Help - Search - Members
Full Version: Kaspersky detection on our product
Kaspersky Lab Forum > English User Forum > Virus-related issues
ksaperskyfalse
We are a security software provider in china,and we have an anti-trojan product,

Recently many users told us AVP 7.0 has false posistives on our software,

you can download it from http://www.lofocus.com/BTSetup2008_tw.exe ,Please check it carefully,Our product is

not the virus which detected "Heur.Invader" by AVP 7.0,

we hope you can resolve this false posistives as fast as you can,thanks...


BTW:I sent this false posistives to newvirus@kaspersky.com,but no response
Lucian Bara
hello
this is a heuristic false positive so it takes a bit longer to remove it. Also if you put it that way i assume that your product does some code injections (there for is not an actual false positive)
ksaperskyfalse
Many users told us our product contains virus,they do not know what's exact mean of "Heur.Invader",

They just think about it's a virus,many users even doubt that this malicious code in our product was made by ourselves,

so we really hope avp can fix this problem as soon as possible,please...........
NickGolovko
You may say to your users that Kaspersky Lab will include your software to the whitelist as soon as possible.

Before that they may add it to the Trusted Zone.
ksaperskyfalse
We are a security software provider in china,and we have an anti-trojan product,

Recently many users told us AVP 7.0 has false posistives on our software,

you can download it from http://ftp.isu.edu.tw/pub/Windows/softking...etup2008_tw.exe ,Please check it carefully,Our product is

not the virus which detected "Heur.Invader" by AVP 7.0,

we hope you can resolve this false posistives as fast as you can,thanks...


Several days ago,We have announced this mistake in this link:http://forum.kaspersky.com/index.php?showtopic=56205,but now AVP 7.0 still

detect our software as "Heur.Invader",........
Wordmonger
Sorry, I'm unable to reproduce the detection. Are you sure you are using the latest AV bases?
ksaperskyfalse
Our software download address is http://www.lofocus.com/BTSetup2008_tw.exe

if avp7.0 is running,our users even can not download our product from offcial website because avp detect virus:heur.invader!!!!!!!!!!!

,we updated avp 7.0 at 2/14 5:57:24 AM to reproduce this mistake.Pls fix this mistake asap,thanks..............


Click to view attachment
Baz^^
Looks like I can reproduce this issue. (Kind of)


This might be a Heur engine bug?

When I initiate a right click scan on the file, Kaspersky flags "Heur.Invader" (while it is scanning)


Once it is finished scanning, the Heur.Invader object is now discarded as "not found"....rescanning the file again will find "Heur.Invader" which will again skip to "not found" at the end of the scan.



ksaperskyfalse
KIS 7.0 still detect our product as "heur.invader":

We downloaded kis 7.0 traditional version to test

Download address is: http://www.kaspersky.com.tw/KL-Downloads/P...ctDownloads.htm

kis7.0 version is 7.0.0.125,our product download address is http://www.lofocus.com/BTSetup2008_tw.exe

recently many users call us for this false posistives,We feel very depressed and hope you can solve this

problem as soon as possible. Thanks.......


The support page and the false posistives are attached


Baz^^
Hi,

Please be patient, there is a member of the Kaspersky team working on this issue, wait for their reply.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.