?
Right click on BirdieSyncSetup.exe and select "Properties" menu. Then click on "Security" tab and select "Administrators". Do you have "Full control" enabled ?
Thanks.
Birdy

pkfraser
Posts: 7
Joined: Fri Jan 07, 2011 4:59 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by pkfraser » Fri Jul 22, 2016 10:26 am

It has set up and populated the Birdiesync.Lib and Help folders.
I deleted the top level directory and ran the setup again (Full control was already enabled). Same error.
I don't get the UAC shield or screen.
If I "Ignore" the error, the next message relates to the firewall, but I assume that is because of the first error?
Thanks so far!

Birdy
Site Admin
Posts: 3015
Joined: Tue Apr 18, 2006 11:43 am
Contact:

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by Birdy » Fri Jul 22, 2016 1:15 pm

BirdieSync requires administration rights to get installed. The second error might be related to the same problem.
If you download again BirdieSync from BirdieSync web site (in Download section), do you have a shield icon on downloaded BirdieSyncSetup file ?
If you select BirdieSyncSetup file, right click and select "Run as administrator", do you see the UAC window before launching the installer ?
Birdy

pkfraser
Posts: 7
Joined: Fri Jan 07, 2011 4:59 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by pkfraser » Fri Jul 22, 2016 2:10 pm

<BirdieSync requires administration rights to get installed. The second error might be related to the same problem.>
<If you download again BirdieSync from BirdieSync web site (in Download section),>
Did that.
<do you have a shield icon on downloaded BirdieSyncSetup file ?>
No.
<If you select BirdieSyncSetup file, right click and select "Run as administrator",>
Did that.
<do you see the UAC window before launching the installer ?>
No.

Still the same error...

pkfraser
Posts: 7
Joined: Fri Jan 07, 2011 4:59 pm

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by pkfraser » Sat Jul 23, 2016 9:47 am

Tried the setup again this morning with AVG disabled - success!
Thanks for your support.

burley
Posts: 1
Joined: Sat Nov 26, 2016 9:30 am

Re: Virus IDP.ALEXA.51 in Birdiesync.exe ?

Post by burley » Mon Nov 28, 2016 7:39 am

Birdry wrote:
Fri Jul 22, 2016 1:15 pm
BirdieSync requires administration rights to get installed. The second error might be related to the same problem.
If you download again BirdieSync from BirdieSync web site (in Download section), do you have a shield icon on downloaded BirdieSyncSetup file ?
If you select BirdieSyncSetup file, right click and select https://www.pedigest.com/penomet-review-results the Penomet "Run as administrator", do you see the UAC window before launching the installer ?
I get this on eset too. Pretty sure it's a false positive or at least I hope. :shock:
Last edited by burley on Sat May 13, 2017 12:56 pm, edited 2 times in total.

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests