Trojan in the software I am developping ???

I am the author of a Basic language named PANORAMIC and located at this address : http://www.panoramic-language.com

On my forum, since a few days, some people signaled a Trojan “Win32:Spyware-gen [trj]” when they try to download my language.

This alert does not occur with the previous version of Avast (4.8.1169) but happens with the new version (4.8.1229).

I am quite sure this alert is false because when I scan my computers nothing is detected, and because the alert happens ONLY on the result of the software “Install Creator Pro” (the result of the installer process is the language available to be downloaded on my site).
The alert does NOT happen on the installer itself, and NOT on the input of the installer.

I take a computer, I reformatted its hard disk, I reinstalled Windows XP Pro, all the software necessery to generated my software. I recompiled my software with the source (text format). At the end, and only at the end of the installation process, Avast finds the Trojan.

Please, help me to confirm if the alert is true or not, or to find a solution: people downloading my language are scared!

I don’t think that it is related to the program version but the VPS (virus signature) version, installing an older version of avast would also mean having an older version of the VPS.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

Je suis un utilisateur de PANORAMIC et je me demande pourquoi Avast découvre un “virus” dans ce logiciel, alors que d’autres antivirus ne le détecte pas. Que fait Avast pour nous aider ?.

A cause de cette situation, je vais être contraint de changer d’anti-virus pour pouvoir continuer à utiliser PANORAMIC

A+

Google translate:
I am a user of panoramic and I wonder why Avast finds a “virus” in this software, while other antivirus does not detect it. What does Avast to help us?.

Because of this, I’ll be forced to change anti-virus can continue to use panoramic

A +

Then you should follow the instruction in the post above yours to confirm or deny the detection as good. If a false positive then report it to avast and in the meantime exclude it from scans (in the link given at the end of my post).

Hi, few files “PANORAMIC_EDITOR.exe” was submitted as false positive alert. All of them are detected as Win32:DelfMod [Trj]. This is generic detection of modified Borland Delphi files. May I ask you, why are you using registry key “SOFTWARE\AAAAAAA\AAAAAA\RTL” instead of “SOFTWARE\Borland\Delphi\RTL”? If you have serious reason, we change the detection.

@misak…post Nr.1 is from 2008… :wink:

Yes it is, but it is still relevant to jean claude who posted today.

erm…did not see that… :-X

erm… you translated his post ;D

I have noticed something at my work, and that is that my brain and may head is not always at the same place… ;D
It may have to do with age…