Content Credentials

Me either but it was uploading to a webserver. Then I tried it several places with same rejection. Finally went to virustotal to see if I could find out why. Still confused.

I would try talking to any support for those webservers to see what might be going on. (Maybe somebody here can chime in, too.) I'm almost certain it's a security issue they didn't account for.

Content Credentials is also still in beta; you might have just exploited a bug somehow.

I actually did and they sent me the login report of the same thing above being uploaded. It was me trying to upload a photo with content credentials enabled. I did a test on another picture and now I'm even more confused. Kaspersky throws no errors at at, while VirusTotal throws the same malware as before Img.Packed.PngContainsDownloadCmd-6786216-0. The only thing I can think of is that my ethereum wallet is attached to content credentials. I don't know why that would make a difference considering cc was in a part created and implemented with several NFT marketplaces to show ownership. 

I will note that it is only on PNG that it throws this malware and only with ClamAV. Ive replicated the same photo as a JPG and with CC embeded with not issues. I have also ran multiple scans online and only those useing ClavAV as a validator had the same red flag. When I go to https://verify.contentauthenticity.org/ to verify credentials, it has no issue identifying the credentials with out issue of any malware detected.

Ahh, OK, so otherwise, it's fine? I was under the impression that the server wouldn't let you upload the image itself. So it's just a particular antivirus that's telling you there's malware? I wouldn't worry too much about it, if that's the case.

You're impression was right. My webserver wouldn't let me upload it to cpanel. Said it was corrupted with malware. After investigating and it seems that its this one antivirus that some servers used that recognizes it this way. Repeating the same content credentials on a JPG however doesnt throw any flags. So strange. As for now it make it look like the PNG I am uploading is trying to download something. Like its infected with a trojan. I've reach out to the antivirus support Clam, and submitted a bug report on github.