Jump to content

Vistumbler - False Positive


Recommended Posts

My program, Vistumbler (vistumbler.net) is being detected by malwarebytes and I would to get it removed. my program is a open source wireless scanner written in autoit ( https://github.com/acalcutt/Vistumbler/tree/master/VistumblerMDB ). The files are compiled by me with the latest autoit and the exe files are signed with a digital signature.

There are 3 versions of Vistumbler

Vistumbler_v10-7.exe - ECA2ACE14102F623E1C2490257FB645611314C918E45A845AE7337CEFA6FFD01
Vistumbler_v10-7.zip - 7CC806B74131BCCA5AE11EE81E39152DBC61F1477108FFDE7E416927C196DBA0
Vistumbler_v10-7_Portable.zip - F729B9BBAEADFF288D78655B996102CC4274CB2D5527F58A1464EEF3BE9D636C

 

  • the non portable zip is just vistumbler with default settings (storing data in your profile temp directory and documents folder)
  • the exe file is just the zip file packed into an installer with NSIS ( https://nsis.sourceforge.io/Main_Page ). It is an installer, so it writes uninstall information to the registry.
  • the portable version has different settings which cause temp files and save files to be stored inside the same directory as the program (better for portable use) instead of inside your windows profile.

If you have any questions let me know. I don't use malwarebytes (not since I worked removing viruses years ago) but I am getting complaints from users about false detections. I have had to submit false positve reports to several vendors and been removed from them, so I hope this can get straitened out with malwarebytes too.

Link to post
Share on other sites
  • Staff

Hi,

This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/
Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.