INTERACT FORUM
Windows => JRiver Media Center 33 for Windows => Topic started by: JimH on August 17, 2024, 09:41:50 am
-
We're seeing a number of false positive reports from antivirus software on the new MC33 download file.
Please report them to your antivirus provider.
We strongly recommend using only Windows Defender.
If you question our opinion, please visit https://www.virustotal.com/gui/home/upload and check yourself.
Or take a look at this thread: https://yabb.jriver.com/interact/index.php?topic=86096.msg588759#msg588759
-
VirusTotal reports that both Avast and AVG are reporting the downloaded install file as a trojan.
-
Avast and AVG are owned by the same company, so it shouldn't be a surprise that both are reporting this false positive.
-
VirusTotal reports that both Avast and AVG are reporting the downloaded install file as a trojan.
The other 66 companies say it's clean. Which side would you believe?
These companies make mistakes _all_the_time. If you're skeptical, read our thread on antivirus problems: https://yabb.jriver.com/interact/index.php?topic=86096.msg588759#msg588759
I think they look for patterns in files and patterns in behavior and then they guess.
-
Using the latest Windows 11 64-bit OS, trying to download MC 33 via Edge, Windows Defender took strong objection. The magic 3-dot menu option let me override the ornery Defender and grab the prize.
-
Missing files: https://yabb.jriver.com/interact/index.php/topic,139525.msg967401.html#msg967401
Avast
-
Anyone using Avast or AVG can report the false positives here:
https://www.avast.com/report-false-positive
https://www.avg.com/en-ww/report-false-positive
Click on File and fill out the form. I would do it, but I don't have an alert ID since I don't use either product. It seems only customers of Avast or AVG can report the false positive, grrrr. Anyways...
Two of the files (JRiverASIODriver64.dll and hh_portable.dll) that Avast and AVG seem to be flagging as malicious aren't signed with JRiver's Extended Validation (EV) certificate, so that could be why it's happening (for those at least, maybe, but I'm starting to think those AVs have lousy heuristic scanning engines, IMO). Media Core Launcher.exe which during the install of MC33 is renamed to MC33.exe is signed with the EV certificate and both Avast/AVG are flagging it. Honestly this is a little mind boggling to me that they don't automatically request/pull a sample and run deeper analysis as it's signed with an EV certificate, since malware creators aren't going to buy expensive EV certs and sign malware on it, as it can be revoked so easily and it'd be a waste of an EV certificate and money.
-
Now works; no more virus allert on download and setup (definition > 240824-1 build 24.89.9372.864)
-
Yep, looks like Avast and AVG fixes the false positives, YAY!