Re: Report False-Positives To Anti-Virus Companies
Posted: 09 Jan 2020, 15:15
According to many Internet reports and complaints, Jiangmin seems to ignore all e-mail addresses equally.
Let's help each other out
https://www.autohotkey.com/boards/
https://www.autohotkey.com/boards/viewtopic.php?f=17&t=62266
You are doing the correct thing. Hopefully, Jiangmin will respond and remove the false-positive or VirusTotal (Google) will take some action towards Jiangmin for not responding to users or for unreliability.
This statement is strange and it might be because of the English used, but can you clarify what you mean more?
Code: Select all
Msgbox Clean
I'm really curious about that Sam? Here is my situation: I have a little automation tool that about 100 people are interested in using. Following your advice I use /mpress 0 to stop it compression. I then put it up on my Dropbox for them to download. As soon as they download, Chrome screams at them that this is dangerous software. If they dare to download it, their Anti-Virus (I mean "trusted crapware") screams at them that this is a virus and deletes the file. So now only half of the people dare to use the tool because they think I'm trying to install viruses on their systemsSam_ wrote: ↑26 Mar 2019, 16:01More often than not, I have found that AV software tends to complain about compiled AHK scripts when they have been compressed with mpress. Apparently, overzealous AV software sees compressed EXEs as an attempt to hide or obfuscate ("malicious") code, which I find a shame. As a result, I have gone away from allowing the compiler to use mpress. Every now and then I'll still have a user report that some AV program complains about a compiled script (or experience it myself), but it's much more rare.
If you think it's a false positive (which I would assume, if it wasn't infected unluckily on your computer by some third-party malware), you can report the script to Microsoft, so that they can improve their heuristics. Please see https://www.autohotkey.com/boards/viewtopic.php?f=17&t=62266#p264913 Unfortunately, AHK experiences a lot of problems with false positives.
You should read the 1st post. Other people don't know where you got the file from, know about any strange code that a person might be sending to others, nor have the same issue. The most direct course of action is for you to submit the file to Microsoft. You didn't have to wait for 2 weeks, it's something that you can do immediately.PIcard_1983 wrote: ↑11 May 2020, 06:02Hello, I have been getting the following message for about 2 weeks with Windows Defender. It is a script which I have written with autohotkey.
What can i do?
Ok, many Thanks. Autohotkey-Version: v1.1.32.00SOTE wrote: ↑11 May 2020, 06:49What would be helpful to the community is that you tell us about what version of the AutoHotkey interpreter that you are using, where you got it from, possibly a sample of the script that you wrote that might be causing the issue. This, of course, is up to you as to which or none that you would like to do. Though it would be good to know what Microsoft says about the file you submit.PIcard_1983 wrote: ↑11 May 2020, 06:02Hello, I have been getting the following message for about 2 weeks with Windows Defender. It is a script which I have written with autohotkey.
What can i do?
You should read the 1st post. Other people don't know where you got the file from, know about any strange code that a person might be sending to others, nor have the same issue. The most direct course of action is for you to submit the file to Microsoft. You didn't have to wait for 2 weeks, it's something that you can do immediately.
Microsoft Online Submission for False-Positives: https://www.microsoft.com/en-us/wdsi/filesubmission
Note- Most people will need to select "Home customer" and then "Continue". Will give tracking of Microsoft's decision.
Thanks for your support. However, I think you might be missing the point of why it's important to report false-positives and are advocating for something that is detrimental to the community. It's not simply or only about you or I. It's about poorly run AV companies and competing parties accidentally or purposely mislabeling the software we use and rely on, which then escalates into problems for AHK users in general.slechtwere wrote: ↑23 Jun 2020, 07:54...Personally, I don't bother sending false positives to AV companies. Because I think it's none of their business what I do with my files on my computer. I just excluded the folder containing my scripts from scanning... Once the scripts are being executed there seems to be no problem.