Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About OutcastCyborg

  • Rank
    New Member

Profile Information

  • Interests
    Computer Science, Cybersecurity, Gaming, Hardware Engineering, and Software Engineering.

Recent Profile Visitors

1,041 profile views
  1. Salutations, I recently discovered of an attempted intrusion by a variant of the Kotver Trojan. You can find all of the relevant details here (this includes logs from MBAM, HitmanPRO, FSS, FRST, and Kotver itself). According to the technician assisting me, he believes it originated from an exploit ad on a web page or something similar.[1] This reinforces my initial suspicions that WinRAR is the culprit. For some time now, the application has been generating advertisements to convince you to buy a license of their product once the evaluation period has ended (AKA nagware). Malwarebytes' ha
  2. Hello, Apologies if this is the incorrect place to post this, but it is more of a hypothetical question regarding MBAE's abilities rather than a support inquiry. I recently discovered an intrusion attempt by Kotver-variant trojan. I believe I have tracked down the source, but I intend to do a follow-up on the Removal forums. Can the free version of MBAE theoretically stop an exploit from a webpage generated by an application or would that require premium?
  3. Funny you mention that, I've been using MBAE for some time now with all shields on by default. In fact, it's running right now. Does MBAE treat web pages generated by applications as a browser or would that require premium?
  4. Appreciate it! Any further recommendations to make sure this is gone for good and there are no remaining remnants?
  5. Hello, I wasn't exactly sure where it was appropriate to post this, but I believe I have stumbled upon a false positive. Upon booting my PC, MBAM's daily scan informed me of a Trojan.Kovter in AppData\Local\Temp. In response to this, I ran a deeply thorough scan using MBAM, HitmanPRO, FRST, and FSS with no detections. I also went back and verified the processes running in Process Explorer, since I regularly check what's running on my machine anyway. Nothing about my computer use has been out of the ordinary for this to occur, so I have hypothesized two possible scenarios: A) A false posit
  6. After following the clean removal process and so far everything appears to be up and running, maybe it was just a quirk with my setup. Thanks again for your assistance, OutcastCyborg
  7. Hello all, Not entirely sure what's been going on with my Malwarebytes' setup lately. I recently re-enabled MBAE to test performance with a VM I use to see if recent updates improved performance and it seems a bit better, but since I have done so for some reason MBAM is no longer functioning. I have attached screenshots which show the report from Windows Event Viewer, not entirely sure what any of the exception codes or faults mean though. If the issue is not correctable, I will just reinstall, but I am curious about the cause of said issue. The following is a list of programs I use for se
  8. After doing a little bit more digging, it appears that there could be a myriad of reasons why PIA's ruby runtime environment is flagged by MBAM's realtime protection module. According to this (https://www.privateinternetaccess.com/forum/index.php?p=/discussion/790/questions-regarding-the-backround-network-scans-of-rubyw-exe/p1) article, an alleged IT security consultant found several unusual requests to a variety of domains, which occured when not connected to the VPN. When PIA was questioned about this by the same individual he asked the following: In response to this a Tier II Technical S
  9. Thanks for the informative and to-the-point reply. I have no doubt that the shared IP Address across multiple domains is probably what's causing the issue. I downloaded the MBAM 2.0 RC and while there is no method (though I haven't delved too deep into the new interface), there was a trend that I noticed among the tooltip bubbles. Although the IP Addresses and Port numbers are dynamic, the tooltip bubble in the new interface consistently refers to a folder in "C:\Users\Chad\AppData\Local\Temp\ocr9B0.tmp\bin\rubyw.exe. Originally when I first started using PIA, that temp folder always changed
  10. Here is the protection log for today, for whatever reason the log would not upload as a file:
  11. Greetings everyone, First off let me say I am proud to be a long term user of MBAM Pro and I highly endorse, to all my colleagues, the fantastic product that the team at Malwarebytes offers to protect my PC. Secondly, apologies if this is not the correct place to post this, as this is the first time I have had to post an issue. With that out of the way, time to get down to the issue at hand: I recently purchased an annual license for Private Internet Access (PIA), a VPN service to resolve my ISPs monkey business with YouTube, twitch, and the internet in general. So far everything is fine and
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.