Jump to content

yehuda

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

 Content Type 

Everything posted by yehuda

  1. yehuda
    MBAM detected it today as Trojan.Agent. https://www.virustotal.com/en/file/ae724e3f062de36dbcfbbd3067270b046cf14b40c88a0dfeefb7a4f0bc2c5fa5/analysis/1434188812/ scan log.txt AirDroid_Desktop_Client_3.0.2.zip
  2. yehuda
    Thanks
  3. yehuda
    Looks like a FP to me. I have attached the .exe file (VirusTotal analysis) and MBAM log file.
  4. yehuda
    Why is it blocked? It hosts a legit Israeli K12 app.
  5. yehuda
    I also have it on a bunch of computers. Glad to hear you've had no problems. Thanks!
  6. yehuda
    I understand MBAE can interfere with Java based desktop applications. The CrashPlan backup client for Windows is a heavy application that uses Java. Should I expect issues? Thanks.
  7. yehuda
    Thanks.
  8. yehuda
    Files attached files.zip
  9. yehuda
    Sure, I'll get the log.
  10. yehuda
    This file installs a driver for a USB card reader. I can't get it to run with Malwarebytes on. To reproduce Run the installer, click Next, Next, Install. The following message pops up and the installer quits with a warning. My analysis The file Service.dll is created by the installer. It exists for a short time period before being deleted (even MBAM is unable to quarantine it). I believe its role is to do some pre-install checks. Seems the file is not part of the installer's internal file archive because I was unable to retrieve it with MSI unpackers. The file's lifetime is visible on Sysinternals Resource Monitor. I couldn't isolate the file by myself. Other remarks The MSI file is reported clean on VirusTotal but if you go to the Additional Information tab it says "Last Saved By: DavidHacker" which doesn't exactly inspire confidence. Hope you guys are able to isolate Service.dll and confirm it is a FP. Thanks
  11. yehuda
    Thanks
  12. yehuda
    My heart skipped a beat this afternoon as MBAM auto-scan quarantined this file from the recycle bin. I had to go through some trouble to retrieve it since "Restore" puts the file in the same inaccessible location. I would recommend adding a "Restore To..." button. VirusTotal analysis suggests it is a False Positive. No idea what this file is. https://www.virustotal.com/he/file/856023513a71727071da758e95ef3f87ace0632fe7cec06f81d7cdcf4bfc4343/analysis/1386169163/ File attached (password: infected)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.