Xlsx File Flaged As Malware: False positive Infection?
Hi everyone!
I've got the message below after the latest update of bitdefender.
The file C:\[...]\Espanso - comandos (1).xlsx=>(dummy) is infected with XLM.Formulas.Abracadabra.4.Gen and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean
I tried to restore the oldest version of it (aug/2022) from google drive but again bitdefender reported it as mallware as it was downloading.
It is a simple excel file where I store some commands and code as text.
Seems to me as it might be a false positive? How can I know for sure?
thanks
Answers
-
I experienced exactly the same since today, on one of my own Excel files with the same message ".. infected with XLM.Formulas.Abracadabra.4.Gen ..". And after which I did performed a full system scan, where even more (8) other (incl. older) Excels files where seen as infected with this and resolved...
Besides I'm happy that bitdefender found & resolved it, I'm also very doubtfull about this (whether it isnt a false positive) and was looking for details about this 'virus' in my Excel files .... and landed by this post. Which makes we wonder even more.
P.S. (1) And when I performed a full scan om my laptop, it even found other (and older unused) Excel files now infected with 'Formulas.Vita.17'. Makes we wonder even more about whether it being a false-positive?
P.S. (2) In most of my 'infected' Excel there are also 'complex' Excel formulas used (like VLOOKUP etc) and conditial formatting (with Excel formulas), is that maybe now falsely seen as those infection of 'Abracadabra.4.Gen' and/or 'Vita.17' ?
So dear Bitdefender, please us out and help and check this out whether this is a thru infection or a false positive?
How can we know for sure that our precious files have been infected (and lost for ever) or whether it's a false positive and/or maybe due an error in the last update?
Many thanks for helping out in advance.
1 -
Hello :)
False positives may be submitted here.
Kind regards,
Scott
2 -
Can you share the virustotal link here.
Regards
0 -
Virus total check. I ran it yesterday
1 -
As checked you have shared the virustotal link of the url. Can you share the virustotal link of the excel file that was detected.
Regards
0 -
I'm afraid that won't be possible. I sent the file to Virus total by sharing it's url from google drive as bitdefender was blocking even the upload of the xlsx.
By now, I'm able to open and work on the excel file again. Not sure if bitdefender fixed it or any recent update fixed any issues with false positive detections.
3 -
Virus total check. I ran it today.
96597abe5938d4f8d0370405a350221edd1cf7937ed1f0beb2c1c209d7fe64d4
2 -
The detection was removed by the malware researchers. Below is the updated virustotal link.
Regards
2
