AutoHotkey Community
Let's help each other out
Skip to content
Post by gregster » 19 Mar 2024, 09:15
slishnevsky wrote: β19 Mar 2024, 07:07 How can I as a user detect if it is a virus or false-positive? Is there some sort of scanner that can detect if it is a false-positive or a virus? Windows defender, when it scans downloaded file (which I know is safe, just a cracked version), it always finds some "viruses" in it and shows specific viruses names. I don't understand, if it is false-positive (meaning there are no actual viruses in it), when how does it figure out specific viruses' names?
Post by slishnevsky » 19 Mar 2024, 07:07
Post by submeg » 19 Jan 2024, 16:05
Post by zandra_s » 19 Jan 2024, 11:25
Post by SOTE » 16 Jan 2024, 06:22
My site/file has been improperly flagged as harmful (false positive)
Post by zandra_s » 04 Jan 2024, 14:28
Post by asheroto » 18 Dec 2023, 14:53
Post by zandra_s » 16 Nov 2023, 09:20
Post by SOTE » 25 Aug 2023, 13:03
ItisI wrote: β06 Jul 2023, 02:58 Sort of success :/ SentinalOne already confirmed. I will keep you updated. 1. Antiy-AVL - Antiy Labs - AVL SDK eMails don't exist anymore
Post by ItisI » 06 Jul 2023, 02:58
Reply Thank you for your feedback. Our DFI engine is one of many detection layers embedded on our agent, alongside with our state of the art behavioral analysis, reputation engines and sanity layer that ensures accuracy on our deployed agents. We are constantly tuning our DFI for maximal coverage and minimum false positives. We expect to keep doing it over time as more files are seen in the wild. We will review your input and make necessary actions as required, please make sure you have submitted the relevant information on the sample in question, and contact details - in case further clarifications are required. There is no need to contact us for follow up - this report is being processed. We will only contact submitters in rare cases. To read more about our full solution and see product demos, visit www.sentinelone.com. Thank you, SentinelOne Research Group
Post by ItisI » 06 Jul 2023, 02:41
Post by ItisI » 05 Jul 2023, 04:51
Code: Select all
ahkv99.exe ahkv99.exe.sha256
Post by gregster » 05 Jul 2023, 03:33
Post by ItisI » 05 Jul 2023, 03:15
Post by gregster » 05 Jul 2023, 02:25
I'm already on it.
Here's the first set-back: gMail won't let me upload the "infected" file...
Post by ItisI » 05 Jul 2023, 02:21
Post by ItisI » 05 Jul 2023, 02:11
Post by gregster » 05 Jul 2023, 01:59
ItisI wrote: β05 Jul 2023, 01:45 Let me see if I understand you correctly: I contact Virustotal, tell them neither Jotti nor my local antimalware program have found any issue, and would they please recheck? Or do I contact each and every viruschecker individually?
https://support.virustotal.com/hc/en-us/articles/115002121185-I-am-experiencing-a-false-positive-my-file-or-site-should-not-be-detected- wrote:VirusTotal is detecting a legitimate software I have developed, what can I do? VirusTotal acts simply as an information aggregator, presenting antivirus results, file characterization tool outputs, URL scanning engine results, etc. VirusTotal is not responsible for false positives generated by any of the resources it uses, false positive issues should be addressed directly with the company or individual behind the product under consideration. Please find the company on our contributors page and reach out to them.
https://support.virustotal.com/hc/en-us/articles/115002121185-I-am-experiencing-a-false-positive-my-file-or-site-should-not-be-detected- wrote:VirusTotal simply aggregates the output of different antivirus vendors and URL scanners, it does not produce any verdicts of its own. As such, if you are experiencing a false positive issue, you should notify the problem to the company producing the erroneous detection, they are the only ones that can fix the issue. Please note that even if we were able to remove the flag, the users of such product would still be blocked from accessing your site.
Post by ItisI » 05 Jul 2023, 01:45
That's the point. If it's a false positive, only the false-positive-issuing company can correct their assessment. If they never get asked, they might never check again. The point of reporting false-positives is to ask those companies to re-evaluate their results (and to correct them) - no one else can check their results, because they won't tell us their business secrets. Some of those companies will give you feedback about your request.
There are SHA256 hashes, for example you can look at our github release channel or the individual version announcements (which also contain hashes for the zip-versions): viewforum.php?f=24
Post by gregster » 05 Jul 2023, 01:29
ItisI wrote: β05 Jul 2023, 01:14 But I do not have the qualifications to determine if these are false positives. I can't report to anyone, "These are false positives". That can only be done by someone who has the expertise and has done the necessary testing and investigation.
I am a simple end user.
Why are there no pgp signatures for the software, so that we can at least be sure that we are getting what you are offering? Or "hashes" (md5, sh???).
Top