Jump to content

Utomo

Honorary Members
  • Posts

    82
  • Joined

  • Last visited

Everything posted by Utomo

  1. But that ones is the official tools from mikrotik right ? and why blocking all the website instead just the tools ?
  2. please check if it is true or not mikrotik.co.id Website blocked due to riskware Thank you
  3. Hello I got renewal remider. but we did not need to renew it/ want to stop the auto renewal. but when we reply the email it show support@mail.malwarebytes.com Delivery has failed to these recipients or groups: support@mail.malwarebytes.com (support@mail.malwarebytes.com) The recipient's mailbox is full and can't accept messages now. Please try resending your message later, or contact the recipient directly. please check the mailbox and also disable the autorenewal for the 10 malwarebytes Thank you Utomo Prawiro
  4. please check optimis.bogorkab.go.id blocked due to trojan Thank you
  5. klikpajak.id Website blocked due to trojan please check Thank you
  6. please check Koi.com Blocked Website blocked due to phishing Thank you
  7. when I try to open simba.baznas.go.id I got message Website blocked due to phishing please check. Thank you
  8. when I open https://www.apreltech.com/Contact it blocked with Website blocked due to trojan is this real or false ?
  9. each time I try to download files from solidfiles malwarebytes block it this is the example https://www.solidfiles.com/v/dVgmDgajaPRBx (still No warning) http://www.solidfiles.com/v/4yZeyqnAqDyZQ and others but after we click download malwarebytes block it (with or without browser extension all blocked). please check if this is real or not ? Thank you
  10. some website blocked by Malwarebytes premium. please check if it is True Trojan or False some of them : indomaret.co.id https://www.barcoderesource.com/index.shtml and others Thank you
  11. How to Remove SETO Ransomware? we try Malwarebytes but it did Not catch the ransomware. Thank you
  12. many times we have pop up with malware, trojan or other security attack. example : click the download. it will pop up , click another (as we need to click many times before get the files) it will pop up another site How about adding features so we can just block the pop up domain ? after we see it dangerous click download popup with malware.txt
  13. I check using virustotal and I can not find any problems
  14. I try to open fast-report.com but Malwarebytes block it please check it as they say they already check and can not find any problems on their side is this false positive ? Thank you
  15. have malwarebytes tested on many filesharing where many Malware, Trojan, Hijack and others available ? I attach sample URL for test. some file sharing have many pop up when we click download and some already detected by malwarebytes I hope malwarebytes collect more from file sharing sites sample.txt
  16. Can you explain more what is the warning ? I think it is good if Malwarebytes can have browser extension to improve the security. example : when we open https://businessguideoffer .com and others sometime we got some attack example from website above is coinhive we need to stop this kind of malware before infect our computer
  17. I want to use new dupeguru from https://dupeguru.voltaicideas.net/ After original author stop developing it. when I check using Virus total I got this But when I check the files using Malwarebytes premium I did not get anything This is the files I test it (Windows 64 bit) https://download.hardcoded.net/dupeguru_win64_4.0.3.exe Please check, is this real ? Thank you
  18. +1 for custome block list I think it can be safer for us. as many hacker try to trick us using more and more advanced technique also better if we can consider block IP Range too
  19. Not enough. until now Malwarebytes can not catch all. some are catch by the antivirus I use both
  20. Thanks. But I am afraid if it spread to my computer and I found some security risk which is not detected by malwarebytes as I report above I hope Malwarebytes can improve it
  21. Here is the result of roguekiller. Malwarebytes say it is clean RogueKiller V12.11.26.0 (x64) [Nov 27 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : Utomo [Administrator] Started from : C:\Users\Utomo\Desktop\1 Malware\RogueKiller_portable64.exe Mode : Scan -- Date : 12/01/2017 08:45:10 (Duration : 00:52:28) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 19 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found [PUM.HomePage] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID -> Found [PUM.HomePage] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{949ac5bc-9ec3-49f6-97b3-c55ca812b79f} | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][]) -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {652DC0A2-2827-42AE-8BC0-04DA783EF0F2} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE|Name=LogiOptionsMgr.EXE|Desc=LogiOptionsMgr.EXE| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0CAC408E-97DE-4826-9697-9BC8BBDAEAB4}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{02CD1A1E-43FA-482A-8C69-289ABEBE157E}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [PUM.StartMenu] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: SanDisk SDSSDXPS240G ATA Device +++++ --- User --- [MBR] 062f1eb9b84f2f9fa0cbb815a3b5e45b [BSP] 82e17c3ce24a84f2dc71685fede2f183 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 228129 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467929088 | Size: 453 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ST2000DL003-9VT166 ATA Device +++++ --- User --- [MBR] 14c6c1ef3409c91ced7b28ee8b276abd [BSP] 967d54c8bc65d1de44c3f32234b4dfe1 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 199899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409804800 | Size: 1707628 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  22. I found shortcut Malware from Flashdisk. malwarebytes already clean it. and I already format the flashdisk. I see a suspicious shortcut I never create it I am not sure that my computer is safe or infected. I already scan it and clean (using malwarebytes premium and Norton 360, all are updated) I also check using rkill and roguekill. any other tools I need to use to make sure that all clean ?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.