sagib

False Positive

10 posts in this topic

Dear team,

"InstallCore" is a professional Installation Platform, used by the biggest publishers in the market (like CNET). We are marked in VirusTotal as "Gen:Variant.Application.InstallCore.5"

This is probably a mistake, and it is hurting our business. Many of our customers complain that their installer is now flagged.

Please clear this flag, or let us know the reason for it so we could avoid such cases in the future.

I will be happy to provide more details if needed. File is attached.

Best regards,

Sagi Bakshi, VP Business Development

InstallCore

Share this post


Link to post
Share on other sites

Hello Sagi :)

We are sorry for the inconvenience.

Could you please provide us a sample?

Take care.

Share this post


Link to post
Share on other sites

Hi :)

Great. I have sent this to our lab and I will post here an answer ASAP.

Take care.

Share this post


Link to post
Share on other sites
Hi :)

Great. I have sent this to our lab and I will post here an answer ASAP.

Take care.

Share this post


Link to post
Share on other sites

Hello :)

Detection will remain. The file is considered adware.

Have a great day!

Share this post


Link to post
Share on other sites

Hi Chrisitan,

It seems that once again BitDefender have a False Positive detection on one of our installers. It is used by one of the biggest download portals in Turkey, I will appreciate your response here.

Files can be taken from here:

http://cdn.tamindir.com/dl/PointBlank_kur.exe

http://cdn.tamindir.com/dl/100saveSanAndreas.exe

The marking in Virus Total says:

Gen:Variant.Application.InstallCore.4

Best regards,

Sagi.

Share this post


Link to post
Share on other sites

Hello Sagi :)

Detection will remain, those applications are adware.

Take care.

Share this post


Link to post
Share on other sites

Christian,

These applications were not flagged at all. What was flagged is the installer itself. InstallCore's installer is our product, and Tamindir is using it to deliver thousands of applications to their users.

I sent you 2 sample downloadable applications, only for testing.

Can you please re-check this issue?

Even the detection mentions it specifically - Gen:Variant.Application.InstallCore.4

InstallCore uses bundling of free offers for users, to allow them to get Tamindir's applications for free as well (it is advertising, not adware).

Looking forward for your reply.

BTW - "DitDefender" is also one of the advertisers on Tamindir.

Share this post


Link to post
Share on other sites

Hello :)

Sorry for the delay.

A generic exception will be provided next week!

Have a great weekend!

Share this post


Link to post
Share on other sites