Avast Identifies PhotoResize Options EX As A Virus

I use the following resize program:
PhotoResize Options EX - http://losslessjpegtoolbox.wordpress.com/

For some reason Avast identifies it as a virus.
I contacted the publisher and got the following answer:

Drazick,

Thank you for contacting me regarding your concern about PhotoResize Options EX and a possible virus threat.

PhotoResize Options is completely safe and has been scanned extensively for any possible virus threats. AVAST is reporting a false positive based on the UPX packing system utilized by AutoIt, the program used to create PhotoResize Options. A little information on the UPX topic can be read in this Kaspersky Lab Forum: http://forum.kaspersky.com/lofiversion/index.php/t47187.html

As you can see from the (attached) scan I performed today (which used 20 different Anti-virus programs) only AVAST reported a possible infection. You can also see in the report that even Kaspersky no longer identifies UPX packers as a possible threat.

I hope this relieves your concern about PhotoResize Options and that you will continue to use it. It really is a fast and easy way to quality resizing. Please let me know if you have any other questions.

Thank you,

Michael Lee
http://losslessjpegtoolbox.wordpress.com

I guess he’s right.
Any fix for that?

Thanks.

As a workaround, you can add these files to the Standard Shield provider (on-access scanning) exclusion list.
Left click the ‘a’ blue icon, click on the provider icon at left and then Customize. Go to Advanced tab and click on Add button…
You can use wildcards like * and ?. But be careful, you should ‘exclude’ that many files that let your system in danger.

Hope they correct this false positive soon.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

Hopefully it will be resolved soon…

Might it be resolved by a database update?

Tried to download the files from the website, but didn’t get any detection inside.
So the affected file is certainly needed.

The author of the program has the same experience (Kasperski had the same problem).

Anyhow, Tried the on line scanner:
http://www.virustotal.com/analisis/269b37003b05068d229f9b7cc5c58af8

In my opinion it’s clean, yet the problem is with Avast.

Link to the exact file on my computer:
http://www.sendspace.com/file/xxhzt5

File is clean, false positive alert will be fixed in next VPS 080713-0

Fixed.

Thanks! :slight_smile: