Page 1 of 1

VirusTotal results

Posted: Tue Apr 30, 2024 1:11 pm
by fernandesr76
Hi, I wanted to test MediaMonkey but it was severely flagged as a virus by virustotal that I can't help but skip it for now. Whats up with it? If one scans the download executable everything is fine but if you zip the application directory and try to scan that you'll get 3 flags (at least so far) specially in "MediaMonkeyCOM.exe". I found out that you guys do some scripting and that might be triggering some false positives but wanted a confirmation. Also, does this happen as well with the paid version? Thanks.

Re: VirusTotal results

Posted: Tue Apr 30, 2024 1:55 pm
by Lowlander
This always turns out to be false positives. Scripts can trigger AV software. Make sure your security software is up-to-date and submit to the security software if you can.
I would not expect a difference between the free and gold version as they're the same installer.

Related: https://www.mediamonkey.com/support/kno ... diamonkey/

Re: VirusTotal results

Posted: Tue Apr 30, 2024 2:18 pm
by fernandesr76
I'm not sure if you are aware but [www.] virustotal [.com] uses a bunch of AV software to detect one or more threats using different techniques, including running the software in a sandbox environment to see its behavior. In the case of MM, what It found is that it drops some scripts on the user temporary folder and execute those scripts from there. They could be anything really but this behavior is odd and that's why I'm here asking the developers.

Re: VirusTotal results

Posted: Wed May 01, 2024 7:42 pm
by Peke
Hi,
I done the same as you and submit it to Virustotal it resulted in 2 (not 3 like you pointed) positives based on generic signature that all PACKED EXE files are used only to contain virus which is part of both apps which confirms signature known from 2016). If you look down the report you will see that there was no virus detection reports on the file for at least year (do not have account that can look further). I also compared dependencies with MM 5.0.4.2690 (available for more than year) and 5.0.5.2695 which point that only signature is changed/updated to comply timestamp of compilation.

If you are still concerned and want to confirm you should file false positive to AV companies reporting it contains virus and see their result.

My test results can be found at https://www.virustotal.com/gui/file/799 ... ?nocache=1