Author Topic: Tweaking.com - Windows Repair false positive reporting  (Read 12633 times)

0 Members and 1 Guest are viewing this topic.

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Tweaking.com - Windows Repair false positive reporting
« on: January 31, 2015, 12:08:03 pm »
I just downloaded a virus toolkit scanner and running a scan with it and it have detected some of your Tweaking.com - Windows Repair software files as in "Gen:Trojan.Heur.VP2.cq1@aWF3TJii (DB)" Virus! so that Probably a false positive !  :smiley:

so can you let they know about it !  :artist:

Code: [Select]
31 Jan 2015 22:45:21 [159c] - Scanning File C:\Users\b\Desktop\Tweaking.com - Windows Repair\files\tweaking_ras.exe
31 Jan 2015 22:45:21 [0e7c] - Scanning File C:\Users\b\Desktop\Tweaking.com - Windows Repair\files\tweaking_rati.exe
31 Jan 2015 22:45:21 [03d4] - C:\Users\b\Desktop\Tweaking.com - Windows Repair\ipconfig all log.zip not Scanned. Possibly password protected...
31 Jan 2015 22:45:21 [0e7c] - File C:\Users\b\Desktop\Tweaking.com - Windows Repair\files\tweaking_rati.exe infected by "Gen:Trojan.Heur.VP2.cq1@aWF3TJii (DB)" Virus! Action Taken: File Deleted.

31 Jan 2015 22:45:21 [159c] - File C:\Users\b\Desktop\Tweaking.com - Windows Repair\files\tweaking_ras.exe infected by "Gen:Trojan.Heur.VP2.cq1@aCn6RVei (DB)" Virus! Action Taken: File Deleted.

Edi : if you need the log file just let my know hala   :artist:
« Last Edit: January 31, 2015, 12:10:11 pm by Gamezertruth »

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Tweaking.com - Windows Repair false positive reporting
« Reply #1 on: February 02, 2015, 04:18:10 pm »
Anything flagged as a "GEN" stands for generic, and 99% of the time it is a false positive. I havent changed those two files in almost 6 months and all the AV's had updated their virus defs to not flagged them. Looks like you just need to submit the files to the AV you used and they will remove the false positive :wink:

Shane

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: Tweaking.com - Windows Repair false positive reporting
« Reply #2 on: February 05, 2015, 03:38:24 pm »
hi Shane  :wink:

there is other anti malware software has flagged your software  :smiley:

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Tweaking.com - Windows Repair false positive reporting
« Reply #3 on: February 06, 2015, 01:12:32 pm »
Any time I update any VB6 program bit defender will auto flag it as a GEN, and there is about 7 or 8 other antivirues that get their virus defs from bit defender, so they all falg it as well and it is always a "GEN" false positive. Its freaking pain lol

Shane

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: Tweaking.com - Windows Repair false positive reporting
« Reply #4 on: March 01, 2015, 11:47:30 am »
alright then more 22 antivirus and anti-malware have detected some of your program files as a malware ? check it this out lol!  :smiley:

 http://www.herdprotect.com/knowledgebase_resource.aspx?sha1=319a96ee8875b894d038a8aa7956df183b6bc1e4&u=2df60b6c-b672-44aa-b5c3-0485c24beccb&s=scanner&v=1.0.3.9

Shane you have a lot of work to do then ! lol :wink:


Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Tweaking.com - Windows Repair false positive reporting
« Reply #5 on: March 02, 2015, 10:17:56 am »
Damn! And look how all of them have it flagged as a "GEN"

Well only thing to do is to start sending the file to each of them so they will remove the false positive.

That exe is made with autoit. Those AV's must not like autoit very much lol

tweaking_ofp_x64.exe is made with autoit because my programs are made in VB6 and it can only compile to 32 bit. In order to open the file properties of 64 bit files I needed a 64 bit exe, so i made it in autoit since it can compile to a 64bit exe.

Shane

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Tweaking.com - Windows Repair false positive reporting
« Reply #6 on: March 02, 2015, 10:49:36 am »
You know what is odd, herd proect says Microsoft flags the file, yet I have Microsoft installed and it doesnt flag it at all, and virus total doesnt show any of the other antiviruses flagging it
https://www.virustotal.com/en/file/a4651fd57c5ebe5a7d4101f7b1df0b9afbf631d90ead8ecdc59d208c637fe6ae/analysis/1425321283/

The heard protect scan was from 12/25/2014, I even downloaded herdprotect to have it try to do a new scan and it simply just shows the old scan from two months ago. How do you get them to rerun the scan?

Shane