nitrousable
Honorary Members-
Posts
97 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by nitrousable
-
I do not advise you to follow the link in unsandboxed environment hxxp://www.geeksday.tk/2016/05/blog-post.html It links to a fake looking youtube player window which is in fact just a picture. If it' s not a virus it seems rather pointless. Can someone knowledgeable confirm whether this is safe or not? I want know if I could have been infected or not
-
Yes, that is correct although I didn't reboot. And the scan finished 30 minutes before that driver was created. Thanks for clarifying!
-
Not sure why it didn't attach the file in my previous post. Here it is mbvc.zip
-
Attached the file below
-
RogueKiller has detected this file upon the most recent scan. It was created on 5th March in drivers folder. If you look at the digital signature it links to malware bytes however upon running a google search on mbvc.sys I didn't find any evidence that this driver actually belongs to MBAM. Can someone verify please? Some screenshots of the file properties http://puu.sh/nyBRM/0d2fcf8bb3.png http://puu.sh/nyBSv/18600e6404.png http://puu.sh/nyBSI/276f1f1831.png
-
It's literally bombarding me with these pop ups when I use chrome...
-
These IPs belong to google. Why is it blocking them?
-
Why is it blocking these IPs when I am using chrome?
-
The tool ran fine so I guess we're good... I ought to tell you that Garena died since yesterday, it didn't autorun as it was supposed to. Even the entry in control panel program list is gone so I had to uninstall it manually through uninstaller. It's probably nothing, the fixing tool probably affected it in a way but thought I'd inform you about every detail just in case.. So I guess my PC is clean afterall thanks to you Kevin. I would have donated but I bought a new GPU 2 days and kinda broke. Thanks again
-
No issues except for my ever-present paranoia which is the biggest issue of them all haha Online Scanner showed nothing. Rogue Service could be a possibility, that would explain why MBAM showed no process with the block. But no Antivirus Software seem to be able to detect it. It's the very first time something like this happens to me, I had outbound blocks before made by svchost.exe when I had P2P programs running but never a "processless" block. Is there something else we could do or it's as far as we can go? Thank you
-
It's all good, thank you. The scan is currently at 16%. Pretty slow so should be done in few hours time. I only visited that gamebomb site once, I had to download a game patch from there. I haven't ever used it since. I actually already removed the exclusion. But I still don't see how it would relate to that chinese IP block. Anyway, gonna report the results tomorrow. Thank you for you help so far
-
These exclusions are legit, I set them myself. Okay so I did the fixing thing and when the process began I got a UAC prompt. rundll.exe wanted to do something with Garena.exe. I assumed it was a part of the fixing process so I pressed yes. After restart all my Chrome settings including extensions got reset and I had to relogin on every website again. I also had to re enable rootkit scans in MBAM although I remember having them on. Not sure when rootkitscan got disabled .All the logs are provided below. Regarding RogueKiller detection: I use this program to record Skype. JRT.txt AdwCleanerS1.txt Fixlog.txt log.txt RKreport_SCN_05242015_225646.log
-
daledoc1 advised to create a thread here and I'm doing just that. I was playing a multiplayer game (Dota 2) and then a warning from mbam popped up informing me about blocking 114.80.100.205 IP address through 137th port but no process was attached to this event. I checked the logs and there is nothing in there just the timestamp, IP and port. I don't understand what is happening, I ran scans with ESET Smart Security, MBAM, RogueKiller and nothing suspicious was found. I could really use some expert advice in this situation. Thanks log.txt Addition.txt FRST.txt CheckResults.txt