Jump to content
CareUEyes

HELP!!! Our software was detected as malware

Recommended Posts

Hello,

    Our software was detected as malware. After we released v1.1.21.0 yesterday, it was detected as a malware by your machine learning algorithm. This is a false positive, it has affected our customers, please cancel the false positives, thank you.

FileMD5: 8ff80d0780d49f87ccc8b4ee0ff8f82b

------

mail: support@care-eyes.com

website: https://care-eyes.com

Malwarebytes
www.malwarebytes.com

-Log Details-

Registry Value: 1
MachineLearning/Anomalous.95%, HKU\S-1-5-21-3535189020-1247028444-2293057385-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CareUEyes, No Action By User, [0], [392687],1.0.9812

File: 2

MachineLearning/Anomalous.95%, C:\USERS\GUEST\Desktop\CareUEyes.lnk, No Action By User, [0], [392687],1.0.9812
MachineLearning/Anomalous.95%, C:\USERS\GUEST\APPDATA\ROAMING\CAREUEYES\CAREUEYES.EXE, No Action By User, [0], [392687],1.0.9812

2019-03-23.jpg

8ff80d0780d49f87ccc8b4ee0ff8f82b.zip

Share this post


Link to post
Share on other sites

It seemed to have been fixed, but it has, apparently been "unfixed." Several weeks ago, I had to manually exclude the file from MBAM's detection engine. MBAM had not detected CareUEyes 1.20, but after the program updated itself to v1.21, MBAM ate the 1.21 exe. Since I had had no problem with v1.20, I uninstalled v1.21, then installed 1.20 again, then unchecked the "check for updates automatically" in the CareUEyes gui. Somehow, CareUEyes updated itself anyway, which made me assume that, when MBAM ate it again, MBAM didn’t like the presumably newer version of careueyes.exe. I had no problems with it after that until today, when MBAM did the same thing. which, annoyingly, when that happens, requires a reboot:  MBAM has to completely digest it before it can be restored. My friend Norton reminded me that the digital signature on careueyes.exe is invalid, but that's not the problem. Only one out of 66 engines at Virus Total flag the file. The careueyes.exe that's in AppData\Roaming\CareUEyes says product version 1.1.0.6 and product version 2017.7.28.1. The spooky thing is that, a few days ago, I’d restored my system to a Macrium image I made after I’d first installed CareUEyes but before I’d manually excluded it from MBAM, and MBAM was happy with it for several days before deciding that it was evil.

MBAM detecting CareUEyes.JPG

Norton CsreUEyes 1.20.JPG

Share this post


Link to post
Share on other sites

Every time we release a new version we have to check it once on virustotal to prevent false positives.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.