Jump to content
Update to the Latest Version for Smooth VPN Performance ×
Kaspersky Support Forum

False positive: metehanreset.com flagged as Botnet C&C / Malware

orhan çelik

By orhan çelik
in Virus and Ransomware related questions

 Share

Recommended Posts

orhan çelik

orhan çelik

Posted
Posted

Hello,

My domain metehanreset.com is being flagged as “Botnet C&C / Malware” by some reputation services, but this is a false positive.

metehanreset.com is my own small commercial website for printer maintenance tools and blog guides (WordPress + WooCommerce). There is no malware hosted or distributed from this site.

Recent scans show:
- 0 malware detections
- Only normal WordPress assets (HTML, CSS, images, fonts, theme files)

I also scanned the hosting account and WordPress installation (core, themes, plugins) and did not find any injected or malicious code.

Please review this domain and remove the malicious / Botnet C&C classification if possible, as it negatively affects my brand and customers’ trust.

Thank you.
 

Berny

Berny

Posted
Posted

@orhan çelik  Welcome

Your URL has been submitted to Kaspersky Virus Lab , the verdict will be provided when available.

 

  • Like 1
Berny

Berny

Posted
Posted
Quote

" Hello,

The detection is correct. The site has been compromised, and it contains malicious files.

Best regards, Xxxxxx Xxxxxxxxx, Malware Analyst, Kaspersky Lab
39A/3 Leningradskoe Shosse, Moscow, 125212, Russia"

 

  • Like 1
  • 2 weeks later...
orhan çelik

orhan çelik

Posted
  • Author
Posted (edited)

Thank you for the detailed feedback.

Our downloadable Windows tool is also EV code-signed, so if an older unsigned build was involved in the initial detection, it has now been replaced with the clean, signed version.

I rescanned the site and the current homepage HTML (SHA-256: 8bc821aca2333a7f3687b2c97aa43cfe63606208570e4e58a4ace734e8ec1f6a) shows 0/61 detections.

Could Kaspersky Virus Lab please re-analyse the current version of https://metehanreset.com/
 and update the classification if it is now clean? This is a small commercial site for printer maintenance tools and the “Botnet C&C / malware” label is seriously affecting my business.

Thank you in advance.

Edited by Berny
Link disabled
harlan4096

harlan4096

Posted
Posted
Quote

Hello,

URL was removed from blocklist. It will be fixed in the next update. Thank you for your help.

Best regards, Malware Analyst

 

  • Like 1
orhan çelik

orhan çelik

Posted
  • Author
Posted

Thank you for removing my domain from the blocklist and for your help.
 

Best regards,
Orhan**

  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...