Jump to content

calibre latest version (2.57.1) -> false positive

dg1974it

By dg1974it
in Anti-Ransomware Beta

 Share

Recommended Posts

dg1974it

dg1974it

Posted
Posted

Yesterday I've updated calibre to the latest version (2.57.1) and the antivirus (Avast Internet Security Premier), the anti malware (Malwarebytes Anti-Malware Home Premium) and the anti ransomware (Malwarebytes Anti-Ransomware) didn't find anything to complain while installing the update.

Then I started using calibre and after 20-30 minutes it crashed because Malwarebytes Anti-Ransomware put the "calibre.exe" in the quarantine for "generic ransomware".

I downloaded again the installer, repaired the installation, the I put the calibre.exe in the exclusion's list.

Today, again after 20-30 minutes of calibre doing its work, Malwarebytes Anti-Ransomware put "calibre-parallel.exe" in the quarantine...

I've attached the logs, the C:\ProgramData\Malwarebytes folder, the two exe quarantined.

You should add an option to exclude a folder, not only a single file. in the calibre folder there are a lot of exe... I don't want to manually exclude all of them because suddenly Malwarebytes Anti-Ransomware decided that these files are infected (and this is not true).

And you should add an option to restore a file from quarantine: if I try, the application says that it's impossible because the file was marked for deletion after reboot.

Thanks.

logs.zip

Malwarebytes Anti-Ransomware.zip

calibre.zip

calibre-parallel.zip

Link to post
Share on other sites
1PW

1PW

Posted
Posted

Reference:

https://www.virustotal.com/en/file/99ea58458e9df56de9716ea8f81cf9b371f00c4cd84e80d37539dd8a19699f97/analysis/1463761120/ Unsigned
https://www.virustotal.com/en/file/e1036c4ff1b5d7b4b49488733dbee607d38d0c70ee7a02ab75e2a0d92bb24b72/analysis/1463758458/ Unsigned

Hello dg1974it and :welcome:

Available data strongly suggests false positives, and you may wish to retain the following temporary full pathname file entries in MBARW GUI Dashboard -> Exclusions:

Both binaries has been uploaded to the developers, please allow those entries to remain until you are requested to remove them.

                      C:\Program Files\Calibre2\calibre.exe
                      C:\Program Files\Calibre2\calibre-parallel.exe

At any time, a MBARW development team member, QA team member or Staffer may request the above temporary exclusions be altered/removed.  Thank you for beta testing MBARW and your valuable feedback.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.