False positives list
Cristiano
15 May 2009
please, before read this, please notice that this list is provided for reference only.
MSCOMCTL.OCX: this file is located under apup_bin, and may have 2 md5. the newest one is 520980110b0ac4854eac5219a10fa7d8 and this one doesn't have any know issue. evidence of it can be found in here.
this file is required to run apup. mscomctl.ocx is an ActiveX Control module that contains common controls used by Windows, such as ImageCombo, ImageList, ListView, ProgressBar, Slider, StatusBar, TabStrip, ToolBar, and TreeView controls. this file can be downloaded from several places, including Microsoft Website.
this file can be re-tested by hitting this. just select the file, press "send file" and hit the "Reanalise file now" button.
MSWINSCK.OCX: this file is located under apup_bin, and may have 2 md5. the newest one is 40fce4be52f6015c23fd96a4b3351357 and this one doesn't have any know issue so far. evidence of it can be found in here.
this file is required to run apup. mswinsck.ocx is the winsock control module used in Visual Basic applications to add the functionality of socket programming. this file can be downloaded from several places, including Microsoft Website.
dir2file.exe: this file is located under apup\modules\Tweaks\__Functionality\DIR2File_x86_enu.apm_files and has this md5: e8bf4f790ab6a3f46dee58747c2507be. this file isn't really required to autopatcher run, but this file allow you to generate an list from the content of an folder. this one it's pretty similar to dir > list.txt command. this file can be safely removed, but then autopatcher will run also an unofficial version.
today, this file has the following false-positives:
dir2file.exe
MD5...: e8bf4f790ab6a3f46dee58747c2507be
eSafe 7.0.17.0 2009.09.03 Suspicious File
Sophos 4.45.0 2009.09.05 Sus/ComPack-C
TheHacker 6.3.4.3.396 2009.09.04 W32/Behav-Heuristic-066
evidence of the issue can be found in this report.
this file can be re-tested by hitting this. just select the file, press "send file" and hit the "Reanalise file now" button.
reboot.exe: this file is located under apup\bin folder. it has this MD5: 994f3e97c11a47588cf51113c2b0055a. this file is required to auto-restart your machine after apply the updates. if missing, you will be required to restart your machine by yourself.
today, this file has the following false-positives:
CAT-QuickHeal 10.00 2009.09.05 (Suspicious) - DNAScan
eSafe 7.0.17.0 2009.09.03 Suspicious File
Sophos 4.45.0 2009.09.05 Sus/ComPack-C
TheHacker 6.3.4.3.396 2009.09.04 W32/Behav-Heuristic-066
evidence of the issue can be found in this report.
this file can be re-tested by hitting this. just select the file, press "send file" and hit the "Reanalise file now" button.
why those are false-positives? easy. Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. their service test the files with something about 40 engines. if only a few engines point the issue, the most provable reason for that is an false-positive. if, at anytime, an false-positive reaches more than 50% positive reports of the possible engines, then the file will be gone for safety.
if yours have any questions about more false-positives or any other suspicious file that autopatcher or apup have, please report it that we will gladly track the issue and try fix it if possible. but please understand that we don't have any kind of control under any anti-virus software and basically if they really care about what they do, they will fix it someday.
thanks for your understanding
AutoPatcher Team
edit:
2009-05-17: in the latest update of Avast 4.8.1335.0 updated at 2009.05.17, the issue related to the false-positive with dir2file.exe seems solved. thanks Avast team by your quick solution for this issue and also thanks White Knight by the report of it
2009-05-25: today, all the know false-positive list was re-checked. none issue was solved and Avast 4.8.1335.0 updated at 2009.05.24 is giving an false positive for the file reboot.exe. all the know false-positive was re-checked. none issue was fixed
2009-05-26: today, the file reboot.exe was re-checked. good news. Avast team has fixed the false-positive in reboot.exe file, but an update is required to remove the false positive. the version that have the issue fixed is Avast 4.8.1335.0 2009.05.25. thanks Avast team by your quick solution for this issue
2009-06-03: all files re-checked. none issue fixed
2009-06-08: all files re-checked. none issue fixed
2009-07-14: all files re-checked. the only one issues that was fixed are related to the replacement of
MSCOMCTL.OCX and MSWINSCK.OCX by the version of those files that are included in KB957924. so, if you are having any issue with those files, just let selected the apup + autopatcher scripts that you will download the new version of those files. for dir2file.exe and reboot.exe, we can't do anything about it, since there's not any new version for those files and certain companies aren't doing his job and fixing their false-positive.
2009-09-05: all files re-checked. none issue fixed and they had almost 2 months to do that since our last test. really, someone isn't doing his job...
Edited by Cristiano, 05 September 2009 - 10:22 PM.
