Jump to content

Utomo

Members
  • Content Count

    66
  • Joined

  • Last visited

Everything posted by Utomo

  1. have malwarebytes tested on many filesharing where many Malware, Trojan, Hijack and others available ? I attach sample URL for test. some file sharing have many pop up when we click download and some already detected by malwarebytes I hope malwarebytes collect more from file sharing sites sample.txt
  2. Thank you Exile360 I will wait for tomorrow.
  3. Can you explain more what is the warning ? I think it is good if Malwarebytes can have browser extension to improve the security. example : when we open https://businessguideoffer .com and others sometime we got some attack example from website above is coinhive we need to stop this kind of malware before infect our computer
  4. I want to use new dupeguru from https://dupeguru.voltaicideas.net/ After original author stop developing it. when I check using Virus total I got this But when I check the files using Malwarebytes premium I did not get anything This is the files I test it (Windows 64 bit) https://download.hardcoded.net/dupeguru_win64_4.0.3.exe Please check, is this real ? Thank you
  5. +1 for custome block list I think it can be safer for us. as many hacker try to trick us using more and more advanced technique also better if we can consider block IP Range too
  6. Not enough. until now Malwarebytes can not catch all. some are catch by the antivirus I use both
  7. Thanks. But I am afraid if it spread to my computer and I found some security risk which is not detected by malwarebytes as I report above I hope Malwarebytes can improve it
  8. Here is the result of roguekiller. Malwarebytes say it is clean RogueKiller V12.11.26.0 (x64) [Nov 27 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : Utomo [Administrator] Started from : C:\Users\Utomo\Desktop\1 Malware\RogueKiller_portable64.exe Mode : Scan -- Date : 12/01/2017 08:45:10 (Duration : 00:52:28) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 19 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found [PUM.HomePage] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID -> Found [PUM.HomePage] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{949ac5bc-9ec3-49f6-97b3-c55ca812b79f} | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][]) -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {652DC0A2-2827-42AE-8BC0-04DA783EF0F2} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE|Name=LogiOptionsMgr.EXE|Desc=LogiOptionsMgr.EXE| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0CAC408E-97DE-4826-9697-9BC8BBDAEAB4}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{02CD1A1E-43FA-482A-8C69-289ABEBE157E}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [PUM.StartMenu] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: SanDisk SDSSDXPS240G ATA Device +++++ --- User --- [MBR] 062f1eb9b84f2f9fa0cbb815a3b5e45b [BSP] 82e17c3ce24a84f2dc71685fede2f183 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 228129 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467929088 | Size: 453 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ST2000DL003-9VT166 ATA Device +++++ --- User --- [MBR] 14c6c1ef3409c91ced7b28ee8b276abd [BSP] 967d54c8bc65d1de44c3f32234b4dfe1 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 199899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409804800 | Size: 1707628 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  9. I found shortcut Malware from Flashdisk. malwarebytes already clean it. and I already format the flashdisk. I see a suspicious shortcut I never create it I am not sure that my computer is safe or infected. I already scan it and clean (using malwarebytes premium and Norton 360, all are updated) I also check using rkill and roguekill. any other tools I need to use to make sure that all clean ?
  10. Thank you. Beside miner malware which stealing our coisn is more dangerous I read few article where it change the wallet address when copy paste the clipboard
  11. Now many Hacker targetting Bitcoin / Cryptocurrency. as it can make Big money Some try to Install malware in our computer such as https://www.cylance.com/en_us/blog/threat-spotlight-cryptocurrency-malware.html I hope malwarebytes pay more attention to this kind of malware
  12. Thank you. I found this https://blog.malwarebytes.com/puppum/2016/08/pup-friday-mackeeper/
  13. Website blocked by Malwarebytes. but Virustotal say No problem example : www.mackeeper.com any explanation about this ? Thank you
  14. Add features to send files to malwarebytes, if we suspect that the files maybe virus/ malware with easily from inside the malwarebytes
  15. Yes sometimes too many pop up warning is not good. Give easy option to hide it but the protection still running
  16. Any plan to acquire other tools ? so we can use less tools to handle malware right now sometimes we need to use different tools
  17. Malwarebytes block website. but other scanner did not find problems the website bitconnect.co I check using www.virustotal.com and https://sitecheck.sucuri.net/ and I did not find the problems, anybody can explain why and what is the solution ? Thank you
  18. I try to search for secure browser and I found this http://www.techworld.com/security/best-8-secure-browsers-3246550/ anybody know which browser is more secure from Malware ? so when we visit pages/ website which have malware we have lowest threat Thanks
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.