PGP SDA (self decrypting archive) FP

I use PGP to create SDA (Self decrypting archives) all the time. For some reason one of them (named documents.exe) was detected as cloaked malware. I deleted it and re-encrypted the same file with the same password and now it is no longer detected. Strange. Either way I can't really submit a sample as every file created with PGP is different (encrypted) so I guess that one instance matched malware some how?


Very strange. I have checked with avast and MBAM no infection found. all good.


Just thought I would post hear because (as I said) I can't really submit an example in this case.

 

Are you using Prevx 3 or WSA? As you could save a log and send the PX5 from P3 or the MD5 from WSA and send the line to support as they don't really need the file!

TH

 

Prevx 3 Paid version. the line is as follows:

Code:

[MM] C:\users\My Name here\documents.exe [PX5: 0000000000000000000000000000000000000000] Malware Group: Manually Added

Just to note I have almost all setting set to full as I am somewhat paranoid about security on this laptop (it's my business laptop).

 

I suspect changing your settings to the maximum is what is causing the false positives in Prevx 3.0. Because the programs you're creating are unique, the higher heuristic settings will block them all the time. You will probably need to lower your settings, but if the detection persists, please write into our support inbox and we'll fix it

 

Thank you for your help. Just one more question:

Why does it say "malware group: manually added" and PX5 is all zeros?


Thanks,

Kyle Davidson