Jump to content

nosirrah

Staff
  • Content Count

    5,487
  • Joined

  • Last visited

Everything posted by nosirrah

  1. Without more to go on it is very hard to say. I would need a scan log and the file detected to look into this further.
  2. Due to increasing requests for Malwarebytes to take a more aggressive stance against Potentially Unwanted Programs (PUPs) we have done exactly this, you can read our official statement here: https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ If you believe your program is incorrectly classified based on the following criteria www.malwarebytes.com/pup, please contact pup AT malwarebytes DOT com. We will provide you with a questionnaire to help us evaluate your request. Only questions submitted to this email address will be reconsidered.
  3. This will be fixed in the next update.
  4. Please zip and attach a copy of the detected file.
  5. This has been fixed since the scan dates in these scan logs.
  6. Another update, another completely undetected morph. SHA256: c7573652f01f76cb5be862f801bea40c575aea0b47036cbd8b1e77575f2d3222 SHA1: 301afeb406a15eec3fdcbeefa5b4f2fb59e7319c MD5: 24cea1fd12e4c9c99b6d0779dc923895 File size: 107.0 KB ( 109568 bytes ) File name: E:\Downloads\0.2792156623630775.exe File type: Win32 EXE Detection ratio: 0 / 41 Analysis date: 2012-08-03 21:37:45 UTC ( 0 minutes ago ) AhnLab-V3 - 20120803 AntiVir - 20120803 Antiy-AVL - 20120803 Avast - 20120803 AVG - 20120803 BitDefender - 20120803 ByteHero - 20120723 CAT-QuickHeal - 20120803 ClamAV - 20120803 Commtouch - 20120803
  7. this is going to be the final update as detection from for the initial sample has stopped increasing here is the current detection for the most recent mutation from the same source used for ever sample in this test SHA256: f29f814dad85613698b668833c48f8b4635c6a88b56a4660c050fa1406792f66 SHA1: 1c9914e8b847de1c57e509890b81fd7539c5cbea MD5: 5dded97297d4ebdc3b28c3a6eacfed59 File size: 944.0 KB ( 966669 bytes ) File name: E:\Downloads\scandsk(405).exe File type: Win32 EXE Detection ratio: 1 / 41 Analysis date: 2012-08-03 15:56:51 UTC ( 1 minute ago ) AhnLab-V3 - 20120803 AntiVir - 20120803 Anti
  8. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify Notify here means that if they were to be turned off, windows would not warn you. This is likely because MSE has taken over this role. Set these detections to ignore if you do not wish to see them again.
  9. This is the easiest update yet, absolutely no detections at all from the same source. SHA256: 32a2a2dec04e9868403a884961fbdbf10d2e02a4b86806073349c82cf6defb09 SHA1: c0c9b59979eb2c8d9564157dda31a610332f6582 MD5: 22d30e771bf5d47e97c45c4392186674 File size: 217.4 KB ( 222625 bytes ) File name: E:\Downloads\0.892491262712407.exe File type: Win32 EXE Detection ratio: 0 / 41 Analysis date: 2012-08-01 05:11:24 UTC ( 1 minute ago ) AhnLab-V3 - 20120731 AntiVir - 20120801 Antiy-AVL - 20120801 Avast - 20120731 AVG - 20120731 BitDefender - 20120801 ByteHero - 20120723 CAT-QuickHeal - 20120801 ClamAV
  10. another update today, first the initial sample that is now 2 weeks obsolete SHA256: e0dc4d79d2c5a5c2fb1d9107b1c5f817c589c195f1b8fbbcaa64847b73c3cc78 SHA1: a352cb3a4327634d599911ea3d9e095950b2371b MD5: c4b357b6b09b35c6784319b5a27914e8 File size: 810.5 KB ( 829965 bytes ) File name: E:\Downloads\scandsk(309).exe File type: Win32 EXE Detection ratio: 32 / 41 Analysis date: 2012-07-30 21:13:24 UTC ( 0 minutes ago ) AhnLab-V3 Trojan/Win32.Inject 20120730 AntiVir DR/Delphi.Gen 20120730 Antiy-AVL Trojan/Win32.Inject.gen 20120727 Avast Win32:Trojan-gen 20120730 AVG Generic28.CGSU 20120730 BitDe
  11. Another update today, here is the current detection for the now 13 day obsolete trojan. SHA256: e3b181e228b196dc1d57dadfce7555707090db10f239361fe11f3cedf8e49bfa SHA1: 77439b2d9932e8ca78a365e09b893d71310205a6 MD5: 8b196c4ac506ec2350ae134b5a9038d1 File size: 113.0 KB ( 115712 bytes ) File name: E:\Downloads\0.4068175439503239.exe File type: Win32 EXE Detection ratio: 30 / 40 Analysis date: 2012-07-30 20:10:11 UTC ( 1 minute ago ) AhnLab-V3 Trojan/Win32.Tdss 20120730 AntiVir TR/Alureon.FO.9 20120730 Antiy-AVL Trojan/Win32.TDSS.gen 20120727 Avast Win32:Alureon-ATW [Trj] 20120730 AVG Generic28.CI
