[clamav-users] False Positive of IObit product by ClamAV

Al Varnell alvarnell at mac.com
Wed Jul 26 06:20:47 UTC 2017 

A.J.,

I'm not familiar with any of their Windows offerings, but their MacBooster products for macOS/OS X have long been classified as PUA by ClamXAV and other Mac malware scanners. Coco has made similar requests concerning MacBooster FP's.

-Al-

On Tue, Jul 25, 2017 at 09:34 PM, Arnaud Jacques wrote:
> 
> Hello,
> 
> I have received this message of a false positive.
> 
> Regards,
> A.J.
> 
> -------- Message transféré --------
> Sujet : 	False Positive of IObit product by ClamAV
> Date : 	Wed, 12 Jul 2017 11:09:10 +0800
> De : 	beta feedback <beta-feedback at iobit.com>
> Pour : 	Arnaud Jacques <aj at securiteinfo.com>
> 
> 
> 
> Hi Arnaud Jacques,
> 
> This is Coco from IObit again (www.iobit.com <http://www.iobit.com>).
> 
> We developed our new version of Advanced SystemCare program and your program reported our file as Win.Trojan.Agent-5776274-0 again. Please help us investigate our program’s file again and remove this false positive. Thanks.
> 
> Here are information for your investigation:
> 
> 1. RegistryDefragBootTime.exe
> Here is the link of the false positive on VT:
> 
> _https://www.virustotal.com/en/file/068545ba92d9d481a8e994761884ec0849d343edba2f5446ecd91da183f337c6/analysis/1499784065/___
> 
> Download link: <http://wikisend.com/download/473568/RegistryDefragBootTime.exe>_https://www.sendspace.com/file/grzj9p_
> 
> 
> 2.RegistryDefragBootTime.exe
> VT:_https://www.virustotal.com/en/file/5d293fa4dc6389e94b026c2eb1272324e0cd3dd14879fb77e919f2656fbf6285/analysis/1499784247/_
> Download link:_https://www.sendspace.com/file/47e55q
> _
> 
> 3. RegistryDefragBootTime.exe
> VT:
> 
> _https://www.virustotal.com/en/file/2ba5ea1e7779a0d21a327986f0ceca78ef75258ec3ae1d329ef5a6727b0bb8de/analysis/1499784397/_
> Download link: _https://www.sendspace.com/file/d9l1rz___
> 
> Please investigate this issue and solve the false positive as soon as possible.
> 
> 
> Could you please let us know also how to remove this kind of false positive in the future? Any suggestion on your false positive standards for our reference would be much appreciated.
> 
> Any reply will be appreciated.
> 
> 
> -----------
> Sincerely,
> 
> Coco
> IObit Support Team
> http://www.iobit.com <http://www.iobit.com/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170725/efaedad2/attachment.bin>

More information about the clamav-users mailing list