burnedtoast Posted January 28, 2013 Posted January 28, 2013 username: toastserver: Steviedomain: burnedtoast.cu.cc I had my account suspended right before the weekend and again it is now suspended. I suspect my account has been resuspended even though I was able to show that the Hall of Mirrors.exe file is not a virus, just a game I made in Game Maker. If this is the case then check the previous posting in which it was clearly evident that it wan't malicous and I sent a false-positive report to ClamAV. If it isn't the case I would like to know what got my account resuspended.
wolstech Posted January 28, 2013 Posted January 28, 2013 I wouldn't be surprised if the false positive on Hall_Of_Mirrors.exe is the cause, especially if you didn't delete it. Accounts are re-suspended if you don't fix whatever it found. Your file is clean according to all major AV programs based on this VirusTotal scan report I ran on the file after your initial suspension: https://www.virustotal.com/file/87da07a170d020492f64f99c3eff62a338acf97903916ac2ec14b9fc97ed89fb/analysis/1359162127/ Seeing that ClamAV reports clean in that report, an admin may need to update the definitions on the server...
Tjoene Posted January 29, 2013 Posted January 29, 2013 Your account was suspended for the following reason: Malware. 1 file(s). Win.Trojan.Agent-127903 FOUND That means that there are some malware files found on your account.For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.
burnedtoast Posted January 29, 2013 Author Posted January 29, 2013 I scanned them over the weekend and have not made any changes to the files whatsoever and I bet I know that it's teh Hall_of_Mirrors.exe file. If it is then I have already sent the false-positive report to ClamAV, also as you can see from the above post: I wouldn't be surprised if the false positive on Hall_Of_Mirrors.exe is the cause, especially if you didn't delete it. Accounts are re-suspended if you don't fix whatever it found. Your file is clean according to all major AV programs based on this VirusTotal scan report I ran on the file after your initial suspension: https://www.virustotal.com/file/87da07a170d020492f64f99c3eff62a338acf97903916ac2ec14b9fc97ed89fb/analysis/1359162127/ Seeing that ClamAV reports clean in that report, an admin may need to update the definitions on the server... That clearly shows that the file isn't malicious. I will not remove the file because I wish to show it to my friends and have them a way to download it in case I forgot my flash drive and it's a perfectly harmless game.
Krydos Posted February 1, 2013 Posted February 1, 2013 Your account is showing up as clean now. Thank you for taking care of this. Seems like the folks developing the antivirus definitions are fairly responsive. I checked your account and the problematic file is still there with a creation date of July 5th 2011. So the only reason your account isn't suspended again is because they read your false positive report and made the adjustments to their software. I've always been curious about whether AV people like that just file false positive reports into /dev/null or if they actually read them. It's good information to know. Our apologies for the inconvenience of having a suspended account several times, but as you can imagine with nearly 23,000 accounts and charging nothing for our service we don't have the manpower or the money to pay someone to look through every single file for malicious content.
Shinryuu Posted February 1, 2013 Posted February 1, 2013 Our apologies for the inconvenience of having a suspended account several times, but as you can imagine with nearly 23,000 accounts and charging nothing for our service we don't have the manpower or the money to pay someone to look through every single file for malicious content. That might be fun, I get bored somedays.
Recommended Posts