Jump to content

False Positive : MachineLearning


denise_velasco
 Share

Recommended Posts

Hi, there is false positive case of our executable when scanning with VirusTotal MachineLearning/Anomalous.100%

The executable was developed by us, Inmersys. We are a company dedicated to the development of virtual reality, augmented reality and gamification applications. Here is the link to our website so you can get to know us: https://www.inmersys.com/

Even though we signed the application, it still happens to detect this "malware".

The software saves a .csv file with the names and scores obtained locally. So we are not accessing the system in any way. The program can run without internet connection because it is a local windows executable. We have even tried compiling a version without this section of the code and it still sends the same false positive malware.

Here is the link to the analysis:

https://www.virustotal.com/gui/file/3baafe56f532c716ba5a4e907979949a4a37670e6b461d9b795fa31c5efbf200/detection

image.thumb.png.3948a60c3ca24d8f0692de0d567acb8b.png

It is a custom made application for a client of ours. The desktop application is 100% developed by us so we know that it does not contain any malware.

I request your support to solve this because this alert is causing that due to company policies, our client can not install the application. This situation affects us directly as our client has lost confidence in our developments due to the result of this false positive.

I share with you also the .exe in a .zip folder. When running the scan on the whole zip folder we have no problems, the problem arises when scanning only the file executable (.exe).

In this link you can download it:

https://drive.google.com/file/d/1ABbluid6h3v5hcDrlJYKt1R3SkBZesFO/view?usp=sharing

If there is anything we can do to speed up the resolution of this problem, please count on it.

Thank you in advance,
I look forward to your comments.

Link to post
Share on other sites

4 minutes ago, denise_velasco said:

Hi, there is false positive case of our executable when scanning with VirusTotal MachineLearning/Anomalous.100%

The engine format and configuration in VirusTotal is different than our consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

It is not detected by the consumer or commercial versions of Malwarebytes.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.