Low Reputation AV's and False Positives
What We've Found About them and Our Recommendations.
New AV's, New False Positives
For many years we've used VirusTotal.com to analyze our apps against multiple AV providers.
While everything worked perfect for a long time, during the past year or so (since 2019 to put it in numbers), we've found that VirusTotal added new (and low reputation AV's) that raised a LOT of false positives (false positives that were not picked up by the top AV's).
A "Virus" Dissappears Because We Changed "A Name"?
What we've Found...
While we never had probelms with the TOP AV's (Kaspersky, Mc Affee, Symantec, Avira and Many others), we've started getting false positives from 3 unknown AV's:

- SecureAge Apex
- Cylance
- Bkav

In short, we've found that SecureAge and Cylance never reported the name of a virus in the results (unlike the TOP Av's which always put the name of the virus when a threat is found).

Instead, they say "Unsafe" or "Malicious" and that's all (while the top AV's say that everything is clean).

They find nothing (no real virus is found) and as their virus database is poor, they just guess that an app may contain a virus (but if you look at the top av's, they report that everything is clean).

We've discovered that they guess that something may be a virus!

We've made a simple test with a new app. After we've uploaded to VirusTotal, it got 3 reports:

- SecureAge
- Cylance
- Bkav

After this, we've changed "the name" of an app component and guess what?

The virus dissappeared from Bkav and Cylane?

Is this a Joke? The virus was caused by the name of a compoment? Really?

Here's the video:
Video: The Virus Dissappears...
after Changing the Name of a Component (???)

You've Just Seen That These
Low Reputation AV's are Not Serious.

The Proof is really solid and shows how an AV detected that an app "had a Virus" based on "the name" of a component.

Again, these things happen because "BKAV" and others are "Guessing things" as they don't have a solid AV database, that's why we strongly recommend to pay attention to what the TOP AV's find (or not) when analyzing a file.
We Can't Play Games with Them Forever.
We've found that the "virus" that "BaKv" reports was gone when we changed a simple name, but then (when, when we keep on coding).... it returned.


While we did our best to "change names" to look also clean under these low reputation AV's,
we've stopped doing it because the problems always returned with them.


We're still 100% clean for the top AV's and we'll always monitor this but we can't keep on playing games with low reputation AV's forever.

We've just wanted to expose this situation and how these AV's work.
Need Support? You Can Open a Ticket Right Here. We'll get back to you within 4-10 hs (Mo-Friday).
SellingWPSoftware.rocks