Jump to content

Recommended Posts

A few of our customers are being blocked from our store based on false positives delivered by Malwarebytes. When we test it on a Mac using Firefox, no problem. When we test on a Windows OS, using Malwarebytes we get a Trojan warning, a copy attached. We've had the site inspected by Sucuri and Why No Padlock. They report all is well.

We'd really like this corrected.

Malware FP Report.jpg

Malwarebytes double warning.jpg

Link to post
Share on other sites

23 minutes ago, TheFormTool said:

We ran this file through VirusTotal. Only 4 of 60 engines triggered a false positive.

Have no say in this just an observation. The File that needs submitting is the actual Aurora.docm file not the zip. 13 engines detected this file

https://www.virustotal.com/gui/file/083f393ece15832ba077ac18da38331fc1947a61fbc25167658e4ce69a957156/detection

FYI, Bitdefender still detects the actual file. Might want to contact them again.

 

Link to post
Share on other sites

15 minutes ago, TheFormTool said:

Did you notice that the file to which BitDefender gave the clean bill of health WAS the Aurora.docm file?

Actually, I did not, just went by the updated VT report. I do know it takes time for VT to update even when the correction is reported to VT itself.

Just a reminder, I do not work for Malwarebytes and just making an observation.

14 minutes ago, TheFormTool said:

Now what?

Just wait on staff to re evaluate. It is not an instant process. Thanks for your understanding.

Link to post
Share on other sites

16 minutes ago, TheFormTool said:

VT has updated, dropping the false positives to five.

The one you scanned and the one I downloaded from the link that you were asked to look at and the one you scanned have 2 different hashes.

I scanned what was Inside the following file that you were asked to investigate.

theformtool.com/wp-content/uploads/downloads/2013/12/Aurora.zip

And got this report. https://www.virustotal.com/gui/file/083f393ece15832ba077ac18da38331fc1947a61fbc25167658e4ce69a957156/detection

The file you scanned has the report that is different. Less detection's.

 

Edited by Porthos
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.