Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple Vendors False Positives #49

Closed
liamengland1 opened this issue Jun 26, 2021 · 6 comments
Closed

Multiple Vendors False Positives #49

liamengland1 opened this issue Jun 26, 2021 · 6 comments
Assignees
@rcmaehl
Labels
external cause A program other than WhyNotWin11 causes the issue wontfix This will not be worked on

Comments

@liamengland1
Copy link

liamengland1 commented Jun 26, 2021
edited by micwoj92

FYI -- The most recent artifact of WhyNotWin11_x86.exe is flagged as a virus (Program:Win32/Wacapew.C!ml) by Microsoft/Windows Defender.

https://www.virustotal.com/gui/file/d93b3da670d96e80d2a3ec0bbea61f7b33b974604a723f3791b515204cc41337/detection

More info on autoit forums
https://www.autoitscript.com/forum/topic/34658-are-my-autoit-exes-really-infected/
@micwoj92
Copy link
Collaborator

These false positives are known issues, just report file as safe and hope that they fix it.

@rcmaehl rcmaehl self-assigned this Jun 27, 2021
@rcmaehl rcmaehl added the wontfix This will not be worked on label Jun 27, 2021
@rcmaehl rcmaehl pinned this issue Jun 27, 2021
@rcmaehl rcmaehl changed the title virus detected - false positive Native x86 Builds flagged by Defender Jun 27, 2021
@rcmaehl rcmaehl mentioned this issue Jun 27, 2021
Closed
@rcmaehl
Copy link
Owner

rcmaehl commented Jun 27, 2021
edited

It appears both of these vendors only accept FPs via email. I've contacted both. If you've been pointed here, feel free to contact them as well, but it can take several hours - couple days per release to get whitelisted, if at all.

Contact BKav - Attachment must be .7z file with password "infected"
Contact Sophos - Attachment must be .zip file with password "infected"

@rcmaehl rcmaehl changed the title Native x86 Builds flagged by Defender Native x86 Builds FP Flag by Defender, x64 Builds FP flag by BKav/Sophos Jun 27, 2021
This was referenced Jun 27, 2021
Closed
Closed
@rcmaehl rcmaehl added the external cause A program other than WhyNotWin11 causes the issue label Jun 27, 2021
@rcmaehl rcmaehl changed the title Native x86 Builds FP Flag by Defender, x64 Builds FP flag by BKav/Sophos BKav, Defender (x86 Only), Sophos False Positives Jun 27, 2021
@catvaku catvaku mentioned this issue Jun 27, 2021
Closed
@micwoj92 micwoj92 mentioned this issue Jun 28, 2021
Closed
@rcmaehl
Copy link
Owner

rcmaehl commented Jun 28, 2021

This should be partially improved with the removal of requiring admin rights

This was referenced Jun 29, 2021
Closed
Closed
@rcmaehl rcmaehl mentioned this issue Jun 29, 2021
Closed
@micwoj92 micwoj92 mentioned this issue Jun 29, 2021
Closed
@XUTOS83
Copy link

XUTOS83 commented Jun 30, 2021

Bkav Pro
W32.FamVTAppLQNE.Trojan

Sophos
Generic ML PUA (PUA)

Palo Alto Networks
Generic.ml

https://www.virustotal.com/gui/file/4505a6ed4a5f8a7401d17f76ee8ba73340de5e2905fee2c6c8551d0852d29e9c/detection

@micwoj92 micwoj92 mentioned this issue Jul 2, 2021
Closed
@micwoj92 micwoj92 changed the title BKav, Defender (x86 Only), Sophos False Positives multiple vendors False Positives Jul 2, 2021
@rcmaehl rcmaehl changed the title multiple vendors False Positives Multiple Vendors False Positives Jul 2, 2021
@rcmaehl rcmaehl mentioned this issue Jul 9, 2021
Closed
@micwoj92
Copy link
Collaborator

The issue will stay pinned but I'll close it, because it's not really something that can be fixed. Just report as false positives. Also the releases will be less often, so the executables from releases will have more time to get unflagged and get good scores on virustotal.

This was referenced Jul 30, 2021
Closed
Closed
@micwoj92 micwoj92 mentioned this issue Aug 29, 2021
Closed
@micwoj92 micwoj92 mentioned this issue Dec 23, 2021
Closed
@micwoj92 micwoj92 mentioned this issue Jun 29, 2022
Closed
@rcmaehl rcmaehl mentioned this issue Aug 23, 2022
Closed
@TruongTanLuc201270
Copy link

Version 2.6.0.0, 2 virus found
Screenshot_20240119-134847_Samsung Internet
Screenshot_20240119-134919_Samsung Internet

@WilloIzCitron WilloIzCitron mentioned this issue Feb 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rcmaehl rcmaehl

Labels
external cause A program other than WhyNotWin11 causes the issue wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rcmaehl @liamengland1 @XUTOS83 @micwoj92 @TruongTanLuc201270