Jump to content

Total Commander False Positive using VirusTotal Malwarebytes scan


Recommended Posts

You wrote:
> I have been using Total Commander as a very satisfied customer for at least
> 15 years now. I just changed jobs and the new employer will not allow Total
> Commander on their network because they vet all SW requests through the
> VirusTotal website.  The VirusTotal website is at:
> https://www.virustotal.com/gui/

> Total Commander (latest version 9.51) is flagged by VirusTotal's MalwareBytes check as
> potentially containing Malware. The scans are free and easy to do. Just
> point the VirusTotal website at the latest 64-bit executable version of the
> Total Commander installer.

1985811755_ScreenshotofVirusTotalMalwareBytesscan.thumb.png.43a73e46c4b1dfce7428ad1d2706486f.png

Below is the Total Commander website.
https://www.ghisler.com/

> I wanted to bring this to your attention and see if there was anything you
> might be able to do to change this. By VirusTotal MalwareBytes scan flagging Total Commander
> as potentially containing malware, that prevents it from being used in many
> companies in the US.

Response from Christian Ghisler who is the owner of the Total Commander shareware program:
This is a false positive, only a single scanner (Malwarebytes) claims it,
and it does NOT say what is wrong. It only reports "Heuristic", which
means that the program does similar things as a virus does.

For example, it could dislike that tcmd951x64.exe is an installer
and installs other EXE files (namely Total Commander itself)
to your harddisk. That's what some viruses/worms also do.

Best regards

Christian Ghisler

 

Screenshot of VirusTotal MalwareBytes scan.png

Link to post
Share on other sites
42 minutes ago, glloyd said:

I have been using Total Commander as a very satisfied customer for at least
> 15 years now. I just changed jobs and the new employer will not allow Total
> Commander on their network because they vet all SW requests through the
> VirusTotal website.  The VirusTotal website is at:

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal Malwarebytes uses a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

It is not detected by the consumer or commercial versions of Malwarebytes.

This will eventually fix itself in Virustotal as well, as Malwarebytes has no control over this.

I would send your employer a link to this post.

Edited by Porthos
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.