Jump to content

AzureusTor.exe.bak was indentified as a trojan exploit, likely a false positive


CaptainHindsight

Recommended Posts

Subject says it all.

 

My original post, with all of my original details, is here.

 

It was pointed out to me by one of my responders to read your false positive reporting guidelines.

 

Normally, I would generate the requested log file.  However, my original scan took 2.5 hours, and my wife is going to kill me if I spend any more time on the computer right now, as we have to pack for a trip tomorrow.

 

So, as a quick substitute, I am simply attaching the AzureusTor.exe.bak file to this post so that the MBAM developers can have a full go at it.  I trust that that will work.

 

Scratch the sentence above: upload failed with this error message: "You aren't permitted to upload this kind of file".

 

I guess this will have to wait until I get back from my travels.

Link to post
Share on other sites

You have to put the file in a ZIP or RAR Archive container first.  It would also be best to attach a log.

 

  • Take the files and put them in a ZIP or RAR archive file.
  • Create a new post.
  • Choose "More Reply Options" on the bottom Right of the Web Form
  • Now choose "Attach Files" on the bottom Left of the Web Form.
  • Browse and find your ZIP or RAR file.
  • Choose "Add Reply" and there's your post with your attachment(s)
Link to post
Share on other sites

  • 2 weeks later...

12/23/2014

 

The update was long since pushed out.

 

David: my original post on 2014-12-23 observed this bug in MBAM version 2.0.4.1028, and that is the version that is still presented for download on the official link as of this instant.

 

Or, did you simply mean that the MBAM developers internally finished work on the next update, which has yet to be released to the public?

Link to post
Share on other sites

Malwarebytes releases multiple signature updates per day.  Each Signature update set is assigned a version based upon the date and conforms to the following pattern...

 

YYYY.MM.DD.##

 

YYYY = 4 digit year

MM = 2 digit month

DD = 2 digit day of month

## = Present version number signature released on that day.

 

Therefore since Rich posted "Fixed next update."  on 12/23/'14 then subsequently on 12/23/'14, on the next release would be the False Positive negation.

 

So if at the time of Rich's post the signatures were at -- 2014.12.23.06

 

Then one could have expected the correction to be made in signatures released at -- 2014.12.23.07

 

To give you a reference point the signatures, at the time of this reply, are at -- 2015.01.04.13

 

From the above one can deduce that, at the time of this reply, Malwarebytes had released 13 signatures updates Today.

 

EDIT:

 

Just to make sure you understand.  There are two versions.  PROGRAM and UPDATES.

 

When you posted "MBAM version 2.0.4.1028" you are providing the program version.  While the program has a particular set of signatures within the installer, they are only good at the time of the release and within hours there will be signatures updates.  Those updates are detailed above and is directly relatable to detections of new malware or the negation of False Positives.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.