False Positive-com.mephone.fonts

[Elsa]

Hi, we have contacted your support team and found out that "PUP.Lotoor is a type of rootkit, and PUP.Riskware,Batmob.me is a riskware app". 

Later, we deleted the files mentioned but the detection still stood.

It might be that you have added our package name, "com.mephone.fonts" into your database. Therefore, we will always get positive results unless we change our package name, which is not our intention.

Could you please remove our package name out of your database, or tell us how to solve this problem?

Attached is our apk (deleting the so called malicious file):

LovelyFonts2_huaqin.zip

[mbam_mtbr]

Hi Elsa,

Thank you for removing the PUP(Potentially Unwanted Program) code from your apk, com.mephone.fonts.  I assured that this updated clean apk will not be detected, however older versions that contain PUP.Riskware,Batmob still will.

As far as  PUP.Lotoor, I assume you are referencing com.shuame.mobile which has ties to com.shuame.rootgenius.  I have updated the detection on these to PUP.Hacktool.RootGenius which is less generic, and a less intimidating detection name.  Hopefully this is a fair compromise for you.

Sincerely,

Nathan Collier

Senior Malware Intelligence Analyst

[Elsa]

Hi Nathan Collier,

Thank you very much! The problem has been solved.

 

Best regards,

Elsa