MDGx False Positives ReadMe Guide + FAQ (original) (raw)
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
MDGx MAX Speed WinDOwS �Tricks � Secrets � Bugs � Fixes
�����������������http://www.mdgx.com/������������������
��������������������
... Serving strictly the best tweaks to millions of readers since 1993
This web site is (a)live for > 30 years and counting... ;-/
http://www.youtube.com/watch?v=HHUOnP8XnxA
False Positives
***************
[ http://www.google.com/search?q=false+positive+cybersecurity ]
Greetings, Fellow Computer + Internet User,
This text file is also available online:
http://www.mdgx.com/fp.php
Translate this HTML document into your language: top right side -> click/touch
down arrow to expand drop down menu -> select desired language:
http://translate.google.com/?sl=en&tl=en&text=http%3A%2F%2Fwww.mdgx.com%2Ffp.php
and also as plain text/ASCII file:
http://www.mdgx.com/FALSPOSI.TXT
Translate this file into your language: top right side -> click/touch down
arrow to expand drop down menu -> select desired language:
http://translate.google.com/?sl=en&tl=en&text=http%3A%2F%2Fwww.mdgx.com%2FFALSPOSI.TXT
Thanks a lot for your concern, I do appreciate your time.
If you're reading this, it is probably because a file at my site may have triggered a false/fake positive
virus/trojan/malware (rogue code) alarm/warning.
Those are but false positives, same as many others of their kind.
Here is some publicly available literature on the subject from accredited/reputable/respected/trustworthy
developers, entities and vendors you may have heard of, and/or you or/and someone you know may have been using
their software/products/services:
- Woolyss: Chromium based web browsers: Malware or False positive?
http://chromium.woolyss.com/#malware
- NirSoft: Antivirus "False Positive" Problems:
http://www.nirsoft.net/false\_positive\_report.html
- NirSoft: Antivirus companies cause a big headache to small developers:
http://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/
- Sarvam Blog: Nearly 70% of Packed Windows System files are labeled as Malware:
http://sarvamblog.blogspot.com/2013/05/nearly-70-of-packed-windows-system.html
- Xenu's Link Sleuth: Any Spyware, Adware, Malware?:
http://home.snafu.de/tilman/xenulink.html#spy
- Malwarebytes Labs: Explained: False positives:
http://blog.malwarebytes.com/security-world/2017/09/explained-false-positives/
- Sophos: How to investigate and resolve a potential false positive or incorrect detection:
http://support.sophos.com/support/s/article/KB-000037167/
- Panda Security: False positives - What are they?:
http://www.pandasecurity.com/en/mediacenter/security/false-positives-what-are-they/
- Virus Bulletin: The false positive disaster: Anti-Virus vs Winrar & Co:
http://www.virusbulletin.com/virusbulletin/2005/11/false-positive-disaster-anti-virus-vs-winrar-amp-co/
- McAfee: How to "White List" False Positives Manually:
http://community.mcafee.com/t5/VirusScan/How-to-quot-White-List-quot-False-Positives-Manually/td-p/208713/
- VirusTotal: A first shot at false positives:
http://blog.virustotal.com/2015/02/a-first-shot-at-false-positives.html
- AV-Comparatives: Spotlight on security: The problem with false alarms:
http://www.av-comparatives.org/spotlight-on-security-the-problem-with-false-alarms/
- ResearchGate: Antivirus False Positives alerts, Evading Malware Detection and Cyber-Security issues:
http://www.researchgate.net/publication/268443769/
- ResearchGate: Finding and Solving Contradictions of False Positives in Virus Scanning:
http://www.researchgate.net/publication/239731963/
- Infocyte: Cybersecurity 101: What You Need To Know About False Positives and False Negatives:
http://www.infocyte.com/blog/2019/02/16/cybersecurity-101-what-you-need-to-know-about-false-positives-and-false-negatives/
- LifeHacker: How Do You Know If Your Download Really Has a Virus?:
http://lifehacker.com/5521993/
- HelloTech: Not a Virus: How to Verify a False Positive Detection:
http://www.hellotech.com/blog/false-positive/
- Gizmo's Freeware: What Is A False Positive Antivirus Detection?
http://www.techsupportalert.com/content/what-false-positive-antivirus-detection.htm
- Gizmo's Freeware: How to report false positives to multiple anti-virus vendors:
http://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm
- Rick Strahl's Weblog: Dealing with Anti-Virus False Positives:
http://weblog.west-wind.com/posts/2016/oct/05/dealing-with-antivirus-false-positives/
- Software Engineering: How to prevent my executable being treated from AV like bad or virus?
http://softwareengineering.stackexchange.com/questions/191003/
- Stack Overflow: Antivirus False positive in my executable:
http://stackoverflow.com/questions/3339136/
- Wikipedia: Problems caused by false positives:
http://en.wikipedia.org/wiki/Antivirus\_software#Problems\_caused\_by\_false\_positives
FYI:
Here is the original (classic) standard verification designed by the anti-virus pioneers (McAfee) using a
harmless fake virus [EICAR], which mimics virus code without any of its ill effects, just by using a
particular combination of ASCII/plain text characters reproducible by anyone as plain text, which sets off
the anti-virus software by detecting a fake (false positive) malware code/file signature:
http://kc.mcafee.com/corporate/index?page=content&id=KB59742
To my knowledge the files at my site are harmless, some are 10-15 years old or even older, eventually part of
executable (.exe) or Windows Dynamic Link Library (DLL) Portable Executable (PE) compiler routines used back
in those days by old operating systems (OSes) like MS-DOS, Windows 3.x, Windows 9x [95/98/ME], NT4, 2000, XP,
and others.
