Hi,
Tried to use MuLab 10.0.42, but it got detected by Window antivirus as:
Trojan:Win32/Bearfoos.A!ml
AND
Behavior:Win32/DefenseEvasion.A!ml
I assume !ml means more stupid machine learning heuristics not doing their job, but any chance of getting are least some versions of MuLab whitelisted with the major antivirus providers? There is no point trying to fight machine learning; even if it seems working today, the algorithm can decide differently tomorrow, as they update their heuristics.
More Windows antivirus machine learning detections
-
- KVRAF
- 13861 posts since 24 Jun, 2008 from Europe
The latest MuLab 10.0.45 is listed as all green on VirusTotal.
I luckily found a different compilation method that does not generate a false virus alert for now. Cross fingers it stays like that as this is a VERY serious issue.
I'm still trying to understand what caused the false virus alerts on M10.0.40/41/42, but still no-one (not Microsoft, not BitDefender, not Malwarebytes) can give me a clue.
I luckily found a different compilation method that does not generate a false virus alert for now. Cross fingers it stays like that as this is a VERY serious issue.
I'm still trying to understand what caused the false virus alerts on M10.0.40/41/42, but still no-one (not Microsoft, not BitDefender, not Malwarebytes) can give me a clue.
-
- KVRer
- Topic Starter
- 5 posts since 28 Mar, 2025
Yeah, I'll try 10.0.45, thanks!
I know the pain of these ML antivirus heuristics; I am a maintainer in an open source project that got flagged as virus by Norton & this got reported by a concerned user. Since it was a pure hobby project & open source, my only reply was that "you can check the code & turn off your antivirus if you feel comfortable with it; there's nothing else I can do." I think my only crime was using golang; golang compiler probably produces executables that look slightly different from typical C++ ones and I assume there was not enough (none?) golang executables in their training data. As an open source hobby project I didn't feel too bad about not giving fs about stupid antivirus software, but I imagine the equation for you might be a bit different.
I know the pain of these ML antivirus heuristics; I am a maintainer in an open source project that got flagged as virus by Norton & this got reported by a concerned user. Since it was a pure hobby project & open source, my only reply was that "you can check the code & turn off your antivirus if you feel comfortable with it; there's nothing else I can do." I think my only crime was using golang; golang compiler probably produces executables that look slightly different from typical C++ ones and I assume there was not enough (none?) golang executables in their training data. As an open source hobby project I didn't feel too bad about not giving fs about stupid antivirus software, but I imagine the equation for you might be a bit different.