Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02-08-2021, 17:12
Asus Asus is offline
VIP
 
Join Date: Feb 2005
Posts: 521
Rept. Given: 99
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 72
Thanks Rcvd at 31 Times in 18 Posts
Asus Reputation: 26
Safengine and Windows 10 false detection

Dear all friends,

I do have an application (it's not genuine, was patched) and was packed with Safengine (China Protector). Windows 10 and VirusTotal detected file is viruses and don't allow to download from first that I must temporary disable Real Time Protection of Windows and set exclusion for it.

I wonder do we have way to make file become regular?

B.R,
Asus.
Reply With Quote
  #2  
Old 02-08-2021, 17:47
DARKER DARKER is offline
VIP
 
Join Date: Jul 2004
Location: Côte d'Ivoire
Posts: 295
Rept. Given: 13
Rept. Rcvd 91 Times in 36 Posts
Thanks Given: 2
Thanks Rcvd at 157 Times in 67 Posts
DARKER Reputation: 91
Usual way is report file as false positive to each AV vendor and the file become regular. In your case file is not genuine (patched) and also protected/obfuscated and this solution will not work. You can try unpack it (remove protector) to decrease false alarm rate.
Reply With Quote
The Following User Says Thank You to DARKER For This Useful Post:
Asus (02-09-2021)
  #3  
Old 02-09-2021, 13:35
Asus Asus is offline
VIP
 
Join Date: Feb 2005
Posts: 521
Rept. Given: 99
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 72
Thanks Rcvd at 31 Times in 18 Posts
Asus Reputation: 26
I did think as you suggested and try to unpack that executable file, unfortunately failed.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 04:30.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )