Search the Community

Malwarebytes in good company (https://www.virustotal.com/#/file/035877bf8ca678541a8142e65e7f4bccd8d903642aac93deedf0276561aa57f1/detection )detects and quarantines a commercial cots component from DataAccess corporation. Product info https://www.dataaccess.com/products/dataflex/features-243 Problem statement, The compiled web apps are triggering false positives by MalwareBytes which result in quarantine. The files are believed benign, system is clean room level pristine clean Latest rev of MalwareBytes and signatures and the vendor product DataFlex2017-19.0.33.4.Studio.exe www.malwarebytes.com -Log Details- Scan Date: 11/20/18 Scan Time: 5:55 PM Log File: 6b17659c-ed17-11e8-bfd2-d8cb8aefeb7e.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.482 Update Package Version: 1.0.7943 License: Premium -System Information- OS: Windows 10 (Build 17134.407) CPU: x64 File System: NTFS User: DESKTOP-U0ISPN2\backup -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 5 Threats Quarantined: 0 Time Elapsed: 0 min, 11 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 2 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 Module: 2 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 MachineLearning/Anomalous.100%, C:\DATAFLEX 19.0 EXAMPLES\WEBORDER\PROGRAMS\WEBAPP.EXE, No Action By User, [0], [392687],1.0.7943 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) WebApp.7z

MBAM detects The Long Dark's executable with the latest update and quarantines it. The Long Dark was just updated today, 06/14/2018. Hybrid Analysis TLD_False_Pos.zip

Hi! I write a program and suddenly it has been detected as a false positive for Machine Learning\Anomalous.100% Can you take a look? All the files MBAM has detected are basically from the same source code... Nothing is obfuscated... just C#.. not sure why or what code would be causing this to happen either. False Positives.zip