Jump to content

Suggestion


Recommended Posts

Now with manual scan of archived RAR file I see that, MB scan 1 file only. In archive are 9 files... + settings of deep level scan up to 10 levels. And please add

malwarebytes.org/forums/index.php?act=attach&type=post&id=6166

to signature update.

Edited by AdvancedSetup
Removed hyperlink to possibly infected file - please do not directly link to infected files in this forum
Link to post
Share on other sites

Thanks the one file is detected: sysmon.exe backdoor.bot, but the main by autorun.inf is winhost.exe still MB miss them :lol: Just like your product, like the type of the work, that you do and try to help. And say that is not detected when extract the viruses too.

****\RECYCLER\RECYCLER\S-51-9-25-3434476501-1644491960-601003312-1214\sysmon.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

[autorun]
;hh333hhhfdf777
open=RECYCLER\S-51-9-25-3434476501-1644491928-601013333-1214\winhost.exe
;hh88h3333hfdfd777
icon=%windir%\system32\SHELL32.dll,4
;df8888h3333hhhfd77
action=Open folder to view files
;df8888hh3333hhhhf7
shell\open=Open
;dh88888h3333hhhf2777
shell\open\command=RECYCLER\S-51-9-25-3434476501-1644491928-601013333-1214\winhost.exe
;dfd888hh3333hhhfdf977
shell\open\default=1

p.s. Will code the direct links, 10x.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.