Virus total Has false positives

[ajaykaps]

https://www.virustotal.com/gui/file/7ec99a51963ff8cc5600e27307a61fe6c0199d49763fbecef750c4cad929e199

[NiyaShy]

Thanks for the heads-up. Accidentally still had some debugging stuff in the EXE, though a second version without them that I just created (and uploaded) still gets some hits (see here).

The thing is: I can't do much about it. Aside from MalwareBytes I've never heard of the other scanners, so with such obscure ones it's always more likely that they create false positives. So I guess for now you'll have to take my word for it that there is nothing fishy about the program, after all the source code can be viewed here on github, and the only "extra" that gets added is the stuff Visual Studio does to create the program.

[ajaykaps]

Yes, I know they are false positives, been using your fantastic software since 2019 , no issues so far :) Thank you for that.

[NiyaShy]

Just read through some of the pinned posts on MalwareBytes support forum for reporting false positives, and they explicitly state that the command line version of MBAM that VT uses is way more aggressive than the normal desktop version. So there's a good chance that only VT flags it but users who have MBAM installed won't get a warning. That combined with the other hits being from uncommon scan engines should be sign that the hits can be safely ignored.

[Alistair1231]

I just got a Virus warning from Windows Defender itself. It's only recognized as a Hacktool/Crack, but it still might alarm some people.

[NiyaShy]

Hm, interesting... Just tried on my own machine with a freshly updated Defender pattern (1.379.558.0) and it found nothing, neither the "live" component when I started 1.3 and the 1.4 "pre-release" nor via a direct scan of my local code/binary folder... So it most likely was only in a certain pattern version that already got replaced/updated.

[Alistair1231]

Yeah, I think it was a coincidence, I got another warning today for another program. Yesterday, after I removed the exception I couldn't reproduce it. But today I got the warning again and checked the details, it wasn't your tool. I think it was just unlucky timing that I got the alarm just as I was extracting your program. I allowed the "virus", before checking the details of the detection, which states the executable in question. After you allow something, the exception doesn't show what you're allowing, so I mistakenly thought it was your software. Really stupid design imo. Sorry.