AdvanceBox.exe 12.40 detected as malware - GSM-Forum

atomikramp · 08-07-2015, 13:02

Hello,
i've just noticed that the advancebox.exe binary included in the full installed for version 12.40 is detected as malware

I've downloaded the file from the official site at this URL:
ATF_v12.40_Full_Installer.rar

I've never encountered such an issue with any other version of advancebox...

can any member of the dev team please explain this?

Malware details:
Trojan:Win32/Skeeyah.C!plock

Gead · 08-07-2015, 14:22

I have the same problem .

srinibas · 08-07-2015, 15:09

Just ignore it .....

Steps - put in exclusion list

Br - srinibas

atomikramp · 08-07-2015, 17:34

srinibas
don't get me wrong, but your reply didn't provide an actual answer nor a solution to the problem.

If you can please explain the reason why the binary is detected as malware, maybe i can consider the idea of whitelisting it.

Considering the fact that it's being detected as a well specific malware, and not against some random signature for general stuff which might let me think it's a false positive.

Don't get me wrong, i'm not stating that this binary has been infected on purpose, maybe it's a mistake, or really there is a reason for the signatures to alert in such a way... what i'm expecting tho, from the developers of the software and from the team is to consider this problem and verify that their build and distribution environment is clean from infection vectors.

Looking forward to hear from you
thanks in advance.

08-07-2015, 13:02	#1 (permalink)
atomikramp Insane Poster Join Date: Nov 2008 Posts: 98 Member: 911152 Status: Offline Thanks Meter: 4	AdvanceBox.exe 12.40 detected as malware Hello, i've just noticed that the advancebox.exe binary included in the full installed for version 12.40 is detected as malware I've downloaded the file from the official site at this URL: ATF_v12.40_Full_Installer.rar I've never encountered such an issue with any other version of advancebox... can any member of the dev team please explain this? Malware details: Trojan:Win32/Skeeyah.C!plock

08-07-2015, 14:22	#2 (permalink)
Gead No Life Poster Join Date: Jun 2013 Posts: 777 Member: 1963729 Status: Offline Thanks Meter: 132	I have the same problem .

08-07-2015, 15:09	#3 (permalink)
srinibas No Life Poster Join Date: Apr 2007 Location: M W Balasore,Odisha,INDIA Age: 52 Posts: 12,752 Member: 492222 Status: Offline Sonork: 100.1594126 Thanks Meter: 10,377	Just ignore it ..... Steps - put in exclusion list Br - srinibas

08-07-2015, 17:34	#4 (permalink)
atomikramp Insane Poster Join Date: Nov 2008 Posts: 98 Member: 911152 Status: Offline Thanks Meter: 4	srinibas don't get me wrong, but your reply didn't provide an actual answer nor a solution to the problem. If you can please explain the reason why the binary is detected as malware, maybe i can consider the idea of whitelisting it. Considering the fact that it's being detected as a well specific malware, and not against some random signature for general stuff which might let me think it's a false positive. Don't get me wrong, i'm not stating that this binary has been infected on purpose, maybe it's a mistake, or really there is a reason for the signatures to alert in such a way... what i'm expecting tho, from the developers of the software and from the team is to consider this problem and verify that their build and distribution environment is clean from infection vectors. Looking forward to hear from you thanks in advance.