Author Topic: Faux positif avec SFT (Read 1146 times)

« **on:** September 14, 2012, 07:54:59 PM »

Bonsoir,

J'ai développé un utilitaire permettant de supprimer les fichiers temporaires inutiles.
Cet utilitaire est considéré infectieux par votre Anti virus...
Il ne l'est pourtant pas avec l'analyse par Virus Total
Si vous voulez analyser: Télécharger SFT.exe

Merci.

Modification (lien non cliquable)

« **Reply #1 on:** September 14, 2012, 09:04:26 PM »

There is an specific French board. Please post there or here, in English

« **Reply #2 on:** September 14, 2012, 09:28:55 PM »

Until we get clarification and confirmation of it's safety,
The link to the Telecharger.exe file needs to be made no-clickable.

(Reported to Moderator)

« **Reply #3 on:** September 14, 2012, 09:50:13 PM »

Break link to the download of the executable. It is packed with AUTOIT and ASCRIPT raising suspicion.
Here it is listed as suspicious also: http://wepawet.iseclab.org/view.php?hash=0e9346c9292bbe3ebd855a9768f5bc50&t=1347658750&type=js
Not only avast to flag it: https://www.virustotal.com/file/18c560e519c1809766a447ca7d53e9e89ed21ac41660eb840cfc22ab8df49115/analysis/

polonus

« **Reply #4 on:** September 15, 2012, 09:32:37 AM »

@Polonus

see the VT scan the OP posted and you posted have different MD5
MD5 d6903db30095ed32070b95d87501db4f
MD5 e06041b86d4a4ec82df38ec60d229e2c

Norman lab

Quote

SFT.exe: Not Detected MD5 MD5 E06041B86D4A4EC82DF38EC60D229E2C - No malicious activity found.

ThreatExpert
http://www.threatexpert.com/report.aspx?md5=e06041b86d4a4ec82df38ec60d229e2c

« **Reply #5 on:** September 15, 2012, 11:13:25 AM »

Hello,

The following usage statistics SFT.

Excuse my English

thank you

« **Reply #6 on:** September 15, 2012, 02:13:04 PM »

Hello,

I confirm that the program "SFT", developed on a small scale by Pierre13, is often used for the removal of temporary files on some French forums (especially on our forum) after disinfection of the computer.
Unfortunately, Avast deletes immediately, which is very annoying ... and requires us to disable Avast.
Avast antivirus is the only antivirus that reacts this way.
What decision do you take?

Thank you to study the problem

Sorry for my english (translation with Google...).

Best regards

« **Reply #7 on:** September 15, 2012, 03:04:34 PM »

When you have the file in avast chest, right click it and upload to avast lab as false positive
it will then be sendt at next update ....or at once if you do a manuall update

you may add a link to this topic

« **Reply #8 on:** September 15, 2012, 03:44:28 PM »

Ok thanks.
We'll do that.

« **Reply #9 on:** September 15, 2012, 07:19:16 PM »

Quote from: Pondus on September 15, 2012, 03:04:34 PM

When you have the file in avast chest, right click it and upload to avast lab as false positive

Hello

Quarantined file sent to the laboratory Avast.

Best Regards.

« **Reply #10 on:** September 21, 2012, 08:57:52 PM »

Hello
We are always annoyed by this false positive.
What is your reaction about this ?

« **Reply #11 on:** September 27, 2012, 04:49:12 AM »

No response to this request?
that it happens on this forum?

« **Reply #12 on:** October 04, 2012, 08:36:54 PM »

Hello,

Why our requests remain unanswered?
We inform you of a false positive and nothing is done.
It's a shame...
Our users have tried to report the false positive as requested but it is impossible.
Can you help us?
Thank you in advance

News:

Author Topic: Faux positif avec SFT (Read 1146 times)

Pierre13

Faux positif avec SFT

Tech

Re: Faux positif avec SFT

bob3160

Re: Faux positif avec SFT

polonus

Re: Faux positif avec SFT

Pondus

Re: Faux positif avec SFT

Pierre13

Re: Faux positif avec SFT

Elo

Re: Faux positif avec SFT

Pondus

Re: Faux positif avec SFT

Elo

Re: Faux positif avec SFT

Pierre13

Re: Faux positif avec SFT

maxou45

Re: Faux positif avec SFT

maxou45

Re: Faux positif avec SFT

Elo

Re: Faux positif avec SFT