Jump to content

False Positive Detection of Clean Website - Urgent Attention Required


Go to solution Solved by harlan4096,

Recommended Posts

Posted

Hello,

I hope this message finds you well. I am writing to bring to your attention a false positive detection issue concerning my website. It has come to my attention that your antivirus engine is flagging my website as phishing, despite thoroughly cleaning it and ensuring its security.

I want to emphasize that I have taken all necessary measures to remove any traces of malware or malicious code from my website. After detecting the security breach, I completely rebuilt the website from scratch, leaving behind no remnants of the previous compromised version. Additionally, I have performed extensive malware scans using reputable tools and have implemented robust security measures to prevent any future attacks.

However, despite these efforts, my website continues to receive a high detection score on VirusTotal and other security scanners. This false positive detection is adversely affecting the reputation and functionality of my website, causing inconvenience to my users and damaging my online presence.

I kindly request your immediate attention and assistance in investigating this matter further. I would appreciate it if you could review the security status of my website and correct the false positive detection. Providing me with information about the specific detection and any steps I can take to rectify the situation would be greatly appreciated.

VirusTotal Report
Description of Steps Taken

  1. Deep scan the local computer and hosting and removed all unwanted junk before rebuilding the website.
  2. Remove the complete website and Rebuilt from scratch. Now the website doesn't contain a single thing from the old website.
  3. Protected my website with future attacks with correct systems.

So still our website doesn't have any malicious things, Also we are not providing any free software, our main goal is to help Marketers by providing paid software for those who want to make their work automated. So we have a wide range of software for every type of marketer.

I understand that you receive numerous requests, but I am confident that this false positive detection can be resolved with your expertise. Your prompt attention to this matter is crucial, as it directly impacts the reputation and operation of my website.

Thank you in advance for your cooperation and understanding. I look forward to your positive response and a swift resolution.

Flood and Flood's wife
Posted (edited)
1 hour ago, ripsan said:
  1. I am confident that this false positive detection can be resolved with your expertise. 

Hello @ripsan

Welcome!

 ?Submit the URL to Kaspersky's Virus Lab -> they're the *only* ones who are able to verify a False positive; follow: Kaspersky application blocks my website or application. What should I do? - this includes an analysis using: https://opentip.kaspersky.com/.

image.thumb.jpeg.4e19438f172e452633d980205bc990d1.jpegimage.thumb.jpeg.8d69cb3e688caf22221d2522c3821c91.jpeg  image.thumb.jpeg.01e27c938463bb2bb51f2509c91e608c.jpeg image.thumb.jpeg.92eb0ea8a8d604a41d58a8c4dcdfd706.jpeg

Thank you?
Flood?+?

Edited by Flood and Flood's wife
pn
Posted

Hello,

Thank you for your response. But I am not using any of your applications on my PC or anywhere. I want to report the issue that my website detected as Phishing in Virustotal from your Platform. So in this case can I still report the False Positive as a guest?

Thank you.

Flood and Flood's wife
Posted (edited)
17 minutes ago, ripsan said:

But I am not using any of your applications on my PC or anywhere.

1. I want to report the issue that my website detected as Phishing in Virus total from your Platform.

2 So in this case can I still report the False Positive as a guest?

Hello @ripsan

You're most welcome!

Thank you for posting back!

  1. Have you submitted your site to the *other* 13 security vendors who are also flagging (your) site as malicious? 
  2. Unfortunately, no, to access Kaspersky's Virus Lab services, it's necessary to have a paid Kaspersky license/subscription, you may wish to take out a subscription for their software, Kaspersky Standard: https://www.kaspersky.com/standard, this is from Kaspersky's Global website as we do not know which Region (you're) located in. 

Thank you?
Flood?+?

Edited by Flood and Flood's wife
pn
Posted

Hello,

Thank you for your response. Yes dear, currently submitted 7 vendors for false positives today including yours. So what can I do now?

Thank you.

Flood and Flood's wife
Posted
1 minute ago, ripsan said:
  1. So what can I do now?

Hello @ripsan

You're most welcome!

Thank you for posting back!

  1. It's your choice, if you wish for the Kaspersky's Virus Lab to analyze (your) site/URL, the service is offered to *active* Kaspersky subscribers. 

?IF (you) don't have a subscription & you really want the issue analyzed by Kaspersky, acquire a subscription or ask a friend who has an *active* subscription to submit the data on (your) behalf - it's not complicated - simply follow the documented guidelines we provided in our first reply. 

Thank you?
Flood?+?

Posted

Hello,

Dear, I don't have any friends who have an active subscription. How can I remove my website from VirusTotal? Because my website doesn't have any Phishing content. We are running this website for more than 2 years without any problem. The issue started when our website got attacked by a virus 3 months ago. When we know that website is in critical issue, we deep scan the local computer and hosting and removed all unwanted junk before rebuilding the website and we rebuilt the website from scratch. Now the website doesn't contain any single thing from the old website.

Also, we are not providing any free software, our main goal is to help Marketers by providing paid software for those who want to make their work automated. So we have a wide range of software for every type of marketer. 