MSCOMCTL.OCX: this file is located under apup_bin, and may have 2 md5. the newest one is 520980110b0ac4854eac5219a10fa7d8 and this one doesn't have any know issue. evidence of it can be found in here.
this file is required to run apup. mscomctl.ocx is an ActiveX Control module that contains common controls used by Windows, such as ImageCombo, ImageList, ListView, ProgressBar, Slider, StatusBar, TabStrip, ToolBar, and TreeView controls. this file can be downloaded from several places, including Microsoft Website.
this file can be re-tested by hitting this. just select the file, press "send file" and hit the "Reanalise file now" button.
MSWINSCK.OCX: this file is located under apup_bin, and may have 2 md5. the newest one is 40fce4be52f6015c23fd96a4b3351357 and this one doesn't have any know issue so far. evidence of it can be found in here.
this file is required to run apup. mswinsck.ocx is the winsock control module used in Visual Basic applications to add the functionality of socket programming. this file can be downloaded from several places, including Microsoft Website.
dir2file.exe: this file is located under apup\modules\Tweaks\__Functionality\DIR2File_x86_enu.apm_files and has this md5: e8bf4f790ab6a3f46dee58747c2507be. this file isn't really required to autopatcher run, but this file allow you to generate an list from the content of an folder. this one it's pretty similar to dir > list.txt command. this file can be safely removed, but then autopatcher will run also an unofficial version.
today, this file has the following false-positives:
dir2file.exe
MD5...: e8bf4f790ab6a3f46dee58747c2507be
eSafe 7.0.17.0 2009.09.03 Suspicious File
Sophos 4.45.0 2009.09.05 Sus/ComPack-C
TheHacker 6.3.4.3.396 2009.09.04 W32/Behav-Heuristic-066
evidence of the issue can be found in this report.
this file can be re-tested by hitting this. just select the file, press "send file" and hit the "Reanalise file now" button.
reboot.exe: this file is located under apup\bin folder. it has this MD5: 994f3e97c11a47588cf51113c2b0055a. this file is required to auto-restart your machine after apply the updates. if missing, you will be required to restart your machine by yourself.
today, this file has the following false-positives:
CAT-QuickHeal 10.00 2009.09.05 (Suspicious) - DNAScan
eSafe 7.0.17.0 2009.09.03 Suspicious File
Sophos 4.45.0 2009.09.05 Sus/ComPack-C
TheHacker 6.3.4.3.396 2009.09.04 W32/Behav-Heuristic-066
evidence of the issue can be found in this report.
this file can be re-tested by hitting this. just select the file, press "send file" and hit the "Reanalise file now" button.
why those are false-positives? easy. Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. their service test the files with something about 40 engines. if only a few engines point the issue, the most provable reason for that is an false-positive. if, at anytime, an false-positive reaches more than 50% positive reports of the possible engines, then the file will be gone for safety.
if yours have any questions about more false-positives or any other suspicious file that autopatcher or apup have, please report it that we will gladly track the issue and try fix it if possible. but please understand that we don't have any kind of control under any anti-virus software and basically if they really care about what they do, they will fix it someday.
thanks for your understanding
AutoPatcher Team
edit:
2009-05-17: in the latest update of Avast 4.8.1335.0 updated at 2009.05.17, the issue related to the false-positive with dir2file.exe seems solved. thanks Avast team by your quick solution for this issue and also thanks White Knight by the report of it
2009-05-25: today, all the know false-positive list was re-checked. none issue was solved and Avast 4.8.1335.0 updated at 2009.05.24 is giving an false positive for the file reboot.exe. all the know false-positive was re-checked. none issue was fixed
2009-05-26: today, the file reboot.exe was re-checked. good news. Avast team has fixed the false-positive in reboot.exe file, but an update is required to remove the false positive. the version that have the issue fixed is Avast 4.8.1335.0 2009.05.25. thanks Avast team by your quick solution for this issue
2009-06-03: all files re-checked. none issue fixed
2009-06-08: all files re-checked. none issue fixed
2009-07-14: all files re-checked. the only one issues that was fixed are related to the replacement of
MSCOMCTL.OCX and MSWINSCK.OCX by the version of those files that are included in KB957924. so, if you are having any issue with those files, just let selected the apup + autopatcher scripts that you will download the new version of those files. for dir2file.exe and reboot.exe, we can't do anything about it, since there's not any new version for those files and certain companies aren't doing his job and fixing their false-positive.
2009-09-05: all files re-checked. none issue fixed and they had almost 2 months to do that since our last test. really, someone isn't doing his job...
Edited by Cristiano, 05 September 2009 - 10:22 PM.
Cristiano
25 May 2009
all know issues re-checked. none solved and another false-positive was given by Avast to reboot.exe. details in the first post
[]s
[]s
Cristiano
26 May 2009
reboot.exe file rechecked. issue with reboot.exe fixed. again, thanks Avast Team by your quick fix
[]s
[]s
