sol_amp

Bump... anyone?

Hi, We're a software company that develops a piece of software (an addin for Microsoft Office) that auto-updates itself. Our software uses the widely acknowledged third party UI framework 'Telerik UI for WPF'. That framework is developed by Progress (formerly known as Telerik), which is one of the leading vendors of software libraries/frameworks for software developers. A dll-file in their framework, which our software uses and which is distributed as part of our software installation, is getting flagged as a false positive. I have attached relevant reports, log files and the problematic dll itself in a zip file. The password for the zip-file is: 123 Can you please look into why the dll is getting flagged? It's interesting because none of the other Telerik files that we use are getting flagged. The zip also contains a dll from Telerik that is not getting flagged by MalwareBytes. Best regards Sol MalwareBytes Telerik false positive.zip

Hi again, Would appreciate if a staff member would respond 😊 Just an indication if this is something you will consider looking at would be great. @Arthi @pbust or others? Hope it's okay that I tag you guys. Best regards S

Hi again, I saw from other forum posts that you often ask for this log file: C:\ProgramData\Malwarebytes\MBAMService\LOGS\mbae-default.log So please find that file attached here. Looking forward to hearing from you. Best regards S mbae-default.log

Hi, Malwarebytes is blocking the auto-update functionality in our software, Ampler (an addin for Microsoft Office). Malwarebytes doesn't complain when a user does a regular install of our software using our installer: https://my.ampler.io/download or when the user just runs e.g. PowerPoint with our addin installed and loaded. It's only when Ampler downloads a new version of itself to apply it silently that Malwarebytes complain. Our auto-updater simply downloads our installer (.exe), which is exactly the same as the user uses to install the software. It's just a newer version of the installer. Attached is the two report files from Malwarebytes. It produces 2 entries: a 'Blocked' entry and a 'Quarantined' entry. Is there any chance that you can whitelist our software such that this issue doesn't re-appear when we issue new updates? I know that other anti-virus providers have such a whitelisting mechanism where our code signing certificate is whitelisted. This is quite handy as it prevents issues with future updates of our software. Not sure if Malwarebytes works the same way, though. Please let me know. Please also let me know if you need any additional information. Best regards S MbamReport_Quarantined.txt MbamReport_Blocked.txt