Page 3 of 3

Re: Report False-Positives To Anti-Virus Companies

Posted: 09 Jan 2020, 15:15
by SOTE
According to many Internet reports and complaints, Jiangmin seems to ignore all e-mail addresses equally.

Re: Report False-Positives To Anti-Virus Companies

Posted: 10 Jan 2020, 00:40
by jongyun24
I' still Send to mail to jiangmin a Week 1~2 Time for False Positive.
Please VirusTotal Kick the Foilish Chinease Vaccine. and One more Send to Total Virus
Luck For Everyone.

Re: Report False-Positives To Anti-Virus Companies

Posted: 11 Jan 2020, 20:14
by SOTE
jongyun24 wrote:
10 Jan 2020, 00:40
I' still Send to mail to jiangmin a Week 1~2 Time for False Positive.
and One more Send to Total Virus.
You are doing the correct thing. Hopefully, Jiangmin will respond and remove the false-positive or VirusTotal (Google) will take some action towards Jiangmin for not responding to users or for unreliability.

Re: Report False-Positives To Anti-Virus Companies

Posted: 14 Jan 2020, 19:57
by jongyun24
i gonna wait for Virus Total's Return Messsage

Ana Tinoco (VirusTotal)
Jan 13, 6:09 AM PST
Hello,
I have just contacted Jiangmin. I'll keep you informed.
Regards,
Ana Tinoco - VirusTotal - www.virustotal.com
Have you tried the VirusTotal Graph?

Re: Report False-Positives To Anti-Virus Companies

Posted: 27 Jan 2020, 04:14
by SOTE
BarberH wrote:
27 Jan 2020, 02:53
Thus their list (for now and because it's not updated) is not as relevant for helping the AHK community combat false-positives. We should not want people submitting to vendors that will not help stop the false-positive problem
This statement is strange and it might be because of the English used, but can you clarify what you mean more?

Based on what I think you might be saying:

1. This list here is updated.
2. The list here reflects major AV companies that will have an impact.
3. People should submit false-positives to AV companies, because it's the only way to get them to update their databases or re-check.
4. Submitting false-positives do make a difference. I've had and seen companies update their databases.
5. You may also need to submit to many companies, not just one. AV companies can be blindly adding signatures or copying from other AV companies, without doing all the needed detailed research. Push-back from users and customers causes them to re-check and verify. Thus a list such as this is important for the AHK community.

In the case of Jiangmin, it's the right move for the AHK community to inform VirusTotal (Google) and have them put some pressure on Jiangmin (or any company doing wrong) to be responsive to users and make corrections about false-positives or VirusTotal admin (or Google the owner) will remove them from the VirusTotal list.

Re: Report False-Positives To Anti-Virus Companies

Posted: 19 Mar 2020, 08:47
by lmstearn
Submitted two AHK (v1.1.32.00) files as per
clean.zip
(709.56 KiB) Downloaded 12 times
with a custom icon to VirusTotal that had only one line in each:

Code: Select all

Msgbox Clean
One file was an MPress compilation, the other not.
For some AHK compilations, zipped MPress files were ignored by many vendors, sadly, the above scan doesn't just contain the usual suspects:
  • SecureAge APEX: Malicious
  • CrowdStrike Falcon: Win/malicious_confidence_60% (W)
  • Endgame: Malicious (moderate Confidence)
  • FireEye: Generic.mg.a6f7c4814f82f139
  • MaxSecure: Trojan.Malware.121218.susgen
  • McAfee-GW-Edition: BehavesLike.Win32.Downloader.dh
  • Zillya: Trojan.AutoHK.Win32.477
There's 13 more!
You know, after all these years, I'm convinced the only algorithm used in these virus detection programs is the Einstellung method.

Re: Report False-Positives To Anti-Virus Companies

Posted: 21 Mar 2020, 11:59
by SOTE
lmstearn wrote:
19 Mar 2020, 08:47
Submitted two AHK (v1.1.32.00) files as per clean.zip with a custom icon to VirusTotal that had only one line in each:
Thanks for the report and for submitting. Will be updating the 1st post with vendors not on our list.