Oh what a crap...
I ran the final executable for the MobMapUpdater v1.75 through VirusTotal yesterday to make sure that Kaspersky and AntiVir (which classified the last version of my updater as a trojan just a few weeks ago) don't find any mysterious nonexistent "trojans" again. And they didn't - both showed the file as being clean.
So I released it, and what do I find now? Numerous reports of Kaspersky finding another trojan (with a nice new name) in the exact same file that was "clean" yesterday, a file that didn't contain a trojan yesterday and that does not contain a trojan now. I do have a feeling that those stupid antivirus companies generate those "trojans" out of thin air just for me and my updater...
I'm going to test this now. I recompiled the executable and gave it a new version number, v1.76. Just recompiling the file with a little change in the compiler options was enough to be classified as "clean" again by the Kaspersky scanner (this time I used the ActiveX online scanner on the Kaspersky web site). This "new version" is now online for download through the self-update process. Now I'll see what happens...
And I've contacted Kaspersky about this whole shit, of course. I'm really anxious to recieve their response.
[update] Kaspersky hasn't responded yet (seems they aren't always that fast), but Avira, which have also added the Updater to their signatures, have:
In english: The file has been classified as false positive. This means that the file is not dangerous. The signature will be removed from our virus definition files in one of the next updates.
So I released it, and what do I find now? Numerous reports of Kaspersky finding another trojan (with a nice new name) in the exact same file that was "clean" yesterday, a file that didn't contain a trojan yesterday and that does not contain a trojan now. I do have a feeling that those stupid antivirus companies generate those "trojans" out of thin air just for me and my updater...
I'm going to test this now. I recompiled the executable and gave it a new version number, v1.76. Just recompiling the file with a little change in the compiler options was enough to be classified as "clean" again by the Kaspersky scanner (this time I used the ActiveX online scanner on the Kaspersky web site). This "new version" is now online for download through the self-update process. Now I'll see what happens...
And I've contacted Kaspersky about this whole shit, of course. I'm really anxious to recieve their response.
[update] Kaspersky hasn't responded yet (seems they aren't always that fast), but Avira, which have also added the Updater to their signatures, have:
Die Datei 'MobMapUpdater.exe' wurde als 'FALSE POSITIVE' eingestuft. Dies bedeutet, dass diese Datei nicht gefährlich und eine Fehlmeldung unsererseits ist. Das Erkennungsmuster wird mit einem der nächsten Updates der Virendefinitionsdatei (VDF) entfernt werden.
In english: The file has been classified as false positive. This means that the file is not dangerous. The signature will be removed from our virus definition files in one of the next updates.
