FP? Virus Total flagged Configuredefender as Malware.Heuristic.1003

[Lunar706256]

Is this a false positive?

 https://www.virustotal.com/gui/file/7e0f58239b25cc1109bab06a60d48fbc1497ef15042fbfbdc7536719409f0485/detection

 

Program link here https://github.com/AndyFul/ConfigureDefender/blob/master/ConfigureDefender.exe

[Porthos]

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

It is not detected by the consumer or commercial versions of Malwarebytes.

[Lunar706256]

I see, does that mean it is safe then?

[Porthos]

6 minutes ago, Lunar706256 said:

I see, does that mean it is safe then?

It is clean and is becoming a well known tool. I have run it and all I can say is read the documentation carefully and be sure to follow instructions.

I did not feel the need to make any changes with it. I use Malwarebytes Premium along with Defender with default settings.

A restore point would be a wise precaution.

[Lunar706256]

Thanks for the reply. Yeah I set it to high, hit refresh then reboot. I scan with malwarebytes too. I was just afraid because I was working with my password manager keepass at the time when I uploaded for the scan and was worried about my passwords.

[shadowwar]

This file is ok. It is already whitelisted in the cloud. Virustotal is having issues reaching our cloud though so it may take a while for it to reflect the whitelisting. 

 

[Lunar706256]

5 hours ago, shadowwar said:

This file is ok. It is already whitelisted in the cloud. Virustotal is having issues reaching our cloud though so it may take a while for it to reflect the whitelisting. 

 

So Its safe then?

[shadowwar]

Yes

[Lunar706256]

On 3/27/2021 at 7:18 AM, shadowwar said:

This file is ok. It is already whitelisted in the cloud. Virustotal is having issues reaching our cloud though so it may take a while for it to reflect the whitelisting. 

 

Its still being flagged for some reason

[Porthos]

4 hours ago, Lunar706256 said:

Its still being flagged for some reason

By Virus total or by Malwarebytes program itself?

 

[Lunar706256]

11 hours ago, Porthos said:

By Virus total or by Malwarebytes program itself?

 

Virus Total

[Porthos]

3 minutes ago, Lunar706256 said:

Virus Total

This still applies.

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

It is not detected by the consumer or commercial versions of Malwarebytes.

VT is having trouble reaching Malwarebytes cloud whitelist server.

The issue is being worked on and hopefully be corrected soon.🙂

 

[Lunar706256]

On 4/17/2021 at 11:52 PM, Porthos said:

This still applies.

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

It is not detected by the consumer or commercial versions of Malwarebytes.

VT is having trouble reaching Malwarebytes cloud whitelist server.

The issue is being worked on and hopefully be corrected soon.🙂

 

Thanks and I see it has been fixed now!