NirSoft, for example, is one of the software developers who still uses successfully such techniques for their
programs even today, without any known harm.
http://www.ghacks.net/2015/10/19/nirsoft-publishes-antivirus-list-of-shame/
Some of these executables/files constitute or are part of ancient programs containing very old DOS/MS-DOS,
Win31 or Win95 style 16-bit or 32-bit code, and do not infect anything, only mimic by accident or by
coincidence the structure of some old/obsolete/outdated viruses/trojans found in some ancient databases.
Many such old programs contain similar harmless code, but somehow, even today, they still appear as
malware/trojans/viruses (rogue code) when scanned.
That's because malware/trojan/virus detection process uses generic heuristics methods and generic databases
of signatures in order to recognize malicious/rogue code.
Also, anti-malware/anti-virus detection code is always older than the newest malware/trojans/viruses released
in the wild.
Therefore malware/trojan/virus detection process has to play non-stop catch-up in order to be able to learn
to detect latest infections.
NOTE:
Most free(ware), open source app/executable/software code is not digitally signed because open source
programs/products are not owned by or registered to a particular company, developer, entity, organization.
Moreover, digital verification certificates are not free for developers of open source.
Many developers/businesses/providers/vendors/entities eventually keep up and update their software and
databases to recognize false positives (white/safe listings), but unfortunately some have not (yet), and some
still refuse to add old/obsolete harmless code/executables/programs/files to their lists of false positives,
mostly because they are afraid of losing business/profit, credit/popularity/fame, and/or being sued in a
court of law for liability, etc. ;-(
IMPORTANT:
Microsoft Windows users:
In case you have any concerns, please submit respective executable(s)/file(s)/archive(s) to Microsoft
Windows Defender Security Intelligence (WDSI) for analysis, just to be safe:
http://www.microsoft.com/wdsi/filesubmission/
and also to any other trustworthy entity, because you should have them scanned by at least a handful of
3rd party/independent/separate developers/entities/providers/vendors.
That's why VirusTotal (best example)
http://www.virustotal.com/
uses ~ 90 [!] such developers/entities/providers/vendors, to make sure everybody gets a quality review.
VirusTotal report for my domain [www.mdgx.com\] as of october 2022:
http://www.virustotal.com/gui/url/731e2d25929f0c6ba3222304c212bc559e72a05898724f1bd5f82016352b544a
[After more than 10 months they finally removed the single false positive. ;-/]
I usually ask the gracious contributors who send/recommend me files for public "consumption" to check them
for all possible "infections", and so do I before installing/sharing/testing/uploading/using them.
I do upload and post all the files at my site only after successful anti-virus scans from multiple
entities/providers/vendors.
http://www.mdgx.com/vir.htm
Here are the safety reports for my web site [mdgx.com] from trustworthy/accredited entities:
http://www.mdgx.com/safety.htm
Many such files are meant to be used with older/obsolete Operating Systems (OSes) and Environments like
DOS/MS-DOS, Windows 3.x, Windows 95/95 OSR2/98/98 SE/Millennium Edition (ME)/2000/XP/2003, OS/2, Linux and
reside at my site for longer than 10-15 years without causing any harm, devoid of complaints as far as I'm
aware, while being downloaded, used & shared for many years by millions of people all over the world.
I use Transport Layer Security (TLS)/Secure Sockets Layer (SSL) HTTPS protocol for my domain:
https://www.mdgx.com/
Everything at my site is being scanned constantly using updated malware/spyware/virus databases by my web
site host provider,
https://www.greengeeks.com/
one of the best in the business.
GreenGeeks safety reviews [rated it no. 5 in its category]:
http://digital.com/web-hosting/greengeeks/
http://www.g2.com/products/greengeeks/reviews
http://www.trustpilot.com/review/greengeeks.com
http://www.hostingmanual.net/greengeeks-review/
http://websitesetup.org/hosting-reviews/greengeeks/
http://www.websitetooltester.com/en/hosting/greengeeks-reviews/
FYI:
Just in case you don't feel comfortable with something/anything originated from my site, please
delete/uninstall it/them completely from all your computers/devices/storage media/networks/sites.
Many thanks for taking the time to read this boring tirade in its entirety.
Best Wishes.
MDGx
[formerly known as AXCEL216]
creator, author, editor, owner + webmaster of
http://www.mdgx.com/
Feedback [e-mail]:
http://www.mdgx.com/form.htm
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@