Det0l
-
Posts
16 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Det0l
-
-
Dear Ron @AdvancedSetup,
I have just scanned my PC again with RougueKiller and detected something in my registry. Is this perhaps related to my issue?
Thank-you
-
Daer Ron,
Thank-you once again for the quick reply. I have ran the delfix tool and used ultrasearch to find all of the files and logs related to the tools utilized and deleted them. My main problem now is I cannot remove the system restore point for JRT despite following instructions.
I have also contacted my ISP to request for technical assistant to reset my router. I dare not reset the router myself as there are other users.
Thank-you -
Thank you very much for the technical assistance up to this point.
If in the future I encounter the same issue again, can I request that this thread be reopen?
Do I need to remove the program used up to this point?
Thank you -
1 minute ago, AdvancedSetup said:
Some of the crashes appear to be from BitDefender. Possibly uninstalling it and reinstalling it may fix it - not sure. If it continues you may need to contact BitDefender support about that.
I would highly recommend using Google Public DNS
https://developers.google.com/speed/public-dns/
Give that a read and try using their DNS servers.
Aside from that the computer appears okay at this time. Are you having any other issue that looks like it might be malware?
Dear Ron,
Thank-you for the fast reply. I guess there is no suspicious activity at this point in time. From the results obtained from MTB, does everything seem normal?
Or should I contact my ISP and request a technician to reset my router?
I think I will contact BitDefender and show them the FRST logs perhaps?
Thank-you -
By the way, just saw the firefox warning from using MiniToolBox. Just want to let you know that I never used Firefox, it came preloaded in my pc. It was only after I installed BitDefender then I removed firefox.
The browser I mainly use is Opera.
Thank-you -
Here is the results from Mini Tool Box. Just a heads up, this is a house wifi shared by 5 housemates.
-
Dear Ron,
The unicode characters are linked to a chrome app. It is a Japanese online game which I have been playing.
Are the program crashes serious? Can they be fixed?
Thank-you -
I have also used the following site:
https://campaigns.f-secure.com/router-checker/en_global/
to check for my Router Security and everything was fine.
Am I just being over paranoid at this point? -
Dear Ron,
Here are the log files requested. I disabled all my antivirus before running JRT but I am unsure if I fully disabled them although I followed all the instructions provided.
Surprisingly, ADWCleaner found a program MP3Tagger and a Chrome cookie(?) as malicious even when MWB Premium or BitDefender Internet Security 2017 found nothing.
I have also completed a Sophos scan and found nothing. Therefore, no logs of Sophos will be provided.
By the way, prior to signing up for this forum to inquire about my issue, I have also followed the instructions provided here:
https://www.bleepingcomputer.com/virus-removal/fix-malicious-web-site-blocked-alert-from-svchost.exe/
but to no avail. Steps 13 mentions that if I encounter such issues, my DNS would be hijacked. I am pretty worried about the issue. How can I know if my DNS has been Hijacked?
I have checked my IPV4 Properties and it is set to "Obtained DNS automatically". To be sure, I have logged into my Wifi router to check my DNS. I contacted my ISP and verified that it is indeed a valid DNS provided by my ISP (Both primary and secondary DNS).
Thank-you
-
Dear Ron,
May I kindly know how can I access he protection log?
Thank-you
P.S. I no longer have reports of the block as I have recently clear my reports so I can monitor new reports. There was a lot of backlog of old reports.
EDIT: From my FSRT logs, can you make-out any form of malware or rootkit infections?
Thank-you -
@AdvancedSetup may I kindly request your assistance?
Thank-you -
-
Update:
My RKill scan log -
Update to the mods and admins of this forum. Thank-you and sorry for the delay.
My scan logs from FRST. -
Greetings,
So, as mentioned in my title, for a while now since installing MWB Premium, I will have the occasional notification from MBW that SVCHost.exe is being blocked (I think mostly outbound connections). The latest notification I got was from Monday, and using Whois IP lookup, the IP belonged to the Philippines. I have no idea what was trying to connect to it.I am currently running both Bitdefender Internet Security 2017 and Malwarebytes Premium. A full system scan on both reveals nothing. RTKill shows no malware processes to terminate and Hitmanpro shows nothing. I have also checked my IPV4 DNS and it is set to "obtain DNS automatically". A further check using F-Secure Router Checker webpage shows that eveything is also running fine and my router has not been hijacked (if it was I think the other housemates would also notice). I have experience no redirecting or pop-up ads during browsing.
I hope experts would chime in and help me solve my issue be it using FRST or other programs.
Thank-you
Malwarebytes Premium Occasionally Blocks system32/SVCHost.exe
in Resolved Malware Removal Logs
Posted
Thanks for the reply RON.
Just a quick update, my ISP's Technician just left after resetting my router. When they checked the DNS settings on my Router, all was well and they mentioned that that is indeed my ISP's DNS (both primary and secondary). I guess I am in the clear for now.
I would then like to kindly request that this topic be closed. If anything comes up again, I will perhaps PM you to re-open the topic. Would that be okay?
Thank-you