Possible false positive.

[mrpbrown]

I was attempting to download ZModeler 1.07 from the official site, and got a warning that it was infected with Win32:DelAll-J [trj].

I would think this to be unlikely, so you may want to have a quick look into it. For reference, the download site is: http://www.zmodeler2.com/?mode=dl&ID=3.

[DavidR]

You could pause the web shield, that would at least allow you to download it (don't execute the file), the standard shield will alert, choose No action so that it remains where you downloaded it to.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest (or move from where you saved it) to this folder and upload it to VirusTotal without avast alerting.

If it is indeed a false positive, see http://forum.avast.com/index.php?topic=34950.msg293451#msg293451, how to report it to avast! and what to do to exclude them until the problem is corrected.

[mrpbrown]

According to VirusTotal, several AVs recognise it as malware: http://www.virustotal.com/analisis/b79da218070747f9f944768b7dd17173

I still think this is pretty unlikely, it is one of the biggest free 3D modelling apps out there. I'll email it to avast and see what they say.

[misak]

False positive is fixed in VPS 081112-0

[mrpbrown]

Thanks, that was incredibly quick.

[DavidR]

They do act quickly when a false positive is confirmed, but less than 24 hours is quite quick.