carlosanta

Thank you very much! -- Carlo Santagostino carlo@sugartec.it +39 371 1437050 SUGARTEC by NORMADIGITAL SRL Sede legale: Viale Renato Serra 6 – 20148 – Milano (MI) Tel. +39.02.84258991 - Fax. +39.02.87183135 – info@sugartec.it – www.sugartec.it Registro delle Imprese di Milano - Codice Fiscale e P.I. n. 08885450968 - C.C.I.A.A. di Milano R.E.A. n. MI-2054939

Hello, We are a software house that make multimedia CD-ROM (dvd-rom) and on our last dvd-rom track we are encountering a problem for a false-positive by many antivirus (also Malwarebytes) We have attached the file zipped, the archive password is "infected" This an executable for a ROM track (DVD-ROM) Multimedia DVD that simply auto-execute the multimedia application present in the dvd-rom. We made the executable and it isn't a virus or malware but actually it is recognized by your antivirus heuristic code as a malware-like. We hereby declare that this code doesn't contain any malware or virus code and submit it for your analysis. The executable will generate a simple BAT file that will change directory and call another executable in the cd-rom executing those commands: " cd voximago Vox_Imago_PC.exe " Actually is needed because the real executable only work in a sub-directory but we need to execute it from the root directory of the cd-rom. We are requesting to be identified as secure also because we can’t modify the cd-rom already distribuited. Thankyou very much. Best regards. p.s. Malwarebytes LOG report: File: 1 Trojan.BitCoinMiner, D:\PROGETTI\VOXIMAGO_TRACCIA_ROM_2018\VOX_IMAGO_PC.EXE, Nessuna azione intrapresa, [569], [608145],1.0.8195 Vox_Imago_PC.7z