Opened 3 months ago

Closed 3 months ago

Last modified 3 months ago

#12233 closed Other (rejected)

Malwarebytes 4.1.0 detection

Reported by: Hernan Molina Owned by:
Priority: low Component: FileZilla Client
Keywords: Cc:
Component version: Operating system type: Windows
Operating system version:

Description

FileZile updated to the lates version 3.49.1.

For that the installer was downloaded to the downloads folder, file FileZilla_3.49.1_win64-setup.exe and was installed without problems.

In the same folder remained the previous installers FileZilla_3.48.1_win64-setup.exe, FileZilla_3.48.0_win64-setup.exe and FileZilla_3.47.2.1_win64-setup.exe

The anti-malware software mention in the summary Malwarebytes 4.1.0, flagged the installer file FileZilla_3.49.1_win64-setup.exe and only this one as Malware

Gide lines and reasons why this may happend are explaned in this post on the Malwarebytes forum:

https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/

It seems that something has changed in the installer or the Malwarebytes software.
In any case I considered necessary to inform about the issue.

Change History (3)

comment:1 by Tim Kosse, 3 months ago

Resolution: rejected
Status: newclosed

You need to report false positives to your AV vendor.

comment:2 by Hernan Molina, 3 months ago

No.
As explained in the link that I sent and you don't seem to bother check, it seem that they required the software maker check they have not done certain things that could trigger the false positive in their sofware, thing that I cannot do, and if the creator/developer have not done any of those then report it.

They talk for example about "...avoid packing or obfuscating their code after compilation..." for example, that as I said, I have no means to check if it was done or not.

About my personal case FileZilla (fantastic software by the way) was installed perfectly and with no problems, but it could be potentially be a problem for other people (or not). I just let it be quarenteen and go with it, but since it could be a problem for others due to what ever you did that trigger the software pattern recognition I informing you.

That is all.

comment:3 by Tim Kosse, 3 months ago

We have no business association with that company. If they want us to do things, they need to pay us first.

Note: See TracTickets for help on using tickets.