Help to avoid FP

[Maxime349]

Hi, your app is great, it's good to finally see something happening with milkdrop.

My two cents to avoid any FP: -Don't use UPX, EXE compression is a thing of the past. -Use Microsoft's SignTool to sign your app.

Have a nice day

[milkdrop2077]

Thank you but I won't play the game of having a 0/70 on virustotal, this site is dumb, too many fake flag. Fun story:

-the original BeatDrop version from Maxim Volskiy https://github.com/mvsoft74/BeatDrop/releases/download/v1.0.0.0/BeatDrop-bin-1.0.0.0.zip is flagged as Malicious by SecureAge (wtf is SecureAge btw) https://www.virustotal.com/gui/file/d19eefe2c3bd725b565992320f4e3ccdb9cf698c2f7d0d3627d1c05c50dd7602 if you recompile his source, no flag and no ones seems to care all that time.

-now let's check a more recent updated version, https://github.com/OfficialIncubo/BeatDrop-Music-Visualizer for example:

• BitDefender: Theta Gen:NN.ZexaF.36132.Sq0@auyCgGai
• Cynet: Malicious (score: 100)
• SecureAge: Malicious

Again, wtf is that, I know the source very very well, virustotal is just junk: https://www.virustotal.com/gui/file/3ddcd039cf7a98ba6167dfac287e1f6ba0d261ed06dbeb909441661f42ca7d1a

If you guys want to have fun, I've putted the source 3.0.0.0 alpha from MilkDrop3 (BeatDrop2077 really) in the folder 'code', now the story gets really fun: if I compile the exe with plugin_icon.ico (MilkDrop 3.exe) : I get 2 false positive : https://www.virustotal.com/gui/file/83ccff6ae306dccf1d763d1344daf0628febede97227c3297312dac9f55dbd2c?nocache=1

but if I compile the exe with my new icon plugin_icon2.ico I get 9 fucking false positive : https://www.virustotal.com/gui/file/31e9d97879dc33c96eccea6ba34b4cbb82ce0976787ee97ea75bb8e98cd2ad24 just by changing an icon!!!

virustotal is just fully dumb. I'm done

[OfficialIncubo]

Damn false positives for that. So, where can I get rid of this? 🙄

EDIT: Avast, Avira and well known antiviruses scanned this and it's safe! Idk why?

...and it's still not signed. Where can I sign it?

[milkdrop2077]

Don't waste time on that, it's not flagged by normal AV like Windows Defender, Kaspersky, ESET... It's wrongfully flagged by inaccurate program like SecureAge, but no one use that crap. Anyone unhappy with that can have fun reviewing the source code.

[jelloleaf]

I submitted a false flag report thing through the Microsoft malware analysis false positive submission form, about 2 weeks back. I Was getting a trojan hit from the file, and windows was rattled by an uncommonly downloaded file. Hopefully it went through or w/e, would suck to see people scared away because of that.

[milkdrop2077]

I've updated the main installer MilkDrop3.exe not packed with UPX this time (the file is now 36mb compare to 23mb with UPX) and now I have 0/69 at virustotal https://www.virustotal.com/gui/file/ad6436da8675ae9ffc2910dad94544f28ff2e7a01ff5e55ad1b614f9457b57a6 and it should not trigger any AV, let me know @jelloleaf

But now for the program itself (MilkDrop 3.exe), I have no solution. I really doubt a tiny company like SecureAge is going to spend time reversing all the FP from random programs on the internet. I have a flag from MaxSecure, the Copyright on their website is from last year, it's a shady indian based antivirus... well if people trust more MaxSecure than me, I can't help them.