Please help me to remove the false detection.

Thank you.
 

Flood and Flood's wife
Posted (edited)
18 minutes ago, ripsan said:
  1. I don't have any friends who have an active subscription.
  2. How can I remove my website from VirusTotal?
  3. Please help me to remove the false detection.

Hello @ripsan

Thank you for posting back!

  1. Ok. 
  2. Virus Total has *nothing* to do with Kaspersky, contact Virus Total. 
  3. Irrespective of what (you) believe, 14 security vendors have determined (your) site is malicious; we've provided the steps (you) need to take to resolve the issue, from Kaspersky's perspective - as we said above, it's not complicated -> you have the option of buying a Kaspersky subscription & submitting (your) data to Kaspersky's Virus Lab.
  4. The issue cannot be resolved by the Kaspersky Community, *only* Kaspersky Virus Lab experts can analyze & determine false positives.

image.thumb.jpeg.ffe82b234b6b19795587c8d20827a8f0.jpeg

Thank you?
Flood?+?

 

Edited by Flood and Flood's wife
Posted

@ripsan

In the meantime , from Kaspersky Anti-Virus Lab :

"Hello,
Your request has been forwarded to the Data Loss Threats Protection Group.
Best regards, xxxxxxxx xxxxxxxx , Malware Analyst"

Posted

Hello,

Yes, dear VirusTotal cannot do anything with your analysis. That's why I contacted you. Now 2 vendors are replied, that they will take action for my issue within 24 hours. I am waiting for the other vendor's reply.

Can you clarify for me that I have to subscribe to a plan, in order to report the false positive? If yes, which plan should I subscribe to? and after subscribing to a plan and reporting the issue, the issue will be resolved?

Because we can be 100% sure that our website doesn't contain any Phishing content. If it contains why your engine didn't detect any of the issues before the virus attack. Our website running for more than 2 years without any issues. Now the old website has been removed and rebuilt from scratch.

Thank you.

  • Solution
harlan4096
Posted

I also sent this morning the URL to K. analysts, and just got the final verdict:

Quote

Hello,

Dear User,

Thank you for sending a request to Kaspersky!
We have checked the link you sent us.
It has been confirmed as a false positive and excluded from our data loss threat protection databases.

Best regards,  Senior Web Content Analyst
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia Tel./Fax: + 7 (495) 797 8700 http://www.kaspersky.com https://securelist.com
https://opentip.kaspersky.com/ - get insights about suspicious files, hashes, URLs, IP addresses or domain names

 

 

  • Like 1
Flood and Flood's wife
Posted (edited)
1 hour ago, ripsan said:
  1. Yes. Virus Total cannot do anything with your analysis. That's why I contacted you.
  2. Now 2 vendors are replied, that they will take action for my issue within 24 hours. I am waiting for the other vendor's reply.
  3. Can you clarify for me that I have to subscribe to a plan, in order to report the false positive? If yes, which plan should I subscribe to? and after subscribing to a plan and reporting the issue, the issue will be resolved?
  4. Because we can be 100% sure that our website doesn't contain any Phishing content. If it contains why your engine didn't detect any of the issues before the virus attack. Our website running for more than 2 years without any issues. Now the old website has been removed and rebuilt from scratch.

 

Hello @ripsan

Thank you for posting back! 

  1. Kaspersky & Virus Total are completely independent of each other - VT collects data from Security vendors & publishes that data: Virus Total, How it works
  2. Ok. 
  3. In a previous reply, we provided a link to: https://www.kaspersky.com/standard, that's Kaspersky's cheapest subscription, in the most recent release - as we said, the link is for the Global website, because we do not know which Region/location (you) live in - the Global website is currently offering a 30% discount for Kaspersky Standard. IF you wish to know more about Kaspersky's latest release of software - please read: Kaspersky: Basic, Standard, Plus, Premium - info & FAQ
  4. The issue cannot be resolved by the Kaspersky Community, *only* Kaspersky Virus Lab experts can analyze & determine false positives.
  5. image.thumb.jpeg.da5f5883bed3c03edbda9af597a8762e.jpeg  image.thumb.jpeg.4a00e18bb64db77b276384e945aa3758.jpeg  image.thumb.jpeg.72061ef78d31d447590449f311da22e6.jpeg image.thumb.jpeg.6dd68802791f7115192b1eefafbeae9f.jpeg

6. It's *your* responsibility to sort out any ongoing issues with Kaspersky Virus Lab experts & or Virus Total.

Thank you?
Flood?+?

Edited by Flood and Flood's wife
pn
Posted

Hello,

Now VirusTotal has changed the status of my website to Clean on Kaspersky vendor. Your collective efforts, expertise, and dedication played a crucial role in rectifying the problem and restoring the reputation of my website. Your prompt and thorough responses to my inquiries demonstrated a commitment to exceptional community support.

Thank you very much who helped me to solve this problem @Flood and Flood's wife @Berny @harlan4096

  • Like 2

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...