Jump to content

DragonMaster Jay

Honorary Members
  • Content Count

    380
  • Joined

  • Last visited

Community Reputation

0 Neutral

1 Follower

About DragonMaster Jay

  • Rank
    True Member
  • Birthday 04/08/1989

Recent Profile Visitors

16,309 profile views
  1. Hi! Wanted to ask if you can also study the app "ai.type" - as I have collected information regarding it on my device. It is popping up in a browser window sent through Linux browser (AKA the Android System Webview) during/after Google Play apps update; however, ai.type does not appear to be using Batmobi - even though they are sending analytics and ad association data 40-60 times/minute. They do use Adjust.io ad kit, however, and decided to communicate data with the server just before launching popup on test device. They used spoofed app ID "com.apalon.myclockfree" with referrer fro
  2. You are most welcome! :) I hope it was great!

  3. Happy Belated Birthday!

  4. Last name Ever...first name Greatest!

  5. Sad to hear indeed. He worked on my site a bit, and I will say that he was a very hard worker. Hope you all get through this.
  6. You seem to misunderstand the importance of this file, and what could happen if you change the internal assembly to a write code. If you add write features to this sample virus code, it will not be pretty to your OS. The fact that you can do an Assembly code analysis, as I did above, proves that the researchers whom designed it, were specifically aiming for what real virus code would look like. If you do an analysis (if you know Assembly code) of this file, you will realize it has all that is needed to implement a real virus. It contains an instruction pointer, a stack pointer, a data string,
  7. I've been told the reason AVs will detect it is for normal users to test the responsiveness of their real-time protection. Also, you can stick it in a zip folder or similar format, and see if the antivirus will still detect it, no matter if it is in a compressed file or not. Dumped EICAR test file in debugger:
  8. Hmm.. Can someone else try, or can TM be disabled temporarily. That is expected behavior, it is supposed to freeze before it can be saved.
  9. Place the string in to Notepad, press Save, choose Save as type.. All files, and name it eicar.com Once saved, MBAM should recognize it immediately.
  10. Any chance you can test with realtime real quick. I don't have the pro version anymore. String: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
  11. Good. Just the EICAR test file is a standard in AV software, and even though MBAM is not AV, I still think it should add the sig for the file.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.