Jump to content
Sign in to follow this  
MaB69

Database 318

Recommended Posts

Hi,

Malwarebytes' Anti-Malware 1.02

Version de la base de donn

Share this post


Link to post
Share on other sites
Please start mbam with following command line.

mbam.exe /developer

Run a scan and post the log.

Hi Marcin,

Here is what you requested :

C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe (Rogue.Multiple) -> No action taken. [HASH=Rogue.Multiple, 1c58b6ee4cb9561e81095b76656a2ef9]

Share this post


Link to post
Share on other sites

I am almost 100% certain that this file is a FP through definition collision .

Could you please zip and upload that file here ? It would help out a lot .

ZIp the file and use the browse button to find and attach the file to your next post .

Share this post


Link to post
Share on other sites
I am almost 100% certain that this file is a FP through definition collision .

Could you please zip and upload that file here ? It would help out a lot .

ZIp the file and use the browse button to find and attach the file to your next post .

Hi nosirrah,

Right now i'm at work for the next eight hours, i will do what you requested when i will go back at home

Regards,

MaB

Share this post


Link to post
Share on other sites

This is a case of misused files , the rogue family (5 of them in total) all use the same file to install .

Since this is an uninstaller being flagged it makes sense , likely uses the same engine to move files and change the registry .

Next update will have it removed .

Share this post


Link to post
Share on other sites
This is a case of misused files , the rogue family (5 of them in total) all use the same file to install .

Since this is an uninstaller being flagged it makes sense , likely uses the same engine to move files and change the registry .

Next update will have it removed .

Nice ;)

MaB

Share this post


Link to post
Share on other sites

It's pretty sad. Bruce came to me and told me we may have a file collision (MD5 collisions are very very very rare over 100kb). Anyway, I told him - impossible and that I wanted proof. I put both files on my desktop (one a rogue uninstaller, one your file). I look at them .. file size, MD5, SHA-1, CRC32 all matched.

Turns out its a multi purpose uninstaller and that rogues use the same one ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.