Jump to content

Recommended Posts

  • IP address: 104.31.86.119
  • Hostname/URL: hxxp://www.dcmembers.com

Member site for DonationCoder.com.  Hosts free software- many are AutoHotKey which you seem to get a lot of false positives for.

Protection Log

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/30/19
Protection Event Time: 2:06 PM
Log File: c14cbdec-b2f4-11e9-8448-74d435e5dae7.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.11760
License: Premium

-System Information-
OS: Windows 10 (Build 17134.285)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Trojan
Domain: www.dcmembers.com
IP Address: 104.31.86.119
Port: [12847]
Type: Outbound

(end)

 

Link to post
Share on other sites

Why?  It's just an AHK exe to touch a file and change the modification date.

You can see the thread that tells what it does here: https://www.donationcoder.com/forum/index.php?topic=4382.0

The source for the ahk is here: http://www.dcmembers.com/jgpaiva/wp-content/uploads/sites/9/CS/Touch/Touch.ahk

It is not a Trojan, and your identification of it as such is a false positive.  It's a compiled AHK for convenience only.

 

Thoughts?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.