False positive submission

Showing results for 
Show  only  | Search instead for 
Did you mean: 

False positive submission

L1 Bithead

File Hash: lots of files (all versions we have distributed since the service started)

Files to download : https://drive.google.com/file/d/1UU_LUlLwhNan-Z657WEMD9gOtDyfFvET/view?usp=sharing

Link to Virustotal report for the file: https://www.virustotal.com/gui/file/e6ed2f92fe26eb85dc5019654da03c11b7b3a03adb0e6de065c54d9c71c5ded1...

Current VirustTotal Verdict: Generic.ml (2 / 67)



Our product is developed with C# .NET framework and we use .NET Reactor to secure it. .Net Reactor is a tool for code protection and anti-debug. This service is utility tools for small businesses in South Korea.
And all our binaries signed with EV Code Signing certificate. About 5 month ago, we noticed that our product was treated as a malware by multiple anti-virus softwares.
The problem was an option of .NET Reactor. We received advice from .NET Reactor team and turned off the 'Native EXE' option in their software since Oct 15th, 2020. KST
After changing the option, most false positive detection have disappeared. However, TotalVirus keeps histories of previous versions of our binaries which are not distributing anymore.

And Paloalto keeps 'Generic.ml' after it. 



These are all the binaries we have distributed. Some are clean by Paloalto and some are treated as a malware by Paloalto.

Please review all the files.

Thank you



under review 

since you are Palo Alto customer , please open Tac case . This form is for non Palo Alto customers . 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!