FFAStrans forum

Dear steinar,
thanks for the quick and clear reply. What i would have checked first if i had the source is, (in case the falsely detected stuff is managed c#) to use clickonce security in my Project and also possibly provide a manifest.
This question may sound stupid, but just in case, are you fine with me attemting to reverse-engineer the affected program parts in case i find the time for it?

Thanks!
Harald

Hi Harald,

Sorry for the late reply but I've been quite busy lately. The question is sort of stupid in the sense that I cannot control if you reverse-engineer or not so you do whatever you want to in that regard

-steinar

OK, i tested your software and i love it! To be honest i even feel connected with it... it is 90% just as i would have designed my own workflow engine
Now i need to get rid of this antivirus topic more than ever.

By the way dear steinar, there is a simple way to control what users do with it: just add a common use license and add your own specifics.

What i did by now is to use virustotal.com, the current result is 13 / 68 antivirus do detect a threat. Here is the list of the detected softwares and the names they detect. Also, for interest i did submit the sample of def_runner.exe to microsoft and asked them to add an exclusion.
Also i can submit a sample to Mcaffee. But i would really like to help you as good as i can. Do you see a chance to hand me over the source code of def_runner so i can find a way to workaround the troubles?

AegisLab
Trojan.Win32.Generic.4!c

Antiy-AVL
Trojan/Generic.ASVCS3S.1E5

Avira (no cloud)
HEUR/AGEN.1035167

CrowdStrike Falcon (ML)
malicious_confidence_80% (W)

Cylance
Unsafe

Cyren
W32/GenBl.E71B6DE3!Olympus

Sophos ML
heuristic

McAfee
Artemis!E71B6DE353EC

McAfee-GW-Edition
BehavesLike.Win32.PWSBanker.dh

Microsoft
Trojan:Win32/Zpevdo.B

Qihoo-360
HEUR/QVM10.2.3607.Malware.Gen

Trapmine
malicious.high.ml.score

VBA32
Backdoor.Wemosis

Hi emcodem, thank you for using FFAStrans and those kind words, and welcome to the forum!

False positives is a constant struggle. I have sent samples to numerous AV-vendors but the false positives keeps coming back. So it's a tiring situation. However, the next version will ship with 64 bit builds as standard (with optional 32 bit download). They are less likely to be flagged as suspicious.

-steinar

Hello, Steinar,

Just to warn because under several workstations the ftp watch folder doesn't work cause antivirus blocks. I can't even not rebuild the history cache.
So beware


Cheers.

Benjamin

Oh, I'm very aware and it's a struggle Users will need to make exceptions in their AVs.

-steinar

Since the most current version, 0.9.4, all currently known antivirus problems should be solved. Thank you so much dear steinar for all your efforts.

Sincerely,
emcodem

That's great news emcodem!

-steinar

That was a false message. it is working safely on my computer that has avast security.