07-29-2018 10:06 AM
Hello,
My name is Shaun Green, and I work in Restoro as the Virus Lab Manager.
I have checked our software files in VirusTotal.com today, and found Palo Alto is flagging some of them.
We would like to clear these detections as soon as possible.
These are the details of the files currently being flagged by Palo Alto:
File Name: uninst.exe
MD5: 8609cbb702bcb44a8652b0da1c9c7af6
SHA1: dff98fb4ecefe41dc1db1d056590687e3b974fec
SHA256: 082e8fd55cbb36198b68d4f3d6e24370303039a190295db99ed148064c68550c
File Name: uninst.exe
MD5: 5d722af9069170c827855e4dfb8f537b
SHA1: 4feb6927c59d658285737334200040e335814575
SHA256: eff5eabcfcdfdce422860483bbb4539f70370fcb07d3b00e0c4fd2d195b393fc
File Name: engine.dll
MD5: 6ac5a948ccfe9b39ad69f8940e7013a8
SHA1: c3ecb8fec6281abf45def580d01a5f2398fca7ab
SHA256: 784f2485dc24ed2cb033bec5bec60dd66845f623ab28fbad603a7b51c07798a4
Please let me know what we need to do in order to clear our software files in Palo Alto virus definitions.
Thank you,
Shaun Green
07-30-2018 06:04 AM
These samples have been submitted for manual evaluation. Please allow us at least 24 hours.
07-30-2018 06:04 AM
These samples have been submitted for manual evaluation. Please allow us at least 24 hours.
03-28-2019 06:08 AM
Hi tsullivan7,
i have the same isssue again, 3 files detected by Paloalto
| file | md5 | sha1 | sha256 | description |
| uninst64_2015.exe | 2b63d5396d85a1aed4a00948a53085d5 | 059c6ec2d838d04add29d865e296e0f8b6806770 | 4881bbb695de1f69e2a8a971484a5167670fd95d12a74ac0c03029f6edb80e78 | generic.ml |
| uninst32_2015.exe | e11418717511847ae711f0f297edb591 | 41f55c46cc8790c29eac1fb6db1bd6dbdb75aa97 | d1f61e2e87423581bddcf63560249d843e87be2cd8b00f9a9848ec55d6d4fc1a | generic.ml |
| engine32_2015.dll | e6f31fd3d10f43b974842cde41a6dcf2 | 7015c19c3dfe35a443db8f94e6d887ca932154e3 | d4916f633beb9e1bce920695ecd21a75430cbbbe5c8d54de6ced7649f78e5dc2 | generic.ml |
appreciate your help:
Shaun
04-12-2019 06:45 AM
I have submitted all three files for maual review.
04-12-2019 10:11 AM
These files are no longer listed as malicious by Palo Alto.
10-29-2019 02:34 AM
Hi @dparris
i have again issues with file being detected by paloalto
| file | md5 | sha1 | sha256 | description |
| engine32_2016.dll | b9b83c51bd3cc34422b57a5fecac9276 | ae992818101283b541dafc17e4dcec03dd908523 | 705f53b4ebf27c29807f308fd84f150648896b511c97bcfc81018c5e3ea6a2e9 | generic.ml |
| uninst32_2016.exe | fcd2542059d920844ee725aa16b51ea6 | 1488aac63de0bc27b213b4fd6e5ef277b15a0505 | 6d35a40ece87ae1e37258a923a3ac5595a8956f5423e8ea09bbaef2a3b6413a9 | generic.ml |
could you please assist with sending them to review?
thanks,
Shaun
10-29-2019 05:28 AM
Shaun,
Please do not use MD5 or Sha1 hashes. we only work with Sha256 hashes and it is extra steps for us to look up the hash for you.
Also these are different hashes so they are different files. Even if they have the same name as before, they have been changed and in our eyes are different files, please open a different thread next time.
I have entered these files for manual review.
10-29-2019 05:30 AM
understood
appreciate your help
10-29-2019 09:22 AM
These files are no longer listed as malicious by palo alto.
10-30-2019 12:22 AM
@dparris thanks for your help
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
