Jump to content

False Positive


Recommended Posts

I develop travel guides to New Caledonia using Flash Projector exe file protected by Software Passport. I've been doing this for 15 years and keep the flash projector updated for security. Malwarebytes Premium version 4.1.2 blocked my own software as malware Heuristic 1003. I attach the zip file with the exe file and images of the real time protection report. The exe file is the basic, protected Flash Projector that then loads the rest of the swf files as needed. The whole program with all the swf files is 550MB. I can provide a download link if the support team needs the complete package.
4.1.2. is not blocking older versions of my other travel guides installed and updated several months ago. It only blocked the file after I made a new exe file with Inno Setup and updated the version in my program files. After it blocked that update it blocked the update on other drives where I develop the software. I can, of course, whitelist the files but need to have my programs authenticated by Malwarebytes so this does not happen to people who buy my guides. On my website support page I coach users how to whitelist the program if necessary but so far Malwarebytes has not created any false positives and I recommend Malwarebytes Premium to the few buyers who have had issues with their Antivirus program. 


Link to post
Share on other sites

29 minutes ago, richardhc said:

So the original poster can download the file but another forum member who is signed in can't download it?



26 minutes ago, richardhc said:

Porthos, are you authorized to download the files in this forum?


Trusted Advisors and above which includes the research staff who are staff members are the only ones with access.There is only a handful of us.

The only section of the forum where attachments can be accessed by anyone is the malware removal section.

Edited by Porthos
Link to post
Share on other sites

2 hours ago, miekiemoes said:

If you're still get a detection, please zip and attach the exact files being detected.


I removed the false-positive exe file from the Malwarebytes Allow list, rebooted, and this time the file was not tagged as malware!

I did another compile of my  program with Innosetup and reinstalled my own software again. This time it was not tagged as malware. No false positive.




Link to post
Share on other sites

3 hours ago, Porthos said:

The other alternative is to pm the requestor of the files @miekiemoes

Oh, great tip, thanks very much! It's clear from her postings that there was a problem with their new machine learning program and it seems to have been fixed now. Whew! And I'm greatly relieved to hear only authorized users can download the exe files - the private messaging is an even better way to transmit the file. Good idea, Porthos, thanks again!

Link to post
Share on other sites

24 minutes ago, richardhc said:

the private messaging is an even better way to transmit the file.

It can be but there is more than one researcher so limiting it to one has the potential to slow down a response and fix.

Time zones make a difference. For example Miekie is in Belgium


Edited by Porthos
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.