AVG and Win32/Heur

[Bobbye]

This has been a frequent problem with AVG, mostly since v8 was released.

HEUR/Malware is a heuristic detection routine designed to detect common malware characteristics.
Heur stands for Heuristic. Heuristic scanning uses probablilities and rules to determine the likelyhood that a file contains a virus. In this case the AVG program is trying to analyze a file based on rules about or characteristics of known viruses. One of the characteristics is packing or encrypting the code inside. This makes the file "suspicious" to the AVG program. A more advanced program might use the unpacker code to decrypt the code and analyze the instructions to see if it was really malicious. AVG doesn't.

On the basis of the composition of a file, the sequence of significant code sequences or based on particular behavior patterns, the heuristics can determine with a high probability whether it is dealing with a harmful or virulent file.

It is frequenntly, but not always, a False Positive:

If in doubt, do an online scan with a different AV such as Kaspersky, Panda, Eset or other program to confirm. This 'find' frequently comes after an AVG update. AVG updates their definition file and THAT problem was solved but a week later another 'heurt' is detected again.

A very non-technical comparison: you know Mary. She has blue eyes and blond hair. I see another girl with blue eyes and blond hair- I should call her Mary because she "looks like" she could be Mary.