For details on cookie usage on our site, read our Privacy Policy
TotalVirus False-Positive EZhelp
- LIVEcommunity
- Discussions
- VirusTotal
- Re: TotalVirus False-Positive EZhelp
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
- Mark as New
- Subscribe to RSS Feed
- Permalink
02-27-2020 10:36 AM
As of 2/27/2020 TotalVirus is reporting EZhelp.20.exe as Generic.ml for Palo Alto Networks
Please help.
I updated EZhelp20.exe to include the latest winvnc.exe released this week by ultravnc.com version 1.2.3.0 updated to 1.2.4.0 for security and features update. This small change is triggering a false positive.
EZhelp is not a virus, malware, hacker tool or trojan and is not misleading in any way. Ezhelp does exactly what our users expect it to do and nothing more. It is a private helpdesk support program that uses ultravnc. Ezhelp is a portable program, that when ran by the user, puts its files in the user’s temp folder and it removes them when the user closes the program. The included files are SecureVNCPlugin.dsm, VNChooks.dll and winvnc.exe which can be found at the widely popular www.uvnc.com website. The included ultravnc.ini file increases security by preventing the user from accidentally allowing incoming connections into their own PC and only allows an outgoing secure encrypted connection to our helpdesk upon the user’s request. Those evaluating the software can look in the temp file and verify all of this. I am the author of the program and have been using it for two decades. Occasionally, EZhelp is updated to include the latest winvnc.exe from www.utravnc.com for its feature and security updates. Compiled with the popular Autoit default settings using UPX compression to reduce the file size by 30%
The virustotal link is for this detection is here https://www.virustotal.com/gui/file/48bb201df975b6b34380a3a1805707b12cf55ee1f4e22a83de3c46c6445cbd4d...
EZhelp20.exe can be downloaded directly from here http://ezhelp.github.io/software/EZhelp20.exe
Thank you in advance
CPC
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-03-2020 03:26 PM
Hello,
Thank you for the new info, l will check again and update.
Best
Himani
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2020 10:26 AM
Hello,
Can you zip this file "EZhelp20.exe " with password "infected" and host somewhere we can download? Also, include the previous file that was not considered as malicious.
kind regards
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2020 02:08 PM
Hello
Here is a link for you. This zip includes several other zip files including the current version and previous version and a readme file for more information..
https://1drv.ms/u/s!AvUqD-bsZBOogaAbHgzQPF2_UBNZEQ?e=UrRa1G
If this information does not help get the program whitelisted.. please let me know how to escalate this issue ASAP. Again, I can walk someone line by line through the source code step by step as needed. I would think you have my email and phone number already via my profile if needed. It is very important, for us to use this program to support remote workers, especially now with corvid 19 and more workers working remotely from their homes.
Thank you
CPC
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-06-2020 08:05 AM
Hello.
We are rechecking this file on your request and I will update you.
Thanks
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-09-2020 12:22 AM
Hello,
The file is rechecked based on the information provided by you, we have marked this file as clean. I hope this helps.
Best
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
