Jump to content

False positive - LimitSwap bot


tsarbuig

Recommended Posts

Good morning,


My file (attached) has been incorrectly identified as malware by Windows Defender. The identified detection is  Malware.AI.860339833

We are a cryptocurrency company, and this false positive stress our customers.


It is common for files compiled from python using pyinstaller to be incorrectly identified as malware in this way.


This is virus-free software which does not contain malware : I would be grateful if you would review and remove this detection.

Thank you
 

LimitSwap.v3.06.zip

Link to post
Share on other sites

  • Staff

Hi,

It's possible to whitelist this forever, but in your case, it's more challenging, as there's no digital signature or even version information applied to the file properties/resources. So that makes it really hard to whitelist forever. I suggest to apply at least version information to the file, as this might also come in useful for other Antivirus that detect this (since Malwarebytes isn't the only antivirus detecting).

Thanks!

Link to post
Share on other sites

thank you for your answer... You're the only one, with another unknown company who never answer to email (Jiangmin)

https://www.virustotal.com/gui/file/b5ea026ffb7ff0cb938439b68388d6c54566c7535e8f88f68de11a536abd360b/detection

So, can you remove the v3.10 that I attached above to your detected threats please ? It's still detected today.

Thank you very much :)

Link to post
Share on other sites

  • Staff

Hi,

Our engine format and configuration in VirusTotal is different than our consumer and corporate products’ default configuration. In VirusTotal we use a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

This file has been whitelisted for our commercial products already and it is not detected anymore. This will eventually fix itself in Virustotal as well, as we don't have control over this.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.