Viruses / Trojans Heur (PE32)

Started by Dark, April 14, 2011, 08:56:04 PM

Previous topic - Next topic

Dark

Hello.
I've been using your program PECompact v2.79 and processing a single file *.dll, antivirus program AVG sees this as an infected file -> Viruses / Trojans Heur (PE32).
Could you check what was wrong and sort things out?

I am sending you a file "smackw32.dll" and provides a reference to anti-virus.

AVG Antivirus 2011:
http://free.avg.com/ww-en/homepage

Send a file to e-mail:
support@bitsum.com

Jeremy Collake

It is best to send it to them. I don't have any special channel with AVG to submit false positives, they prefer going through the standard channels and are quite responsive. There is nothing I can do on this end to fix it, it is them who must address this problem. They are well aware of PECompact and upon submission will likely have it fixed within 24 hours.

Here is the link to submit it to them: http://samplesubmit.avg.com/us-en/false-detection

Often times what happens is certain compressed files false positive, not all of them. This is usually because some asshole malware author happened to develop an application in your same language, using your same installer, or otherwise similar enough that it causes a false positive. Sometimes the use of too many CODECs or other plug-ins for PECompact can also confuse the anti-virus software. In such cases they immediately add an exclusion for that file (MD5 hash), then do a larger investigation that takes longer. Until the larger investigation is completed, you *may* have to submit new versions of your software *IF* the false positive persist on new builds.

Thanks, and sorry I can't fix it faster than you/them ;o

EDIT: Sometimes they even already have it fixed before you notify them, which is true on the rarer events of larger PECompact based malfunctions of their scanning engine.
Software Engineer. Bitsum LLC.

BoB

Also, PECompact v2.79 is a very old version now, the anti-virus will have no problems with more recent versions.