Jump to content

slyman14

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About slyman14

  • Rank
    New Member
  1. For info this issue appears to have now been resolved. MysteryFCM has confirmed that Asus do use this IP address and also that it will be unblocked on MBAM shortly. Please see below thread for full details / outcome: https://forums.malwarebytes.org/index.php?/topic/156550-1689511-asus-updatecheckerexe/
  2. Thanks Steven - that's great news. Really appreciate your help.
  3. Thanks for the really helpful step by step walkthrough David. The small issue I've had is that I can't seem to run C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker.exe directly in its folder. The PC seems to think about it for a moment but nothing else happens and MBAM doesn't present a blocked IP pop-up. Perhaps it can only be run in conjunction with or by another ASUS application or service? To get round this I've tried to capture the MBAM traffic block at start-up by adding Wireshark to my startup items and starting capture as soon as I could - It was certainly recording for a whil
  4. Thanks David. I have downloaded Wireshark as instructed but can't see how to start it before the exe sends the traffic and MBAM blocks it. Please see the other thread in false positives for my response / request for further help. This is the assistance I referenced above - I'm somewhat stuck! Any advice you can provide (perhaps put on the other thread) would be very gratefully received! Thanks again, Slyman14
  5. Hi Daledoc1 Thanks again for your comments, but I think the jury is still out on this to be honest.... After starting the above thread I followed your suggestion and started a further thread in the Malware Removal Forum (including all the FRST files etc). https://forums.malwarebytes.org/index.php?/topic/156488-outgoing-traffic-to-1689511-should-i-be-concerned/?hl=%2B168.95.1.1#entry875832 After I'd done this, I noticed that another user had posted the exact same problem just a few minutes before me..... https://forums.malwarebytes.org/index.php?/topic/156486-possible-infection-malware
  6. Hi hipraptor Yeah, renaming the executable has the same effect - which I think suggests it's legitimate software rather than something malicious. The question for me is that this appears to be a longstanding ASUS executable but MBAM has only very recently started blocking it's connection to 168.95.1.1. In my mind, there are likely only a few possible causes for this I) the executable has been doing this for some time and the IP has only just recently been added to the MBAM malicious website, or ii) the executable perhaps is now contacting this IP when it didn't previously (perhaps it's
  7. Hello MysteryFCM - Thanks for any assistance you can offer. It seems that a number of us are having this issue. I haven't updated the Asus software (the last modified date is 11/12/08) and from the solution / info posted by the other member on my first thread I assume the file is unchanged and has been happily sending traffic to this IP since install, but MBAM has only started objecting to this in the last few days? I am a bit of a newbie to all this but have downloaded wireshark as instructed (though it is a little overwhelming in terms of options / functionality!). The problem I'm having
  8. Hi Callie14 I posted a thread minutes after you yesterday with exactly the same problem. I see you too have an ASUS mobo / utilities...? Some kind soul seems to have solve the mystery...... See below for a solution which works for me so hopefully will for you too! https://forums.malwarebytes.org/index.php?/topic/156550-1689511-asus-updatecheckerexe/ All the best Slyman14
  9. Hello - This problem has been solved See: https://forums.malwa...i-be-concerned/ for full details. I've posted a new thread on the false positives website as this may fall into that category? https://forums.malwarebytes.org/index.php?/topic/156550-1689511-asus-updatecheckerexe/ Thanks all Slyman14
  10. Yep, brilliant, thanks Anonymous member - simply renaming the UpdateChecker.exe file solved the problem - not expecting ASUS to update any of the software on my fairly old machine now so can't imagine it will cause any problems. https://forums.malwarebytes.org/index.php?/topic/156550-1689511-asus-updatecheckerexe/ Have posted a link on the false positives forum too - I can't believe this ASUS executable (which has no doubt been installed on my PC for many years) is contacting this IP with malicious intent, and perhaps Malwarebytes need to be aware that other users will get the same warning
  11. Hello I posted a query on the Malwarebyets Anti-Malware Help Forum yesterday. It was suggested that I should post the problem experienced with FRST logs in the Malware Removal Help Forum - which I did. Links to both below for info: https://forums.malwarebytes.org/index.php?/topic/156469-newbie-question-outgoing-traffic-to-1689511-should-i-be-concerned/ https://forums.malwarebytes.org/index.php?/topic/156488-outgoing-traffic-to-1689511-should-i-be-concerned/?hl=%2B168.95.1.1 In the latter forum, there another user experiencing exactly the same problem, who posted minutes before me:
  12. Hello - I'm a bit of a newbie and was directed here from the general help forum. Sorry if I'm wasting peoples time but just trying to get to the bottom of this..... MBAM gave a pop-up warning about outgoing traffic to the above IP and blocked it. See Protection Log below for info: Malwarebytes Anti-Malware www.malwarebytes.org Protection, 05/09/2014 10:54:42, SYSTEM, SIMON-PC, Protection, Malware Protection, Starting, Protection, 05/09/2014 10:54:42, SYSTEM, SIMON-PC, Protection, Malware Protection, Started, Protection, 05/09/2014 10:54:42, SYSTEM, SIMON-PC, Protection, Malicious Website
  13. Thanks daledoc1.... the pop ups appear just once on system startup, without any browser being opened. No, I'm not using any P2P software. I installed some Adobe updates yesterday and this has only been happening since then.... is there an (ideally freeware!) utility that can be used to track the source of the traffic? If it is the Adobe software then I can stop worrying! I didn't want to post on the Malware removal forum or go through all the instructions provided re: removal when I'm not convinced I'm infected, and in all likelihood am not, but since MBAM is flagging it I thought I ought
  14. Hello - hope someone can help please? MBAM gave a pop-up warning about outgoing traffic to the above IP (and presumably blocked it?) My PC hasn't been misbehaving in any way that I've noticed and a full threat scan shows no infection. See Protection Log below for info: Malwarebytes Anti-Malware www.malwarebytes.org Protection, 05/09/2014 10:54:42, SYSTEM, SIMON-PC, Protection, Malware Protection, Starting, Protection, 05/09/2014 10:54:42, SYSTEM, SIMON-PC, Protection, Malware Protection, Started, Protection, 05/09/2014 10:54:42, SYSTEM, SIMON-PC, Protection, Malicious Website Protect
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.