Just writing to notify you that AVG for Business antivirus software is detecting the Win32/Heur virus in the latest Zeus ze32v398g download. This hasn't happened to me in previous updates. Just wanted you to be aware.AVG for Business detects a virus in ze32v398g download
AVG for Business detects a virus in ze32v398g download
Just writing to notify you that AVG for Business antivirus software is detecting the Win32/Heur virus in the latest Zeus ze32v398g download. This hasn't happened to me in previous updates. Just wanted you to be aware.
Last edited by avenger on Fri Oct 07, 2016 3:54 pm, edited 1 time in total.
Re: AVG for Business detects a virus in ze32v398g download
Screen shot:
- 2016-10-07_10-50-47.png (22.4 KiB) Viewed 33456 times
Re: AVG for Business detects a virus in ze32v398g download
Can you see if it complains about the previous version found here: http://www.zeusedit.com/z300/ze32r398f.zip
Cheers Jussi
Cheers Jussi
AVG Borken - Detects virus in ze32v398g download
I have taken a closer look into this issue.
1) Firstly I checked to make sure Windows Defender was fully up to date and it was.
It also reported no issues with the build machine.
2) I then used Windows defender to scan the ze32v398g.zip and the previous ze32v398f.zip files.
It came back clean for both zip files as shown below:
3) Next taking this download URL: http://www.zeusedit.com/z300/ze32v398g.zip
I tested that using some of the online virus checkers and here are the results.
https://www.virustotal.com/
http://www.garyshood.com/virus/
Notice that Gary's Hood gets a clean report for 3 of the 4 scanners but it also reports the AVG issue that you found.
https://www.metadefender.com/
Meta Defender indicates 1 of the virus checker does report an issue with that file.
But strangely enough Meta Defender gives the file a clean bill of health from AVG which is fully up to date based on that report.
The first thing I would suggest doing is to make sure your AVG virus profiles are fully up to date.
This does look like a false positive from AVG.
Update
I tried raising this with AVG by submitting a report and also submitting the Zeus download zip file from their web page.
But AVG rejected the report and request a new report in a new format which also required the download and installation of AVG software.
For the life of me I don't understand why they would need this, other than as a measure to deter reporting of false positives.
But knowing how anti-virus tools install hooks into ever nook and cranny of the machine, this is something I am not prepared to do.
Cheers Jussi
1) Firstly I checked to make sure Windows Defender was fully up to date and it was.
It also reported no issues with the build machine.
2) I then used Windows defender to scan the ze32v398g.zip and the previous ze32v398f.zip files.
It came back clean for both zip files as shown below:
- virus1.png (135.04 KiB) Viewed 33449 times
I tested that using some of the online virus checkers and here are the results.
https://www.virustotal.com/
- virus2.png (33.5 KiB) Viewed 33449 times
- virus5.png (66.31 KiB) Viewed 33449 times
https://www.metadefender.com/
Meta Defender indicates 1 of the virus checker does report an issue with that file.
- virus3.png (54.14 KiB) Viewed 33449 times
- virus4.png (44.71 KiB) Viewed 33449 times
This does look like a false positive from AVG.
Update
I tried raising this with AVG by submitting a report and also submitting the Zeus download zip file from their web page.
But AVG rejected the report and request a new report in a new format which also required the download and installation of AVG software.
For the life of me I don't understand why they would need this, other than as a measure to deter reporting of false positives.
But knowing how anti-virus tools install hooks into ever nook and cranny of the machine, this is something I am not prepared to do.
Cheers Jussi