Jump to content


Photo

False-Positive Spyware/Virus

spyware virus falsepositive

  • Please log in to reply
3 replies to this topic

#1 Jeff Nichols

Jeff Nichols
  • Members
  • 3 posts

Posted 04 February 2019 - 02:41 PM

Receiving multiple e-mails from "spyware-notify-bounces@barracuda.com" regarding this and similarly patterned URLs:

 

This email is from the Barracuda Web Security Gateway.  We have detected and blocked the download of:  VIRUS  Win.Trojan.Generic-6840770-0

                from the server:au.download.windowsupdate.com

                with the URL:http:// au.download.windowsupdate[.]com/c/msdownload/update/software/defu/2019/02/am_delta_patch_1.285.819.0_37b3fc954a2d1847690b69f2640a2b0ec1ab112b.exe

 

 

It looks like this is just virus definitions for our Microsoft Antivirus. This is still occuring with spyware definitions 2.0.5961 (2019-02-04 12:35:24) and antivirus definitions 3.7.0.9431 (2019-02-04 10:23:15). Both of these are currently the latest.



#2 rsimmers

rsimmers
  • Members
  • 15 posts

Posted 04 February 2019 - 02:57 PM

I reported this to support earlier today and got the following response....

 

Earlier we had bad definition for spyware was updated causing some issue triggering spyware email alerts. Security team is working on it and will release new definition soon, which will fix the issue automatically



#3 jp1

jp1
  • Members
  • 5 posts

Posted 04 February 2019 - 03:31 PM

Thank you for posting this.  Much like you, I'm getting bombarded with these messages.

Hopefully the new definition file is released soon.



#4 JStrance

JStrance
  • Members
  • 1 posts

Posted 04 February 2019 - 03:48 PM

Looks like they put an update and I applied it but my mailbox is still blowing up with the Win.Trojan.Generic-6840770-0 messages. 







Also tagged with one or more of these keywords: spyware virus falsepositive