Utomo

Thank you for everybody especially who solve the problem. please try to investigate what happend so it did not have problem again in future and also we are all safe in future.

But that ones is the official tools from mikrotik right ? and why blocking all the website instead just the tools ?

please check if it is true or not mikrotik.co.id Website blocked due to riskware Thank you

OK thank you

Hello I got renewal remider. but we did not need to renew it/ want to stop the auto renewal. but when we reply the email it show support@mail.malwarebytes.com Delivery has failed to these recipients or groups: support@mail.malwarebytes.com (support@mail.malwarebytes.com) The recipient's mailbox is full and can't accept messages now. Please try resending your message later, or contact the recipient directly. please check the mailbox and also disable the autorenewal for the 10 malwarebytes Thank you Utomo Prawiro

please check optimis.bogorkab.go.id blocked due to trojan Thank you

klikpajak.id Website blocked due to trojan please check Thank you

please check Koi.com Blocked Website blocked due to phishing Thank you

when I try to open simba.baznas.go.id I got message Website blocked due to phishing please check. Thank you

when I open https://www.apreltech.com/Contact it blocked with Website blocked due to trojan is this real or false ?

each time I try to download files from solidfiles malwarebytes block it this is the example https://www.solidfiles.com/v/dVgmDgajaPRBx (still No warning) http://www.solidfiles.com/v/4yZeyqnAqDyZQ and others but after we click download malwarebytes block it (with or without browser extension all blocked). please check if this is real or not ? Thank you

Thank you. solved. please close

some website blocked by Malwarebytes premium. please check if it is True Trojan or False some of them : indomaret.co.id https://www.barcoderesource.com/index.shtml and others Thank you

How to Remove SETO Ransomware? we try Malwarebytes but it did Not catch the ransomware. Thank you

many times we have pop up with malware, trojan or other security attack. example : click the download. it will pop up , click another (as we need to click many times before get the files) it will pop up another site How about adding features so we can just block the pop up domain ? after we see it dangerous click download popup with malware.txt

I check using virustotal and I can not find any problems

I try to open fast-report.com but Malwarebytes block it please check it as they say they already check and can not find any problems on their side is this false positive ? Thank you

have malwarebytes tested on many filesharing where many Malware, Trojan, Hijack and others available ? I attach sample URL for test. some file sharing have many pop up when we click download and some already detected by malwarebytes I hope malwarebytes collect more from file sharing sites sample.txt

Thank you Exile360 I will wait for tomorrow.

Can you explain more what is the warning ? I think it is good if Malwarebytes can have browser extension to improve the security. example : when we open https://businessguideoffer .com and others sometime we got some attack example from website above is coinhive we need to stop this kind of malware before infect our computer

I want to use new dupeguru from https://dupeguru.voltaicideas.net/ After original author stop developing it. when I check using Virus total I got this But when I check the files using Malwarebytes premium I did not get anything This is the files I test it (Windows 64 bit) https://download.hardcoded.net/dupeguru_win64_4.0.3.exe Please check, is this real ? Thank you

+1 for custome block list I think it can be safer for us. as many hacker try to trick us using more and more advanced technique also better if we can consider block IP Range too

Not enough. until now Malwarebytes can not catch all. some are catch by the antivirus I use both

Thanks. But I am afraid if it spread to my computer and I found some security risk which is not detected by malwarebytes as I report above I hope Malwarebytes can improve it

Here is the result of roguekiller. Malwarebytes say it is clean RogueKiller V12.11.26.0 (x64) [Nov 27 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : Utomo [Administrator] Started from : C:\Users\Utomo\Desktop\1 Malware\RogueKiller_portable64.exe Mode : Scan -- Date : 12/01/2017 08:45:10 (Duration : 00:52:28) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 19 ¤¤¤ [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found [PUM.HomePage] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID -> Found [PUM.HomePage] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{949ac5bc-9ec3-49f6-97b3-c55ca812b79f} | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-]) -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][]) -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {652DC0A2-2827-42AE-8BC0-04DA783EF0F2} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE|Name=LogiOptionsMgr.EXE|Desc=LogiOptionsMgr.EXE| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0CAC408E-97DE-4826-9697-9BC8BBDAEAB4}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{02CD1A1E-43FA-482A-8C69-289ABEBE157E}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found [PUM.StartMenu] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found [PUM.StartMenu] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: SanDisk SDSSDXPS240G ATA Device +++++ --- User --- [MBR] 062f1eb9b84f2f9fa0cbb815a3b5e45b [BSP] 82e17c3ce24a84f2dc71685fede2f183 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 228129 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467929088 | Size: 453 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: ST2000DL003-9VT166 ATA Device +++++ --- User --- [MBR] 14c6c1ef3409c91ced7b28ee8b276abd [BSP] 967d54c8bc65d1de44c3f32234b4dfe1 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 199899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409804800 | Size: 1707628 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK