PDA

View Full Version : VirusTotal Analysis for SB81 #4466 compiled apps (2014/07/02)



NewsArchive
07-02-2014, 01:40 AM
SetupBuilder Developer Edition 8.1 #4466 test install images submitted to
VirusTotal, a subsidiary of Google, for analysis.

The following two vendors have a bug in their Antivirus engines:

1. Antiy-AVL: http://www.antiy.net
2. Qihoo-360: http://www.360safe.com


RESULTS:

File name: sb8virustotal_4466.exe
Detection ratio: 1 / 54
Analysis date: 2014-07-02

https://www.virustotal.com/en/file/019d2c8e14bc6aba730b932a297d7fd9085ac394c8d9504300 52f85cb9ea9153/analysis/1404285137/

-> Antiy-AVL reports a "Trojan/Win32.TSGeneric" false-positive. Bug in the
AVL product. Contact: http://www.antiy.net/contacts/


File name: sb8virustotalex_4466.exe
Detection ratio: 2 / 54
Analysis date: 2014-07-02

https://www.virustotal.com/en/file/375c22abda6012433f6a1f3a1f314b089e82229d91824dd266 955ac4c067ae19/analysis/1404285299/

-> Antiy-AVL reports a "Trojan/Win32.TSGeneric" false-positive. Bug in the
AVL product. Contacts: http://www.antiy.net/contacts/

-> Qihoo-360 reports a "Malware.QVM01.Gen" false-positive. Bug in the
Qihoo-360 product. Corporate Headquarter in China.
Contact: http://www.360safe.com/about.html


File name: sb81_4466_Dev.exe
Detection ratio: 1 / 54
Analysis date: 2014-07-02

https://www.virustotal.com/en/file/8862b3e0f39375c5d6dbd292b23015e8303488710472f7a09e 7c5aadad6226c2/analysis/1404285671/

-> Antiy-AVL reports a "Trojan/Win32.TSGeneric" false-positive. Bug in the
AVL product. Contact: http://www.antiy.net/contacts/


--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner

NewsArchive
07-03-2014, 01:37 AM
UPDATE:

1. Qihoo-360 fixed the false-positive. Good job.
http://www.360safe.com

2. Antiy-AVL did NOT fix it. Bad job.
http://www.antiy.net

3. TrendMicro-HouseCall introduced a new false-positive bug.
http://housecall.trendmicro.com
-> Suspicious_GEN.F47V0702

https://www.virustotal.com/en/file/375c22abda6012433f6a1f3a1f314b089e82229d91824dd266 955ac4c067ae19/analysis/1404371652/

It's nearly impossible to find a place to report a false-positive for a
TrendMicro product. VERY BAD JOB!

http://www.trendmicro.com/us/about-us/detection-reevaluation/index.html

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner

NewsArchive
07-03-2014, 01:45 AM
TrendMicro has the WORST false-positive reporting system I have ever seen in
my whole life. It's impossible to contact the team or upload the test file. It does
not even allow to upload a small file.

What a waste of time.

--
Friedrich Linder
Lindersoft
www.lindersoft.com
+1.954.252.3910

--Helping You Build Better Installations
--SetupBuilder "point. click. ship"
--Create Windows 8 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner

NewsArchive
07-03-2014, 02:43 AM
The TrendMicro guys are now reviewing our issue and will get back to us
soon.

We have used the following online submission form:

http://esupport.trendmicro.com/srf/SRFMain.aspx

Friedrich

NewsArchive
07-03-2014, 01:19 PM
You are a good dentist. I've never seen anyone so good at pulling teeth
to get something done. :-)

--

Russ Eggen
RADFusion International, LLC

NewsArchive
07-03-2014, 01:20 PM
Just in time for vacation<g>

Jeff Slarve
www.jssoftware.com
www.twitter.com/jslarve
I'll search help files & Google for you.

NewsArchive
07-07-2014, 07:25 AM
UPDATE II:

1. Qihoo-360 fixed the false-positive.
http://www.360safe.com

2. Antiy-AVL fixed the false-positive.
http://www.antiy.net

3. TrendMicro-HouseCall is still working on the false-positive bug.
http://housecall.trendmicro.com
-> Suspicious_GEN.F47V0702

https://www.virustotal.com/en/file/375c22abda6012433f6a1f3a1f314b089e82229d91824dd266 955ac4c067ae19/analysis/1404738725/

--
SetupBuilder Support
www.setupbuilder.com

NewsArchive
07-08-2014, 07:28 AM
UPDATE III:

1. Qihoo-360 fixed the false-positive.
http://www.360safe.com

2. Antiy-AVL fixed the false-positive.
http://www.antiy.net

3. TrendMicro-HouseCall fixed the false-positive.
http://housecall.trendmicro.com

https://www.virustotal.com/en/file/375c22abda6012433f6a1f3a1f314b089e82229d91824dd266 955ac4c067ae19/analysis/1404825374/

https://www.virustotal.com/en/file/019d2c8e14bc6aba730b932a297d7fd9085ac394c8d9504300 52f85cb9ea9153/analysis/1404825488/

--
SetupBuilder Support
www.setupbuilder.com