Jump to content

Utomo

Honorary Members
  • Posts

    82
  • Joined

  • Last visited

Posts posted by Utomo

  1. Hello 

    I got renewal remider. but we did not need to renew it/ want to stop the auto renewal. but when we reply the email it show 

    support@mail.malwarebytes.com 

     

    Delivery has failed to these recipients or groups:

    support@mail.malwarebytes.com (support@mail.malwarebytes.com)

    The recipient's mailbox is full and can't accept messages now. Please try resending your message later, or contact the recipient directly.

    please check the mailbox and also disable the autorenewal for the 10 malwarebytes 

     

    Thank you 

     

    Utomo Prawiro 

     

     

     

     

     

     

  2. Can you explain more what is the warning ? 

    I think it is good if Malwarebytes can have browser extension to improve the security. 

    example : when we open  https://businessguideoffer .com and others sometime we got some attack 

    example from website above is coinhive we need to stop this kind of malware before infect our computer 

  3. I want to use new dupeguru from https://dupeguru.voltaicideas.net/

    After original author stop developing it. 

    when I check using Virus total I got this 

    image.thumb.png.ab818447b3430926e9efbab45db2b50d.png

    But when I check the files using Malwarebytes premium I did not get anything
    This is the files I test it (Windows 64 bit) https://download.hardcoded.net/dupeguru_win64_4.0.3.exe 

    Please check, is this real ? Thank you 

     


     

  4. Here is the result of roguekiller.  Malwarebytes say it is clean

     

    RogueKiller V12.11.26.0 (x64) [Nov 27 2017] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.16299) 64 bits version
    Started in : Normal mode
    User : Utomo [Administrator]
    Started from : C:\Users\Utomo\Desktop\1 Malware\RogueKiller_portable64.exe
    Mode : Scan -- Date : 12/01/2017 08:45:10 (Duration : 00:52:28)

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 19 ¤¤¤
    [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found
    [PUP.Gen1] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found
    [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Free Media Player -> Found
    [PUP.Gen1] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Zugo -> Found
    [PUM.HomePage] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID  -> Found
    [PUM.HomePage] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Internet Explorer\Main | Start Page : http://wyzo.wyzostart.com/?cfg=2-47-0-0&engine_id=2&provider_id=2&product_id=47&country=ID  -> Found
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-])  -> Found
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][])  -> Found
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{949ac5bc-9ec3-49f6-97b3-c55ca812b79f} | DhcpNameServer : 118.136.64.4 202.73.99.4 202.73.99.2 ([Indonesia][-][-])  -> Found
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\Tcpip\Parameters\Interfaces\{06C64660-CB6C-4561-AC78-C6B0BC4E9F48} | DhcpNameServer : 10.20.20.1 8.8.8.8 10.232.0.4 ([][-][])  -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {652DC0A2-2827-42AE-8BC0-04DA783EF0F2} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE|Name=LogiOptionsMgr.EXE|Desc=LogiOptionsMgr.EXE| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{0CAC408E-97DE-4826-9697-9BC8BBDAEAB4}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{02CD1A1E-43FA-482A-8C69-289ABEBE157E}C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\logishrd\logioptions\software\6.00.540\logioptionsmgr.exe|Name=LogiOptionsMgr.exe (UNICODE)|Desc=LogiOptionsMgr.exe (UNICODE)|Defer=User| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4250A59E-BBF4-4398-98FF-6A0C58B67969} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found
    [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\RK_System_ON_D_70AC\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8B07DC07-FE7D-4F70-93AD-25026CF281B1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Utomo\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (Utomo)| [x] -> Found
    [PUM.StartMenu] (X64) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found
    [PUM.StartMenu] (X86) HKEY_USERS\RK_Utomo_ON_D_150B\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> Found

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: SanDisk SDSSDXPS240G ATA Device +++++
    --- User ---
    [MBR] 062f1eb9b84f2f9fa0cbb815a3b5e45b
    [BSP] 82e17c3ce24a84f2dc71685fede2f183 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 228129 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467929088 | Size: 453 MB
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: ST2000DL003-9VT166 ATA Device +++++
    --- User ---
    [MBR] 14c6c1ef3409c91ced7b28ee8b276abd
    [BSP] 967d54c8bc65d1de44c3f32234b4dfe1 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 199899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409804800 | Size: 1707628 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    1.png

    2.png

  5. I found shortcut Malware from Flashdisk. malwarebytes already clean it. and I already format the flashdisk. 

    I see a suspicious shortcut I never create it 

    I am not sure that my computer is safe or infected. 

    I already scan it and clean (using malwarebytes premium and Norton 360, all are updated)

    I also check using rkill and roguekill. 

    any other tools I need to use to make sure that all clean ? 

     

     

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.