I downloaded PDF reDirect from download.com and when I installed it, it detected OSSMTP.dll to be infected with Win32:Israz-C [Wrm]. Download.com is a reputable site and I was wondering if this is just a false alarm. My heuristics are set to high.
Here are the results of my investigation (see below for the boring technical details): the Spysweeper report seems to be a “False Positive” issue with Spysweeper. I have confirmed that PDF reDirect does NOT install any keylogger software. Therefore, I have re-opened the downloads page on the forum. I will provide Spysweeper’s reply as soon as I receive it. Note that Norton Anti-Virus, F-Secure and Kaspersky had the same false positive problem, and all of them corrected their definition files to fix the problem. I am hopeful that Spysweeper will do the same.
Thank you again for expressing your concern: I appreciate you bringing this to my attention. Once I get confirmation from Spysweeper that the issue was a false positive, would it be acceptable to you that I delete this post? I will keep the original post open though.
If you didn’t already do that, please submit the misdetected file (OSSMTP.dll) to virus@avast.com so that we can fix the false alarm.
The preferable way is to pack it with ZIP or RAR, protect it with a password and send in an e-mail with “False alarm” subject.