Virus or false positive?

All topics about ZGameEditor goes here.

Moderator: Moderators

User avatar
Ats
Posts: 127
Joined: Fri Sep 28, 2012 10:05 am
Contact:

Virus or false positive?

Postby Ats » Thu Jul 19, 2018 7:54 am

I just discovered that each and every exe files generated by ZGameEditor gives a positive to a lot of anti-virus software.
Here's the scan for my last version of Omeganaut:
https://www.virustotal.com/#/file/2d659 ... /detection

My problem is that, because of the update I uploaded yesterday, my website was listed by Google as malicious and everything you could download on it is now blocked by Chrome... I already saw that in old example files on your forum. Do you know what can I do?

User avatar
VilleK
Site Admin
Posts: 1912
Joined: Mon Jan 15, 2007 4:50 pm
Location: Stockholm, Sweden
Contact:

Re: Virus or false positive?

Postby VilleK » Thu Jul 19, 2018 8:56 am

Hi, perhaps try a version that is not Upx compressed? Some AV-software give false positives on all compressed executables.

User avatar
Ats
Posts: 127
Joined: Fri Sep 28, 2012 10:05 am
Contact:

Re: Virus or false positive?

Postby Ats » Thu Jul 19, 2018 9:24 am

Here's the result for the uncompressed version: https://www.virustotal.com/#/file/17a13 ... /detection
It's a bit better :lol:

Somehow, I managed to produce a zip that is "virus" free: https://www.virustotal.com/#/url/b5e0e8 ... /detection
Don't know how or why. It seems very random...

Now I can only wait for googlebot to rescan my website and mark it as not malicious.

User avatar
Ats
Posts: 127
Joined: Fri Sep 28, 2012 10:05 am
Contact:

Re: Virus or false positive?

Postby Ats » Fri Jul 20, 2018 9:58 am

So after some research, it appears that all exe files made out of Delphi/Pascal always gives a false positive on anti-virus softwares that are scanning files heuristicaly. And once Google bots decides that a file hosted on your website is infected, it automatically prevents ALL downloads from your website in Chrome.

In order to repair that, you have to:


Google has received and processed your security review request. Google systems indicate that http://www.txori.com/ no longer contains links to harmful sites or downloads. The warnings visible to users are being removed from your site. This may take a few hours to happen.


YEAH!!!!!


Return to “General discussion”

Who is online

Users browsing this forum: No registered users and 1 guest