False positive virus in version 5.8.0 of Zator

This morning, just to start the day, we received several news about viruses. The first, an update to the anti-virus used in our equipment: “Spyware Doctor with Antivirus” from PC Tools (version 6.0.1.440).

The second, a safety bulletin entitled «Uno al día” from Hispasec, an accredited IT security company who regularly publishes research on security and cryptography. After a quick review; download the mail, etc. We started at work. Of course we use our own application extensively to hold all kind of information, and when trying to start the latest version 5.8.0 of Organizator, published last 17, we met with that the anti-virus application prevents start with a message Warning: «Threat level risk suspect locked” in Heurengine.Packed.Themida.Rba.

Needless to say, the surprise/disgust has been tremendous. Specifically, that topic is one of the modules of the application that we use to protect the program against possible attacks or reverse engineering. We have not had time yet to check whether the alarm occurs with older versions, or other anti-virus, but in reality, for the reasons explained below we suspect that it can happen.

It goes without saying that the goal of Zator Systems is developing and selling software and of course is not our intention to make any virus, Trojan or backdoor of any kind, so we ensure that our application OrganiZator is completely free of viruses or spyware, assuming of course that the application is legitimate and has been downloaded from our website. It is important to note that so far, none of the major software distribution companies to which we have send the application has encountered any problem in it. For example, Softpedia, which has collected in its pages the new version, said:

Softpedia guarantees that OrganiZATOR 5.8.0 is 100% CLEAN, which means it does not contain any form of malware, including spyware, viruses, trojans and backdoors.

The case had a prologue days ago, when the anti-virus noticed about an application for synchronizing files that we use for several years. In this case, since it is an old application, we chose to remove it while we thought of seeking for a substitute.

The point is that it appears to the anti-virus vendors have been started to go out of hand with the method of heuristic detection, so that they are beginning to bear positive even with original files from Microsoft!.  But better than our words, in the attached link from Hispasec, you can find a great article about the current situation, called «Anti-virus and false positive… a chaos» whose reading we advise (original is in Spanish, but as usual you can read it in English with Google)

We are working on eliminating this problem of false positives. Meanwhile, we reiterate our users that regarding Organizator, can absolutely rely on its safety in this latest version 5.8.0, as in the past and future versions.

Leave a Reply

You must be logged in to post a comment.