Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1367
Views
1
Helpful
4
Replies

False positive hit ... or not ? - Solved

Go to solution
Brian Korfitz Miehs
Level 1
Level 1

‎01-12-2016 01:16 AM

Hi

I'm working with a costumers Sourcefire and ran into this file being blocked by the system.

AAFlash_setup.exe

https://www.virustotal.com/en/file/8e13f9c500757b2822c8c36a5ee32b820ff274e8cbbc9976f0cce096d7e7dd18/analysis/

I can't seem to find any reason anywhere as to why the file is being blocked other that the Sourcefire dosn't like it.

So does it contain malware or is it a false positive ?

And where do i find this infomation because my almighty google didn't help me.

Picture with the hit is attached

//Brian

Labels:
Preview file
237 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dennis Perto
Level 5
Level 5
In response to Brian Korfitz Miehs

‎03-09-2016 02:58 AM

Then it must be a false positive.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Philip D'Ath
VIP Alumni
VIP Alumni

‎01-12-2016 02:24 AM

The screenshot you supplied says it is malware ...

Go to solution
Brian Korfitz Miehs
Level 1
Level 1
In response to Philip D'Ath

‎01-12-2016 02:38 AM

I can read and that is really not my problem ;)

My problem is 56 other virus scanners say that this file is clean and the only Sourcefire says it's infected and dosn't show in detail with what.

0 Helpful

Go to solution
Brian Korfitz Miehs
Level 1
Level 1

‎01-27-2016 01:12 AM

I found someone with access to threatgrid and the file was just slightly bad and with no virus.

0 Helpful

Go to solution
Dennis Perto
Level 5
Level 5
In response to Brian Korfitz Miehs

‎03-09-2016 02:58 AM

Then it must be a false positive.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card