Collector Posted July 30, 2017 ID:1147617 Share Posted July 30, 2017 https://p5.zdusercontent.com/attachment/1306704/M8lqY9ABUk32rS9C5O5bl2DmB?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..GjmV1upA7nijEnsugU4s4g.IP9zu1qjjx2tCzF92du1rAwqfmK-yrGy1ec6TIZnCz3nnVlM6uewpmSXBAwfy5U_-Lz2wCnjAa-6Cea_wPWsOxWlmKnXezGIsIRXs5vhh7wTjfbhWd_Edk43gRO1Ahf38AjQ7sYayTdL40L6i0XvufQRBzIpjiy-jFJgODvYwwJ9i-y0RguuIi4aD-RZAt26D9P7X5XpE-LhOwkPLCY5-UxT3fVg9LXUAAeLnePQePoDx-UfKA89wZxICHnjPvSnvC5EmK-uX0rSmGN5dJkqZQ.6MeS6EILfT35UA_q5JbQ8g Had a chat with Larry, and apparently the research team is here and don't do emails. So here I am, can you kindly whitelist this file? Screenshot is the above link and you can download the file here: http://www.ctpax-x.org/?goto=files&show=24 to check for yourself if you believe it is indeed malicious or a false positive. Thanks! Link to post Share on other sites More sharing options...
Staff blender Posted July 30, 2017 Staff ID:1147623 Share Posted July 30, 2017 Hello, I am going to move this thread to the Anti-Exploit forum. In the mean-time, you can exclude this file from the Anti-Exploit from detecting it. Open MBAM > settings> Exclusions. Choose "add exclusion", choose "exclude previously detected exploit". From here, you can select the towav.exe so it won't be detected next time you run it. Link to post Share on other sites More sharing options...
Collector Posted August 2, 2017 Author ID:1148776 Share Posted August 2, 2017 On 30/07/2017 at 5:28 PM, blender said: Hello, I am going to move this thread to the Anti-Exploit forum. In the mean-time, you can exclude this file from the Anti-Exploit from detecting it. Open MBAM > settings> Exclusions. Choose "add exclusion", choose "exclude previously detected exploit". From here, you can select the towav.exe so it won't be detected next time you run it. Oh is this to do with the anti-exploit part of the program? Thought it was just malware in general.... Has anyone looked at it and confirmed whether said file is false positive or not? Link to post Share on other sites More sharing options...
Staff blender Posted August 3, 2017 Staff ID:1149034 Share Posted August 3, 2017 Hello, Yes - I moved the post where I should not have. Go me! - I'll move it back I am having trouble re-producing the detection. How can I re-produce this? Can you also attach the log of the detection? Link to post Share on other sites More sharing options...
Staff blender Posted August 3, 2017 Staff ID:1149039 Share Posted August 3, 2017 Sorry - I was able to reproduce the issue, so no need for logs. This will be fixed next database update. Thanks for reporting! Link to post Share on other sites More sharing options...
Staff blender Posted August 3, 2017 Staff ID:1149088 Share Posted August 3, 2017 Hello, Database packages have been released to fix this. Thanks again for reporting! Link to post Share on other sites More sharing options...
Collector Posted August 13, 2017 Author ID:1152934 Share Posted August 13, 2017 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now