Crozzers

I would like to report a false positive for my program, RestoreWindowPos. The program was flagged as "Malware.AI.2547402616" when uploaded to VirusTotal as part of the Chocolatey package approval flow. The program itself is a Python project which is then bundled into an executable using Pyinstaller. You can view and audit the source code on the RestoreWindowPos GitHub page. The file can be downloaded from the RestoreWindowPos releases page (exe direct download link).

The program was flagged as "Malware.AI.4271407443" when uploaded to VirusTotal as part of the Chocolatey package approval flow. It's an open source Python project which is bundled into an executable using Pyinstaller. I use NSIS to create an installer out of the bundled executable. Here are the relevant source files used in this process: The script that bundles the source code and creates the installer The .nsi file that the installer is generated from The GitHub workflow that bundles everything and creates a Chocolatey package I've attached the file in question to this thread inside a zip file (password: "infected") (checksum). RestoreWindowPos_install.zip

No, I was referring to the support form here: https://support.malwarebytes.com/hc/en-us/requests/new. I appreciate this is a product help form as well as a false positive report form but most AV companies have a FP form that doesn't require you to have a license for that particular AV product

The program was flagged as "Agent.Spyware.Stealer.DDS" when uploaded to VirusTotal as part of the Chocolatey package approval flow. It's an open source Python project which is bundled into an executable using Pyinstaller. I use NSIS to create an installer out of the bundled executable. Here are the relevant source files used in this process: The script that bundles the source code and creates the installer The .nsi file that the installer is generated from The GitHub workflow that bundles everything and creates a Chocolatey package I've attached the file in question to this thread (checksum). It would be great if the false positive form didn't autoclose tickets if your email doesn't have a subscription associated with it, seeing as my profile is starting to look like a spam bot. RestoreWindowPos_install.zip

The program was flagged as "Malware.AI.3489381630" when uploaded to VirusTotal as part of the Chocolatey package approval flow. It's an open source Python project which is bundled into an executable using Pyinstaller. I use NSIS to create an installer out of the bundled executable. Here are the relevant source files used in this process: The script that bundles the source code and creates the installer The .nsi file that the installer is generated from The GitHub workflow that bundles everything and creates a Chocolatey package I've attached the file in question to this thread (checksum). RestoreWindowPos_install.zip

The program was flagged as "Malware.AI.3336268164" when uploaded to VirusTotal as part of the Chocolatey package approval flow. It's an open source Python project which is bundled into an executable using Pyinstaller. I use NSIS to create an installer out of the bundled executable. Here are the relevant source files used in this process: The script that bundles the source code and creates the installer The .nsi file that the installer is generated from The GitHub workflow that bundles everything and creates a Chocolatey package I've attached the file in question to this thread (checksum). RestoreWindowPos_install.zip