https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237325#M784 <P>HI Artem.Razin</P><P>&nbsp;</P><P>This SHA256=&nbsp;&nbsp;<SPAN>fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2 is already benign.&nbsp;</SPAN></P><P><SPAN>This is a trap message, we think it was blocked by your traps client.&nbsp;</SPAN></P><P>Please open a support case with traps team with threat log, threat-ID or signature is been triggered.&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P><SPAN>Thanks&nbsp;</SPAN></P><P><SPAN>Himani&nbsp;</SPAN></P> Fri, 26 Oct 2018 19:01:58 GMT hisingh 2018-10-26T19:01:58Z https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237288#M782 <P>Hi,</P><P>&nbsp;</P><P>Today I've got a request from one of my customers that Deleaker, a popular C++ profiler, is dected as malware by&nbsp;<SPAN>TRAPS from Palo Alto Networks.</SPAN></P><P>&nbsp;</P><P>File Hash: <SPAN>fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2</SPAN></P><P>&nbsp;</P><P>Here the&nbsp;virustotal report:&nbsp;</P><P><A href="https://www.virustotal.com/#/file/fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2/detection" target="_blank">https://www.virustotal.com/#/file/fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2/detection</A></P><P>&nbsp;</P><P>VirustTotal verdict: <SPAN>No engines detected this file</SPAN></P><P>&nbsp;</P><P><SPAN>Description: DeleakerSetup_2018.37.0.0.exe is&nbsp;an installer of Deleaker.</SPAN></P><P>&nbsp;</P><P><SPAN>The installer itself and&nbsp;all files being installed are code signed.</SPAN></P><P>&nbsp;</P><P><SPAN>The installer can be downloaded <A href="https://www.deleaker.com/download/DeleakerSetup.zip" target="_self">here</A></SPAN></P><P>&nbsp;</P><P><SPAN>Please fix it ASAP as customer can't install Deleaker.</SPAN></P> Fri, 26 Oct 2018 13:11:17 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237288#M782 Artem.Razin 2018-10-26T13:11:17Z https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237325#M784 <P>HI Artem.Razin</P><P>&nbsp;</P><P>This SHA256=&nbsp;&nbsp;<SPAN>fe7e560f4cf440ffb7dd79fb8001c43c8760b3015aad0f677ddc99fde156e2f2 is already benign.&nbsp;</SPAN></P><P><SPAN>This is a trap message, we think it was blocked by your traps client.&nbsp;</SPAN></P><P>Please open a support case with traps team with threat log, threat-ID or signature is been triggered.&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P><SPAN>Thanks&nbsp;</SPAN></P><P><SPAN>Himani&nbsp;</SPAN></P> Fri, 26 Oct 2018 19:01:58 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237325#M784 hisingh 2018-10-26T19:01:58Z https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237446#M794 <P><SPAN>Himani,</SPAN></P><P>&nbsp;</P><P><SPAN>Thank you for the&nbsp;fast reply.</SPAN></P><P>&nbsp;</P><P><SPAN>I am sorry, probably I misunderstood you.</SPAN></P><P>&nbsp;</P><P><SPAN>Do you mean this file is already whitelisted?</SPAN></P><P>&nbsp;</P><P><SPAN>Thank you.</SPAN></P> Sat, 27 Oct 2018 15:30:42 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237446#M794 Artem.Razin 2018-10-27T15:30:42Z https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237484#M795 <P><SPAN class="">Hi Artem.Razin,&nbsp;</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">The file is blocked by traps; it could be a false positive case but with traps, not the wildfire.&nbsp;</SPAN><SPAN class="">In the wildFire, this file is not identified as malware.&nbsp; By opening a case with traps, the team can be useful.</SPAN></P><P>&nbsp;</P><P><SPAN class="">Thanks</SPAN></P><P><SPAN class="">Himani</SPAN></P><P>&nbsp;</P> Sun, 28 Oct 2018 06:07:44 GMT https://live.paloaltonetworks.com/t5/virustotal/false-positive-removal-request/m-p/237484#M795 hisingh 2018-10-28T06:07:44Z