AntiVirus Detection

Here you can submit bugreports
emcodem
Posts: 408
Joined: Wed Sep 19, 2018 8:11 am

Re: AntiVirus Detection

Post by emcodem » Thu Sep 20, 2018 2:10 pm

Dear steinar,
thanks for the quick and clear reply. What i would have checked first if i had the source is, (in case the falsely detected stuff is managed c#) to use clickonce security in my Project and also possibly provide a manifest.
This question may sound stupid, but just in case, are you fine with me attemting to reverse-engineer the affected program parts in case i find the time for it?

Thanks!
Harald

admin
Site Admin
Posts: 1262
Joined: Sat Feb 08, 2014 10:39 pm

Re: AntiVirus Detection

Post by admin » Sun Sep 30, 2018 12:36 pm

Hi Harald,

Sorry for the late reply but I've been quite busy lately. The question is sort of stupid in the sense that I cannot control if you reverse-engineer or not so you do whatever you want to in that regard ;-)

-steinar

emcodem
Posts: 408
Joined: Wed Sep 19, 2018 8:11 am

Re: AntiVirus Detection

Post by emcodem » Sun Nov 25, 2018 1:39 am

OK, i tested your software and i love it! To be honest i even feel connected with it... it is 90% just as i would have designed my own workflow engine :-)
Now i need to get rid of this antivirus topic more than ever.

By the way dear steinar, there is a simple way to control what users do with it: just add a common use license and add your own specifics.

What i did by now is to use virustotal.com, the current result is 13 / 68 antivirus do detect a threat. Here is the list of the detected softwares and the names they detect. Also, for interest i did submit the sample of def_runner.exe to microsoft and asked them to add an exclusion.
Also i can submit a sample to Mcaffee. But i would really like to help you as good as i can. Do you see a chance to hand me over the source code of def_runner so i can find a way to workaround the troubles?

AegisLab
Trojan.Win32.Generic.4!c

Antiy-AVL
Trojan/Generic.ASVCS3S.1E5

Avira (no cloud)
HEUR/AGEN.1035167

CrowdStrike Falcon (ML)
malicious_confidence_80% (W)

Cylance
Unsafe

Cyren
W32/GenBl.E71B6DE3!Olympus

Sophos ML
heuristic

McAfee
Artemis!E71B6DE353EC

McAfee-GW-Edition
BehavesLike.Win32.PWSBanker.dh

Microsoft
Trojan:Win32/Zpevdo.B

Qihoo-360
HEUR/QVM10.2.3607.Malware.Gen

Trapmine
malicious.high.ml.score

VBA32
Backdoor.Wemosis

admin
Site Admin
Posts: 1262
Joined: Sat Feb 08, 2014 10:39 pm

Re: AntiVirus Detection

Post by admin » Tue Nov 27, 2018 7:54 am

Hi jordanh, thank you for using FFAStrans and those kind words, and welcome to the forum! :-)

False positives is a constant struggle. I have sent samples to numerous AV-vendors but the false positives keeps coming back. So it's a tiring situation. However, the next version will ship with 64 bit builds as standard (with optional 32 bit download). They are less likely to be flagged as suspicious.

-steinar

momocampo
Posts: 342
Joined: Thu Jun 08, 2017 12:36 pm
Location: France-Paris

Re: AntiVirus Detection

Post by momocampo » Wed Nov 28, 2018 3:47 pm

Hello, Steinar,

Just to warn because under several workstations the ftp watch folder doesn't work cause antivirus blocks. I can't even not rebuild the history cache.
So beware :)
;)

Cheers.

Benjamin

admin
Site Admin
Posts: 1262
Joined: Sat Feb 08, 2014 10:39 pm

Re: AntiVirus Detection

Post by admin » Sat Dec 01, 2018 11:28 am

Oh, I'm very aware and it's a struggle :-( Users will need to make exceptions in their AVs.

-steinar

emcodem
Posts: 408
Joined: Wed Sep 19, 2018 8:11 am

Re: AntiVirus Detection

Post by emcodem » Thu Jan 03, 2019 11:16 pm

Since the most current version, 0.9.4, all currently known antivirus problems should be solved. Thank you so much dear steinar for all your efforts.

Sincerely,
Harry

admin
Site Admin
Posts: 1262
Joined: Sat Feb 08, 2014 10:39 pm

Re: AntiVirus Detection

Post by admin » Fri Jan 04, 2019 6:58 pm

That's great news Harry! :-)

-steinar

mygeekshelp
Posts: 1
Joined: Thu Oct 03, 2019 4:39 pm
Contact:

Re: AntiVirus Detection

Post by mygeekshelp » Thu Oct 03, 2019 4:44 pm

That was a false message. it is working safely on my computer that has avast security.

Post Reply