Zillya antivirus false positives11/14/2023 Hope that this helps with the next iterations of my exe so that it stays clean. I got a feedback by email within one day that it is ok, and the scanner on my pc agrees with this now. Other scanners have similar feedback lines. Therefore I reported the file as false positive to Avira, which can simply be done by sending it by email.In order to make your local virus scanner accept the file, you can manually accept it for your computer, but this does not solve the underlying problem, so on other computers it would still be flagged as a virus.If just one or two are detecting a virus, you should be on the safe side. After creating my exe file from my jar using Launch4j, I noticed this message: WARNING: Sign the executable to minimize antivirus false positives or use launching instead of wrapping. I have uploaded the exe to to check it with many scanners.Keep in mind that the exe files you generate yourself are unique (as a consequence, the Avast scanner usually returns a message "you have found a rare file, we are doing a quick test", and delays execution for 15 seconds to perform a more thorough test). It detects and removes all types of existing and not even previously known malicious. Avira put that file into quarantine since it was considered potentially dangerous (due to heuristics, which means that some segments look typical for a virus, but no virus is actually found). Product for viral protection that combines the high speed and quality. I had a similar problem with a pyinstaller exe under Windows. BTW, Ill not mention Jiangmin KV Antivirus any longer. exe launcher that it created won't be considered a Trojan? SetupBuilder Developer Edition 8.5 4738 compiled test install images submitted to VirusTotal, a subsidiary of Google, for analysis. Is there anything else I can do with PyInstaller to make it so that the. Hopefully they will back off on whatever it is that they thought they were trying to detect. exe file in question to AVG for their analysis. but still I'm concerned that it is not just AVG giving a false positive. Now I can't say that these other scanners are ones that I have heard of before. Rising Malware.Generic.5!tfe (thunder:5:ujHAaqkyw6C)ĬrowdStrike Falcon (ML) malicious_confidence_93% (D)Įndgame malicious (high confidence) 20170503 Researching the name of the Trojan gave me mixed results but I cant check it on virustotal anymore cuz the moment Windows Defender detected it, it automatically deleted the DLL. Mightve been a false-positive or couldve been a real Trojan. SentinelOne (Static ML) static engine - malicious Worked fine for a few days until earlier today it detected a Trojan called Themida on FFWsregister.dll. Which shows that 11 out of 61 scanners detect a problem: TheHacker Trojan/Agent.am exe file to VirusTotal I get this analysis: At first I just thought it was a false positive in AVG, but submitting the. exe file used to start the program (in the folder created by PyInstaller that has all of the Python "guts"). My AVG Business Edition AntiVirus just started complaining with today's update that the program has an SCGeneric Trojan Horse in the main. If the email is linked on their website, the link is preferred since it contains format information.About a month ago, I used PyInstaller and Inno Setup to produce an installer for my Python 3 script. For ones that do have one of these, online forms are preferred over emails. Most AVs these days use machine learning for detecting malware. Anything not fulfilling this goes to the Wall of Shame. re: Dealing with Anti-Virus False Positives. Only submission methods that require no active license, registration, download of a tool is listed. A subject line like False positive - is preferred, as several vendors have automatic email rules for this. Use ZipCrypto and be sure to write down the password in the email too. Most vendors ask you to zip up the sample with the password "infected". TotalDefense ( can submit via landline call WTF?).SUPERAntiSpyware (via program interface).Kingsoft ( bounces with user not found #3). Baidu ( bounces with user not found #1).These vendors don't provide a free and registration-less way to submit false positives via HTTP or e-mail. VirusTotal false positive contacts collection Wall of Shame
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |