Jump to content

MachineLearning/Anomalous.100% on a 5 Year Old C++ Program w/ Debugging

HighTide

By HighTide
in File Detections

 Share

Recommended Posts

HighTide

HighTide

Posted
Posted

I'm pretty sure this detection was a false positive, because the program in question was a C++ program I made way back when I was trying to learn the language. For the matter, Malwarebytes didn't even detect on the main version of the executable, and only the version with debugging symbols included. I've attached a copy of the scan log and a zip of the file(s) in question (the scan log shows 4 detections, but these are made on copies of the same files spread out across 4 locations on my system). Could you please confirm that this is a false positive? The latest database update didn't fix them for me.

false_positives.txt

false_positives.zip

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hi,
This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

Link to post
Share on other sites
HighTide

HighTide

Posted
  • Author
Posted

The fix seems to have worked for the one file uploaded, but the other three detections of the same file in different locations are still triggering. VirusTotal doesn't trigger on them individually, so I've gone ahead to zip them up separately and attach them to this reply, since the problem still doesn't seem resolved.

false_positives.txt

false_positives.zip

false_positives_1.zip

false_positives_2.zip

Link to post
Share on other sites
thisisu

thisisu

Posted
Posted
5 hours ago, HighTide said:

The fix seems to have worked for the one file uploaded, but the other three detections of the same file in different locations are still triggering. VirusTotal doesn't trigger on them individually, so I've gone ahead to zip them up separately and attach them to this reply, since the problem still doesn't seem resolved.

false_positives.txt

false_positives.zip

false_positives_1.zip

false_positives_2.zip

Can you retry? i whitelisted the additional file you attached. You attached 3 but they are copies of each other.

CF14A3DD63443EF7347A1D62F77FBE33

Link to post
Share on other sites
  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted (edited)

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

 

Edited to add - I'm closing this thread, otherwise it will become confusing if many are posting in the same thread. :)

 

Edited by miekiemoes
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.