Jump to content

POSWIZARD.exe false positive


Recommended Posts

POSWIZARD.exe is marked as ransomware. This is tool we use to update sql database after software updates of our software. More information about our software at www.clubprophet.com

Please let me know how I can submit the file in private. This is licenses software that I don't want to put here in the forum for the public.


-Log Details-
Scan Date: 04/01/2022
Scan Time: 02:24
Log File: 166bc9fc-6cfd-11ec-84d2-5a1eb66f2c95.json

-Software Information-
Components Version: 1.0.1513
Update Package Version: 1.0.49364
Licence: Premium


MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\POS PROPHET SYSTEMS\POSEXPRESSWS3\POSWIZARD.EXE, No Action By User, 0, 392687, 1.0.49364, , shuriken, , 00276689870C211475D3C7CB73DDE982, 1A1ADF8BCE3AE0285EE268887270E59C46F1DC049FA56C8077C2A4D7AA8A4543


Screenshot 2022-01-04 at 09.48.09.png

Link to post
Share on other sites

  • Staff


This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/
Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore.

This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.