Guest beastman Posted July 4, 2011 ID:449243 Share Posted July 4, 2011 Hello!Detected as Trojan.FakeAlertdatabase version 7019 Link to post Share on other sites More sharing options...
nosirrah Posted July 4, 2011 ID:449285 Share Posted July 4, 2011 Please zip and attach your copy. Link to post Share on other sites More sharing options...
nosirrah Posted July 4, 2011 ID:449289 Share Posted July 4, 2011 I double checked both versions of putty currently available and neither is detected so we wont be able to progress further without the version you have. Link to post Share on other sites More sharing options...
Guest beastman Posted July 4, 2011 ID:449309 Share Posted July 4, 2011 Please zip and attach your copy. sorry here it is it's about ten years oldputty.rar Link to post Share on other sites More sharing options...
nosirrah Posted July 4, 2011 ID:449315 Share Posted July 4, 2011 I am unable to verify that this ever existed before today, is this a custom build or modified in some way? Link to post Share on other sites More sharing options...
Guest beastman Posted July 4, 2011 ID:449320 Share Posted July 4, 2011 I am unable to verify that this ever existed before today, is this a custom build or modified in some way? One thing I'm almost sure is that i downloaded it from LAN sometime between 2006 and 2007. Link to post Share on other sites More sharing options...
nosirrah Posted July 4, 2011 ID:449323 Share Posted July 4, 2011 The reason I ask is that there is decent evidence that this has only existed for about 6 hours. The MD5 has no hit as all on google and virustotal shows an initial scan earlier today. The other possibility is that for some reason putty was polymorphic back then and everyone got their own MD5 but I do not think that is likely.The reason I was asking about default version VS. customized is that it would change how we process this.Either way I am looking into this now. Link to post Share on other sites More sharing options...
rpa Posted May 1, 2012 ID:547789 Share Posted May 1, 2012 Hi,I get a false(?) positive with the version directly from the PuTTY download page:http://www.chiark.gr...y/download.htmlThe latest release version (beta 0.62). For Windows on Intel x86 PuTTY: putty.exe Malwarebytes Anti-Malware 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.05.01.05Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Omistaja :: OMISTAJA-PC [administrator]01/05/2012 14:14:59mbam-log-2012-05-01 (14-14-59).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 219798Time elapsed: 20 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\Users\Omistaja\Desktop\putty.exe (Trojan.Swrort) -> Quarantined and deleted successfully.(end)putty.zip Link to post Share on other sites More sharing options...
ballinascreen Posted May 1, 2012 ID:547820 Share Posted May 1, 2012 I also started receivngHi,I get a false(?) positive with the version directly from the PuTTY download page:http://www.chiark.gr...y/download.htmlThe latest release version (beta 0.62). For Windows on Intel x86 PuTTY: putty.exe Malwarebytes Anti-Malware 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.05.01.05Windows 7 Service Pack 1 x64 NTFSI also started receiving warnings from Malwarebytes for the same version of PuTTY [0.62 beta] earlier today. Also tried downloading a fresh copy of PuTTY from the web and still the same Trojan.Swrort alert.Malwarebytes Anti-Malware (PRO) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.05.01.03Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Regards,Shane Link to post Share on other sites More sharing options...
Imperator Posted May 1, 2012 ID:547835 Share Posted May 1, 2012 I too have begun to receive warnings from Malwarebytes for PuTTY 0.62 beta across our network. A fresh copy of PuTTY still gets flagged. Every time the alert is warning that PuTTY.exe is infected with Trojan.Swrort.Malwarebytes Anti-Malware (PRO) 1.61.0.1400Malwarebytes Anti-Malware (Corporate) 1.61.0.1400Database version: v2012.05.01.05Windows 7 SP1 x64 & x32 Link to post Share on other sites More sharing options...
Fatdcuk Posted May 1, 2012 ID:547855 Share Posted May 1, 2012 Ok looking into this now folks.Thanks for the reports(s)Edit/Update.Confirmed that the recent detection is indeed a F/P.This will be fixed on the next update cycle. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now