Jump to content

Einstein

Experts
  • Content Count

    138
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Einstein

  • Rank
    Advanced Member
  • Birthday 09/13/1979

Contact Methods

  • Website URL
    http://www.linhadefensiva.org
  • ICQ
    0

Profile Information

  • Location
    Sao Paulo, Brazil
  1. Rest in peace Matt :'(

  2. nosirrah, Anything new on it? IRPF is quite popular in Brazil, installed on million of machines. I think it's good to fix it ASAP. If you want I can try to install it and generate the developers log.
  3. Yeah, I know, but for me it's impossible to create this log on the user's machine. I saw it in a log on a forum: http://forum.clubedohardware.com.br/showpo...amp;postcount=1
  4. I haven't the files here, but MBAM are flagging some legitimate files belongs to IRPF, the brazilian IRS: C:\Arquivos de programas\Programas SRF\IRPF2006\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully. C:\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully. C:\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully. D:\Backup\Arquivos de programas\Programas SRF\IRPF2003\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully. D:\
  5. Congratulations Malwarebytes and Merijn!!!!
  6. Hello guys, I reported this false positive to PDM Team of Kaspersky, cause is a generic detection of the heuristic. I installed MBAM a few minutes ago and nothing was detected here (using KAV 2010). If the detection still persists, please warn me
  7. Congratulations to all team for this great effort!
  8. Sorry, I'll do in the next report. Thanks a lot!
  9. It's true. In the first log, this entrances are from GBPlugin used by brazilian bank Unibanco. This is the legit files of this plugins: gbiehuni.dll Tamanho: 368640 bytes MD5: 7b175796380360b0ae0d020c330f2045 C:\Arquivos de programas\GbPlugin\gbiehuni.dll uni.gpc Tamanho: 33312 bytes MD5: 6833c0cd3ace03108d957313b9e00408 C:\Arquivos de programas\GbPlugin\uni.gpc O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanc
  10. GT500: Brazilians users have reported the same freezing in full scans: http://www.linhadefensiva.org/forum/index....showtopic=89105 The topic you refer only works with 1.32 version, not with 1.33. If you try what is described in the topic, appears the mesage: "The database that you're using its not supported in this version. Download and install the lastest version"
  11. Happy New Year to all members and visitants for Malwarebytes!
  12. And this is the detected file: domino.exe password: mbam Best Regards,
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.