johnm Posted September 17, 2010 Report Share Posted September 17, 2010 This morning my 2.0.14.139 ClamAV-branded installation of Immunet Protect quarantined a file named SerenjiSentry.exe. I am absolutely sure this is a false positive, since I am Senior Product Engineer at the company where this file originates. Serenji is a product of George James Software (www.georgejames.com). It must be a new detection, since the exe has been present and running on my PC since long before I installed Immunet Protect. Please correct this. Thank you. John Murray Link to comment Share on other sites More sharing options...
Guest Orlando Posted September 17, 2010 Report Share Posted September 17, 2010 This morning my 2.0.14.139 ClamAV-branded installation of Immunet Protect quarantined a file named SerenjiSentry.exe. I am absolutely sure this is a false positive, since I am Senior Product Engineer at the company where this file originates. Serenji is a product of George James Software (www.georgejames.com). It must be a new detection, since the exe has been present and running on my PC since long before I installed Immunet Protect. Please correct this. Thank you. John Murray There are several ways to report a FP. The quickest way is this: Go to this page http://www.immunet.com/contact/index.html go down and choose: "report false positives" and finally send the file. Other methods (most uncomfortable for both, but useful in case one goes down): 1 - Post the file here if it is not too large; 2 - Send it to support@immunet.com with a brief explanation. Thanks for the support, Orlando Link to comment Share on other sites More sharing options...
johnm Posted September 17, 2010 Author Report Share Posted September 17, 2010 Thanks. I'd meant to attach the file on my original posting, but forgot. I've submitted it along with the report via the webpage. John Link to comment Share on other sites More sharing options...
millard@immunet.com Posted September 17, 2010 Report Share Posted September 17, 2010 Serenjisentry.exe has been white listed. --Millard Link to comment Share on other sites More sharing options...
Guest Jean-Claude Bilodeau Posted September 24, 2010 Report Share Posted September 24, 2010 Scans here seems to detect a lot of viruses, they are all quarantined but I'm wondering if it's not a false alert ? W32.spero.generic-091 W32.spero.startpage 0907 Can anyone advise if these are false positives ? Thanks Link to comment Share on other sites More sharing options...
alfred Posted September 24, 2010 Report Share Posted September 24, 2010 Scans here seems to detect a lot of viruses, they are all quarantined but I'm wondering if it's not a false alert ? W32.spero.generic-091 W32.spero.startpage 0907 Can anyone advise if these are false positives ? Thanks Hi, The detection names themselves are not really enough to help us define if the detections you received are false positives or not. You can post the files, or you can send a support snapshot (http://support.immunet.com/tiki-read_article.php?articleId=10) to support@immunet.com and we can diagnose it there. Regards, al Link to comment Share on other sites More sharing options...
Guest Don B Posted September 27, 2010 Report Share Posted September 27, 2010 I have a screen saver that I created myself and has been running on one of my computers for a couple of years. This morning Immunet flagged it as a virus it called W32.SPERO.VAC.0915 The screen saver file would be quite large to upload here, it's 129 meg. The file was created using Ifanview from jpg pictures of flowers I took. Don Link to comment Share on other sites More sharing options...
Guest Orlando Posted September 28, 2010 Report Share Posted September 28, 2010 I have a screen saver that I created myself and has been running on one of my computers for a couple of years. This morning Immunet flagged it as a virus it called W32.SPERO.VAC.0915 The screen saver file would be quite large to upload here, it's 129 meg. The file was created using Ifanview from jpg pictures of flowers I took. Don As I have said the procedure is as follows: There are several ways to report a FP. The quickest way is this: Go to this page http://www.immunet.c...tact/index.html go down and choose: "report false positives" and finally send the file. Other methods (most uncomfortable for both, but useful in case one goes down): 1 - Post the file here if it is not too large; 2 - Send it to support@immunet.com with a brief explanation. Knowing the name recognition does not help us to identify the FP. Orlando Link to comment Share on other sites More sharing options...
alfred Posted September 28, 2010 Report Share Posted September 28, 2010 I have a screen saver that I created myself and has been running on one of my computers for a couple of years. This morning Immunet flagged it as a virus it called W32.SPERO.VAC.0915 The screen saver file would be quite large to upload here, it's 129 meg. The file was created using Ifanview from jpg pictures of flowers I took. Don Don, We can fix this without you needing to send all 129 megs to us. If you download a fingerprint tool called md5deep 3.6 and run one of it's binaries on your screen saver for us. You can grab this tool at: http://sourceforge.net/projects/md5deep/files/md5deep/md5deep-3.6/md5deep-3.6.zip/download This will give you a zip file with a series of hashtools in it. You want to run sha256deep.exe against your binary. It will spit out s sha56 checksum to you. If you can post that checksum here I can whitelist your app. Best, alfred Link to comment Share on other sites More sharing options...
xarc Posted September 28, 2010 Report Share Posted September 28, 2010 Don, We can fix this without you needing to send all 129 megs to us. If you download a fingerprint tool called md5deep 3.6 and run one of it's binaries on your screen saver for us. You can grab this tool at: http://sourceforge.net/projects/md5deep/files/md5deep/md5deep-3.6/md5deep-3.6.zip/download This will give you a zip file with a series of hashtools in it. You want to run sha256deep.exe against your binary. It will spit out s sha56 checksum to you. If you can post that checksum here I can whitelist your app. Best, alfred Hope you don't mind Alfred I want to make a suggestion for checksum files in Windows or Mac ... HashTab 3.0 it's free and a good one. Link to comment Share on other sites More sharing options...
benfaust Posted March 9, 2012 Report Share Posted March 9, 2012 I think I submitted another program labeled as the same threat mentioned here... But the false positive form goes to a Page Not Found message. Same for the other contact form I tried. So I'm not sure if you got the file I zipped and sent (TedNPad), and am attaching it here. I've used that Notepad alternative for years and have never had any problem with it. TedNPad.zip Link to comment Share on other sites More sharing options...
millard@immunet.com Posted March 9, 2012 Report Share Posted March 9, 2012 I think I submitted another program labeled as the same threat mentioned here... But the false positive form goes to a Page Not Found message. Same for the other contact form I tried. So I'm not sure if you got the file I zipped and sent (TedNPad), and am attaching it here. I've used that Notepad alternative for years and have never had any problem with it. TedNPad.zip The TedNPad.zip False Positive has been fixed. Link to comment Share on other sites More sharing options...
DimitriAus Posted March 22, 2014 Report Share Posted March 22, 2014 There are several ways to report a FP. The quickest way is this: Go to this page http://www.immunet.c...tact/index.html go down and choose: "report false positives" and finally send the file. ... I submitted an .exe file and your page says: The media file type you uploaded was not recognized. Please try again. This file been scanned by virustotal.com - all good. Link to comment Share on other sites More sharing options...
ritchie58 Posted March 25, 2014 Report Share Posted March 25, 2014 Hi DimitriAus, I too just tried to submit a FP several times using the Contact Us page and also got an error message. This is something Support definetly needs to look into! However, when the site is working correctly it is important to archive the file in question as a zip file for submission. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.