Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About tobor

  • Rank
    New Member
  • Birthday 04/18/1992

Contact Methods

  • Website URL
  • ICQ
  1. setup.exe is the flagged file. https://www.virustotal.com/en/file/0197f29e067696acbf61d889b71ab13218ac34be6d3370ae4032adc02412a745/analysis/ winhex.zip
  2. This document should help you: http://www.mcafee.com/us/resources/reports/rp-predicting-stealth-attacks.pdf It goes over history of rootkit techniques. I think most modern rootkits use IRP hooking; SSDT/IAT hooks are trivial to bypass.
  3. If you right-click in the scan results, there is a 'check all items' option
  4. Part of the guest additions for Virtual Box. File and log attached. mbam-log-2011-10-28 (11-40-45).zip
  5. For disassembling .NET projects, I would recommend ILSpy. It's easy to use and very good. You can also try Red Gate's Reflector, but it is no longer free (comes with a trial though).
  6. well not anymore it isn't now that you've posted it You should PM a Malwarebytes staff instead.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.