False Positive Win32:GenMalicious-IWR [Trj] in Maxthon Installer

[REDACTED]

Avast! is detecting an almost certain false positive (Win32:GenMalicious-IWR [Trj]) in the Maxthon Mx V4.4.8.2000 Installer (portable and general).



Virus Total

https://www.virustotal.com/en/file/c8768c8624c2a29c70ebacece1dec776fc295bf0817238d126fc5aa615b92111/analysis/

[Secondmineboy]

You can report it by using this form: https://www.avast.com/en-us/false-positive-file-form.php

[Pondus]

Does it come bundled with PUP/WebGuard as AhnLab say?

WebGuard  >>  https://forums.malwarebytes.org/index.php?/topic/158097-removal-instructions-for-web-guard/

[REDACTED]

You can report it by using this form: https://www.avast.com/en-us/false-positive-file-form.php

OK thanks.

EDIT: I can't upload the file, it takes too long then times out.

[REDACTED]

Does it come bundled with PUP/WebGuard as AhnLab say?

WebGuard  >>  https://forums.malwarebytes.org/index.php?/topic/158097-removal-instructions-for-web-guard/

I doubt it. I've been using Maxthon for over five years and I've never seen anything like this before.  Maxthon have two concomitant Windows releases: V4.9.1.1000 and V4.4.8.2000. The V4.9.1.1000 installer doesn’t flag anything.

V4.4.8.2000 was released barely hours ago though, and is showing f/p’s on only three AV’s according to VT.

This is almost certainly a false positive.

[REDACTED]

Problem seems to be fixed.