Jump to content

Falsepositive detection on my Software


Unryze
 Share

Recommended Posts

Greetings!

I am the developer of WFE (Warcraft Feature Extender) and my .exe/.dll sometimes both get detected as MachineLearning/Anomalous.100%, I do not have malicious code, and VirusTotal and other scanners report it to be comepletely fine.

Could you please take a look and hopefully remove my software from being detected as virus? Archive with files attached below.

Thanks in advance!

WFE v2.23.zip

Link to post
Share on other sites

  • Staff

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation:


Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

I however can't reproduce detection on these files anymore, so this must have been fixed already.

Link to post
Share on other sites

3 minutes ago, miekiemoes said:

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation:


Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

I however can't reproduce detection on these files anymore, so this must have been fixed already.

Malwarebytes no longer detects it, however VirusTotal still does, probably they use an older detection engine? Thanks for the help though! :)

Link to post
Share on other sites

  • Staff

Our engine format and configuration in VirusTotal is different than our consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

I'll force a rescan in Virustotal, but this will eventually fix itself there as well.

This file has been whitelisted for our commercial products and it is not detected anymore.

  • Like 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.