Jump to content

GSVT.zip detected as MachineLearning/Anomalous.95%


BrianZ111

Recommended Posts

According to a user on my website, Malwarebytes is reporting GSVT.zip as malware and as a result is also blocking my site, www.golfsimclubhouse.com.  The file is located at http://www.golfsimclubhouse.com/viper/downloads_other/gsvt.zip

Golf Sim Virtual Tournament (GSVT) is a utility created by another member of the community on my site which I do not believe to be malware.  According to VirusTotal (see link below), Malwarebytes is flagging it with MachineLearning/Anomalous.95% which is a heuristic rather than an actual match on something, as I understand it.

https://www.virustotal.com/gui/file/5f7341e21fc0d450137baf5e58d124ae1053d377707bb07be72b7ec22b67d910

Could you please correct the false positive detection of this file and my site, or if there is an actual match on something to flag the file, let me know so I can remove it from my site.

Thanks,

Brian

 

 

 

Link to post
Share on other sites

25 minutes ago, BrianZ111 said:

According to a user on my website

I have no issue accessing your site. Can you get a log or screenshot of the blocks from your user.

The referenced file is not detected by the consumer or commercial versions of Malwarebytes.

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal Malwarebytes uses a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

This will eventually fix itself in Virustotal as well, as Malwarebytes has no control over this. Virus Total is having trouble reaching Malwarebytes cloud.

Edited by Porthos
Link to post
Share on other sites

I haven’t had any users report issues with https but for some reason now I’m noticing clicking the link I just posted will not download under https but does under http.  All other files on my site download fine under https, so I’m not sure I understand why that would be.  Will wait and see what the user comes back with who reported it to me before investigating further.

Link to post
Share on other sites

OK the link I posted on your forum is being converted back to http even though I put https in the URL.  So actually it's not working with http, which makes more sense.

And I haven't heard back from him yet but I think this may in fact be the issue my user is experiencing as well.  The person who posted the link to the utility on my forum posted it with http in the URL.  So while normally anyone browsing my site using https gets everything in https, this particular link is specifically http when you click on it.  One think I don't understand is, if a browser won't load an http URL, why doesn't it try changing it to https for the user and only fail if the site doesn't support https?

Link to post
Share on other sites

12 minutes ago, BrianZ111 said:

this particular link is specifically http when you click on it

Everything I tried downloading from your site is blocked due to this issue. If it is hosted directly on your site it will be blocked.

Your entire site is http. image.png.06ff76e7e618d8410cacd6b04791a08b.png

You can install Malwarebytes Browser Guard and test them on your own. It is free.

 

Edited by Porthos
Link to post
Share on other sites

Thanks guys.  It seems most users enter my site using https and stay in https but a few don't and they mostly don't have issues either but if they post a link to a file on the site using http and somebody in https clicks on it then it seems to cause an issue.  Eventually I'll setup redirection from http to https on all URLs on my site but for now I've just made everyone aware of the issue.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.