-
Posts
138 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Einstein
-
-
Translation attached
-
In progress
-
One question: you left lines 29, 109, and 253 alone (registrar instead of activar?). Did you mean to do this? Thanks,
for this case "registrar" sounds better than "ativar"
-
Translations attached
-
In progress
-
Rest in peace Matt
-
New version updated with lines 276 and 277 attached
-
File attached
-
ongoing
-
-
This is the translation of MBAM to Brazilian Portuguese
-
nosirrah,
Anything new on it?
IRPF is quite popular in Brazil, installed on million of machines. I think it's good to fix it ASAP.
If you want I can try to install it and generate the developers log.
-
Yeah, I know, but for me it's impossible to create this log on the user's machine. I saw it in a log on a forum:
http://forum.clubedohardware.com.br/showpo...amp;postcount=1
-
I haven't the files here, but MBAM are flagging some legitimate files belongs to IRPF, the brazilian IRS:
C:\Arquivos de programas\Programas SRF\IRPF2006\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Backup\Arquivos de programas\Programas SRF\IRPF2003\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Backup\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Backup\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Backup\Arquivos de programas\Programas SRF\IRPF2006\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
You can download the lastest version of the program here:
http://www.receita.fazenda.gov.br/PessoaFi...d-programas.htm
-
-
Congratulations Malwarebytes and Merijn!!!!
-
Hello guys, I reported this false positive to PDM Team of Kaspersky, cause is a generic detection of the heuristic.
I installed MBAM a few minutes ago and nothing was detected here (using KAV 2010).
If the detection still persists, please warn me
-
Congratulations, Pieter!
-
Congratulations to all team for this great effort!
-
make sure to remind all guests with potential FPs to generate a dev log with the instructions
Sorry, I'll do in the next report.
resolved in next update .Thanks a lot!
-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uni.gpc (Trojan.Agent) -> No action taken.
Valores do Registro infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uni.gpc (Trojan.Agent) -> No action taken.
Arquivos infectados:
C:\WINDOWS\Downloaded Program Files\uni.gpc (Trojan.Agent) -> No action taken.
It's true. In the first log, this entrances are from GBPlugin used by brazilian bank Unibanco. This is the legit files of this plugins:
gbiehuni.dll
Tamanho: 368640 bytes
MD5: 7b175796380360b0ae0d020c330f2045
C:\Arquivos de programas\GbPlugin\gbiehuni.dll
uni.gpc
Tamanho: 33312 bytes
MD5: 6833c0cd3ace03108d957313b9e00408
C:\Arquivos de programas\GbPlugin\uni.gpc
O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlug...GbPluginUni.cab
O20 - Winlogon Notify: GbPluginUni - C:\Arquivos de programas\GbPlugin\gbiehuni.dll
----------
Chaves do Registro infectadas:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c41a1c0e-ea6c-11d4-b1b8-444553540003} (Trojan.BHO) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{c41a1c0e-ea6c-11d4-b1b8-444553540003} (Trojan.BHO) -> Not selected for removal.
In the second log, this entrances too are legitime. Belongs to internet banking plugin of Caixa.
This is the legit files of this plugins:
cef.gpc
Tamanho: 64431 bytes
MD5: 1D224338D4BB9A5B15D46496BBD5056D
C:\Arquivos de programas\GbPlugin\cef.gpc
gbiehcef.dll
Tamanho: 366672 bytes
MD5: 285176E4BC7D6778D9740E69BC584302
C:\Arquivos de programas\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll
O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehcef.dll
Marcin/Bruce, please review this false positive.
-
GT500:
Brazilians users have reported the same freezing in full scans:
http://www.linhadefensiva.org/forum/index....showtopic=89105
The topic you refer only works with 1.32 version, not with 1.33.
If you try what is described in the topic, appears the mesage:
"The database that you're using its not supported in this version. Download and install the lastest version"
-
Happy New Year to all members and visitants for Malwarebytes!
-
Merry Christmas to all!!!!
Malwarebytes Anti-Malware 1.65 Beta
in Malwarebytes Anti-Malware 1.65 Beta Test
Posted
Guys,
A small issue in the tab "Protection" on Brazilian Portuguese language, please check:
http://i49.tinypic.com/34yuu4l.jpg