https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/183596#M215 <P>Hi,<BR /><BR />We are facing some false positive issues in the software we develop. Here is a link to download a sample installer and also individual content:<BR /><A href="https://cp.sync.com/dl/f0ef29c20#hnvbmt7r-zbpvwdaa-qc6feknz-ks834c37" target="_blank">https://cp.sync.com/dl/f0ef29c20#hnvbmt7r-zbpvwdaa-qc6feknz-ks834c37</A><BR /><A href="https://cp.sync.com/dl/d4f2b98c0#9bi8w8ve-st3xx7fd-3e4hr9mi-9k5j6gyq" target="_blank">https://cp.sync.com/dl/d4f2b98c0#9bi8w8ve-st3xx7fd-3e4hr9mi-9k5j6gyq</A><BR />&nbsp;<BR />We think this could have been caused by the use of an EXE protector/packer/antidebug/anti-tampering<BR />Unfortunately we can't stop using it for security reasons but we digitally sign all the installers and files, so we hope you can whitelist our digital signature, since this is causing many reputation issues to our company and negatively affecting to our relation with customers.<BR />&nbsp;<BR />Here you have links to the report of both files on VirusTotal:<BR /><A href="https://www.virustotal.com/#/file/f221e67a88d8b72dae0901e22356a5e5231485f8f40679" target="_blank">https://www.virustotal.com/#/file/f221e67a88d8b72dae0901e22356a5e5231485f8f40679</A> 1e0895fbe63e8199b8/detection<BR /><A href="https://www.virustotal.com/#/file/afc4aff64a02d2f697d8ca413984524524c819a4667d9a" target="_blank">https://www.virustotal.com/#/file/afc4aff64a02d2f697d8ca413984524524c819a4667d9a</A> ce9bfed45ed589ecfe/detection<BR />&nbsp;<BR />Thank you very much in advance.<BR />If you should need any further details or contact information, please do not hesitate to contact me.</P> Wed, 25 Oct 2017 08:59:28 GMT carles 2017-10-25T08:59:28Z https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/183596#M215 <P>Hi,<BR /><BR />We are facing some false positive issues in the software we develop. Here is a link to download a sample installer and also individual content:<BR /><A href="https://cp.sync.com/dl/f0ef29c20#hnvbmt7r-zbpvwdaa-qc6feknz-ks834c37" target="_blank">https://cp.sync.com/dl/f0ef29c20#hnvbmt7r-zbpvwdaa-qc6feknz-ks834c37</A><BR /><A href="https://cp.sync.com/dl/d4f2b98c0#9bi8w8ve-st3xx7fd-3e4hr9mi-9k5j6gyq" target="_blank">https://cp.sync.com/dl/d4f2b98c0#9bi8w8ve-st3xx7fd-3e4hr9mi-9k5j6gyq</A><BR />&nbsp;<BR />We think this could have been caused by the use of an EXE protector/packer/antidebug/anti-tampering<BR />Unfortunately we can't stop using it for security reasons but we digitally sign all the installers and files, so we hope you can whitelist our digital signature, since this is causing many reputation issues to our company and negatively affecting to our relation with customers.<BR />&nbsp;<BR />Here you have links to the report of both files on VirusTotal:<BR /><A href="https://www.virustotal.com/#/file/f221e67a88d8b72dae0901e22356a5e5231485f8f40679" target="_blank">https://www.virustotal.com/#/file/f221e67a88d8b72dae0901e22356a5e5231485f8f40679</A> 1e0895fbe63e8199b8/detection<BR /><A href="https://www.virustotal.com/#/file/afc4aff64a02d2f697d8ca413984524524c819a4667d9a" target="_blank">https://www.virustotal.com/#/file/afc4aff64a02d2f697d8ca413984524524c819a4667d9a</A> ce9bfed45ed589ecfe/detection<BR />&nbsp;<BR />Thank you very much in advance.<BR />If you should need any further details or contact information, please do not hesitate to contact me.</P> Wed, 25 Oct 2017 08:59:28 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/183596#M215 carles 2017-10-25T08:59:28Z https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/189590#M248 <P>Submitted analysis for&nbsp;</P><P><STRONG>f221e67a88d8b72dae0901e22356a5e5231485f8f406791e0895fbe63e8199b8</STRONG></P><P>&nbsp;</P><P class="p1"><SPAN class="s1">afc4aff64a02d2f697d8ca413984524524c819a4667d9ace9bfed45ed589ecfe is the sha256 of the ZIP files. We don't create verdicts or signatures for ZIP files. That file is being blocked due to file inside being found to be malware:&nbsp;</SPAN></P><P class="p1"><SPAN class="s1">FeasaTerminal.exe with sha256&nbsp;</SPAN></P><P class="p1"><SPAN class="s1">decd12804e4781be496b6451460bf89f51a215e609775dd31052fbb4c8d8a900.</SPAN></P><P class="p1">&nbsp;</P><P class="p1"><SPAN class="s1">I'm submitting&nbsp;</SPAN></P><P class="p1"><SPAN class="s1">decd12804e4781be496b6451460bf89f51a215e609775dd31052fbb4c8d8a900 separatelly for analysis.</SPAN></P><P class="p1">&nbsp;</P><P class="p1"><SPAN class="s1">If these are found to be Benign, the associated signature will get disabled within the next 3 business days.</SPAN></P> Mon, 04 Dec 2017 16:51:10 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/189590#M248 mivaldi 2017-12-04T16:51:10Z https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/189848#M253 <P><STRONG>The following samples were changed to a Benign verdict:</STRONG></P><P>&nbsp;</P><P><STRONG>f221e67a88d8b72dae0901e22356a5e5231485f8f406791e0895fbe63e8199b8</STRONG></P><P><STRONG>decd12804e4781be496b6451460bf89f51a215e609775dd31052fbb4c8d8a900</STRONG></P><P>&nbsp;</P><P><STRONG>The change will reflect in tomorrow's Antivirus release.</STRONG></P><P><STRONG>Your digital signatur will be added to our trusted signer list.</STRONG></P> Mon, 04 Dec 2017 16:53:40 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive/m-p/189848#M253 mivaldi 2017-12-04T16:53:40Z