  12. This should be fixed now.
  13. This should be fixed now.
  14. the starting sample has the same detections still but there is a new mutation today SHA256: 491654e756a30fc41987be6796b55d4c092eb826f74b11766d21dc923e81ec6a SHA1: 0dfd7e76a2287072ad83e5a888b915c145730c0d MD5: c8c6743fac59c182fb164a2cc5c5e3f8 File size: 1007.5 KB ( 1031693 bytes ) File name: E:\Downloads\scandsk(382).exe File type: Win32 EXE Detection ratio: 4 / 41 Analysis date: 2012-07-28 19:38:59 UTC ( 0 minutes ago ) AhnLab-V3 - 20120728 AntiVir - 20120728 Antiy-AVL - 20120727 Avast - 20120728 AVG - 20120728 BitDefender - 20120728 ByteHero - 20120723 CAT-QuickHeal - 20120728 ClamAV - 2012
  15. detections of the base sample have not changed but there is another mutation today SHA256: a4d0242a108bba737a609edc0599ca283b0bb03c27ae3868af427639bae6128e SHA1: 59fa3e69836660acfdbf14a7eaf9fe2c92e6100a MD5: 6b555c9775272918c8a097c2031ac295 File size: 802.5 KB ( 821773 bytes ) File name: E:\Downloads\scandsk(378).exe File type: Win32 EXE Detection ratio: 4 / 41 Analysis date: 2012-07-27 11:48:59 UTC ( 1 minute ago ) AhnLab-V3 - 20120727 AntiVir - 20120727 Antiy-AVL - 20120727 Avast - 20120727 AVG - 20120727 BitDefender - 20120727 ByteHero - 20120723 CAT-QuickHeal - 20120727 ClamAV - 201207
  16. update here are the latest updates for the original version and most recent mutation first the original sample that is now 10 days obsolete SHA256: e0dc4d79d2c5a5c2fb1d9107b1c5f817c589c195f1b8fbbcaa64847b73c3cc78 SHA1: a352cb3a4327634d599911ea3d9e095950b2371b MD5: c4b357b6b09b35c6784319b5a27914e8 File size: 810.5 KB ( 829965 bytes ) File name: E:\Downloads\scandsk(309).exe File type: Win32 EXE Detection ratio: 29 / 41 Analysis date: 2012-07-26 04:51:13 UTC ( 0 minutes ago ) AhnLab-V3 Trojan/Win32.Inject 20120726 AntiVir DR/Delphi.Gen 20120726 Antiy-AVL Trojan/Win32.Inject.gen 20120726 Ava
  17. update detection of the first sample has not changed but there is a new mutation from the same source SHA256: 2a673f1b9cb00019202a309bdebde7b462d545e3d2b71a26617ef33a351e9eca SHA1: 799e7dc50bc0bdde57ef4e56a95d6438e79b41ed MD5: 3994538f2305c45586aa675f7e4ed7f3 File size: 882.0 KB ( 903181 bytes ) File name: E:\Downloads\scandsk(371).exe File type: Win32 EXE Detection ratio: 4 / 41 Analysis date: 2012-07-26 00:16:22 UTC ( 0 minutes ago ) AhnLab-V3 - 20120725 AntiVir DR/Delphi.Gen 20120725 Antiy-AVL - 20120725 Avast - 20120726 AVG - 20120725 BitDefender - 20120725 ByteHero - 20120723 CAT-QuickH
  18. update here are the current detections for the now9 day obsolete trojan SHA256: e0dc4d79d2c5a5c2fb1d9107b1c5f817c589c195f1b8fbbcaa64847b73c3cc78 SHA1: a352cb3a4327634d599911ea3d9e095950b2371b MD5: c4b357b6b09b35c6784319b5a27914e8 File size: 810.5 KB ( 829965 bytes ) File name: E:\Downloads\scandsk(309).exe File type: Win32 EXE Detection ratio: 28 / 41 Analysis date: 2012-07-25 17:47:02 UTC ( 0 minutes ago ) AhnLab-V3 - 20120725 AntiVir DR/Delphi.Gen 20120725 Antiy-AVL Trojan/Win32.Inject.gen 20120725 Avast Win32:Trojan-gen 20120725 AVG Generic28.CGSU 20120725 BitDefender Trojan.Generic.KDV.6
  19. update current detection for the now 8 day obsolete sample SHA256: e0dc4d79d2c5a5c2fb1d9107b1c5f817c589c195f1b8fbbcaa64847b73c3cc78 SHA1: a352cb3a4327634d599911ea3d9e095950b2371b MD5: c4b357b6b09b35c6784319b5a27914e8 File size: 810.5 KB ( 829965 bytes ) File name: E:\Downloads\scandsk(309).exe File type: Win32 EXE Detection ratio: 26 / 41 Analysis date: 2012-07-24 21:37:04 UTC ( 0 minutes ago ) AhnLab-V3 Trojan/Win32.Inject 20120724 AntiVir DR/Delphi.Gen 20120724 Antiy-AVL Trojan/Win32.Inject.gen 20120724 Avast Win32:Trojan-gen 20120724 AVG Generic28.CGSU 20120724 BitDefender Trojan.Generi
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.