Jump to content

Himeko

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by Himeko

  1. Attached report and scanned file. RADStudioKeyPatch.zip mwb false trigger.txt
  2. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/27/21 Scan Time: 9:22 AM Log File: 5860d946-bebc-11eb-afec-f46d043491ee.json -Software Information- Version: 4.4.0.117 Components Version: 1.0.1308 Update Package Version: 1.0.40980 License: Trial -System Information- OS: Windows 10 (Build 19043.985) CPU: x64 File System: NTFS -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 9 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.Heuristic.1003, C:\WINDOWS\PE_ROM.DLL, No Action By User, 1000001, 0, 1.0.40980, 0000000000000000000003EB, dds, 01263209, FAE4B4A41649BA1AAD3FA6CEA224F150, BE1D547DA66C4F5919DC7F3FF43825476E64EF8C4C8444C01140FF0F692EB633 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) PE_Rom.rar
  3. I happend to run it from a 2gb ramdisk, since I use that for /tmp and random downloads etc. Ths thread wasn't meant as requesting help anyway, I was merely helping by reporting a bug, since this loss of functionality can't have been intended.
  4. Ehhh sorry what? I think you should read the question again, you don't make any sense. 1) Unsupported why? it's a disk, any other apps can run stored in it. 2) The EULA does not say anything about storing and running the mbar exe from a Ramdisk, what are you talking about? Do you even know what's a ramdisk?
  5. Seems it doesn't like to run from a ramdisk: Moving the folder over to the desktop runs fine after that.
  6. Custom app I made and UPX'ed, detected as "Trojan.Banker". Same code compiled with a later version of development suite does not trigger. VT: https://www.virustotal.com/en/file/72489d9927495aaa6002251064b6ab8208ea3612b1ea9c69162e0e60ef0c78c1/analysis/1403948931/ FIle: https://mega.co.nz/#!n9ASnSAY!OnzMeVSXp_W9V19-WA9eo0Xz7ZVbEQGB2ce36Ufx0u8 I have the source code for this app, although it's probably irrelevant seeing as new compiler generated exe does not trigger. Log: Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 2014-Jun-28Scan Time: 11:56:00Logfile: fp log.txtAdministrator: YesVersion: 2.00.2.1012Malware Database: v2014.06.28.01Rootkit Database: v2014.06.23.02License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: HimekoScan Type: Custom ScanResult: CompletedObjects Scanned: 406186Time Elapsed: 2 min, 2 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: WarnPUM: WarnProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 0(No malicious items detected)Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 1Trojan.Banker, C:\Apps Code\Aion mouse event\Win32\Release\old idle.exe, No Action By User, [6b7fe19ac4b756e0f465c73ced1407f9],Physical Sectors: 0(No malicious items detected)(end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.