BetaLeaf

[Updated!] Quickly Email False Positives to AV Vendors

35 posts in this topic




Nice.

Curious; has it done any good?

That is, do the AV vendors actually pay attention to submissions?

I'm not familiar with that sort of thing.

1 person likes this

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Yes. As long as the Email doesn't fail to deliver because their mailboxes are full, then it will work. AV Vendors usually have some kind of bot monitoring these emails for attachments. Now, I don't have enough test data to know if it works fully. On the tests I have run, it has definitely cut out like 75% of the work I had to do before writing this script.

Edited by BetaLeaf

False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

If you subscribed to this post, I am writing to inform you that I have uploaded the final version of this script. I won't be updating it anymore unless someone points out a bug I need to fix. 


False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

I was able to successfully use this once I went and enabled access for less secure apps here:

https://www.google.com/settings/security/lesssecureapps

How was your experience using the script?


False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

It was pretty simple once I got it working.  Hopefully the Antivirus Vendors do their jobs now. ;-)

 

I just checked my email and I have many replys from the AV Vendors.  They all say that the files are clean.  So it looks like it worked well. Thanks! :)  This will come in handy for sure.

Edited by Proph
1 person likes this

Share this post


Link to post
Share on other sites

#8 ·  Posted (edited)

No problem. Glad it was able to help. Mind liking my OP?

Edited by BetaLeaf

False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

thanks, nice idea...will try it

1 person likes this

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

Is there a reason this example needs administrator right?

Why not HKCU instead of HKLM?

Because I didn't know that was the problem. I spent a few hours trying to figure it out but I gave up in the end. I'll fixed it. I'll update the OP as well. Thanks.

Edited by BetaLeaf

False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

Thanks. I decided to put it on github so others can make improvements via forks. If I like their work I can pull it into the master branch.


False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

Ok ive grabbed this thinking to submit my scripts to stop problems with avast etc

Ive filled it in and the little gui has disappeared and all i get is an error about a missing temp folder zip

Is there not a window where i can add the file to upload?

My files are not infected just created with AutoIt

Share this post


Link to post
Share on other sites

I am not keen on the idea of "spamming" Anti-Virus companies, but I just wanted to point out that versioning exectuables is bad practice.


_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

I am not keen on the idea of "spamming" Anti-Virus companies, but I just wanted to point out that versioning exectuables is bad practice.

The intended use for this script is not to spam Anti-Virus Vendors. I also don't understand what you mean about versioning executables. I thought tracking the version of a program helps people keep track of changes. What should I be doing? What do you recommend?

Ok ive grabbed this thinking to submit my scripts to stop problems with avast etc

Ive filled it in and the little gui has disappeared and all i get is an error about a missing temp folder zip

Is there not a window where i can add the file to upload?

My files are not infected just created with AutoIt

The Temp folder is @TempDir & "\" & @MON & "-" & @MDAY & "-" & @YEAR & "-" & @HOUR & "-" & @MIN & "-" & @SEC & "\" where @TempDir is your %localappdata%\Temp. This program works via Drag and Drop the file you want to upload onto the Exe. I made a fork with my first attempt at fixing your issue. You can try it at https://github.com/BetaLeaf/False-Positive-Reporter/tree/Issue-1. If this fixed work for you, let me know so I can pull it into the Master Project.


False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

It might be prudent to allow user to select their antivirus vendor, usually it is only one or two vendors flagging, not all.

Sending to all could be considered spamming, and might just be wasting their time.


AutoIt Absolute Beginners    Require a serial    Pause Script    Video Tutorials by Morthawt   ipify 

Monkey's are, like, natures humans.

Share this post


Link to post
Share on other sites

#18 ·  Posted (edited)

git and other version control systems are intended to be used for versioning non-binary files i.e. source code, because they are easily created via the source code. Not to mention each time you commit a new binary file, say 1MB, that goes towards your GitHub repository quota, which is a finite amount for FREE users.Your best bet is to look at creating incremental releases in which you can upload a compiled version of your script once in a while. Search online for more about using git and GitHub properly.

Edited by guinness

_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

#19 ·  Posted (edited)

It might be prudent to allow user to select their antivirus vendor, usually it is only one or two vendors flagging, not all.

Sending to all could be considered spamming, and might just be wasting their time.

I understand now, sorry. Yea I made this script to save my time manually submitting them. As long as you aren't sending an excessive amount of emails in one day, you should be fine. In my experience, bots watch the email boxes, not humans. In this case, then the only time I would waste time is my own by not using this script.

 

It should also be noted you can reconfigure the Emailer with Config FPR.exe and change the emails it mails to if it's always certain vendors causing problems. I just left the default to use all of them but the user can select which vendor they want to email. 

Edited by BetaLeaf
Added clarification

False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

git and other version control systems are intended to be used for versioning non-binary files i.e. source code, because they are easily created via the source code. Not to mention each time you commit a new binary file, say 1MB, that goes towards your GitHub repository quota, which is a finite amount for FREE users.Your best best is to look at creating incremental releases in which you can upload a compiled version of your script once in a while. Search online for more about using git and GitHub properly.

Ok I understand. Thank you for your advice.


False Positive Reporter - Mass email all anti virus vendors with an attachment of your program for fast and easy whitelisting.

PortableApps.com App Creation Wizard  - A simple GUI-based Wizard for creating PortableApps.

SoundBoard - Play any song or sound you want at the press of a hotkey.

My GitHub Page: https://github.com/BetaLeaf

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now