Jump to content

shifoc

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral
  1. hi again, I have glasswire installed on my laptop and I was able to find the same ip addresses . it looks like the culprit was qbitorrent.
  2. they have ceased since I blocked the port from the firewall so I can't know
  3. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/19/21 Scan Time: 1:12 PM Log File: d57438d8-e879-11eb-bf5e-c85b76fa0d60.json -Software Information- Version: 4.4.3.125 Components Version: 1.0.1387 Update Package Version: 1.0.43267 License: Trial -System Information- OS: Windows 10 (Build 19043.1110) CPU: x64 File System: NTFS -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 407094 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 14 min, 39 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) AdwCleaner[C00].txt FRST.txt Addition.txt
  4. I created an inbound and outbound rule in the Windows Firewall setting to block port 137 over tcp and udp , should i be doing something else aswell?
  5. hello,I keep receiving 3 kinds of notifications from "system". what is happening and what should I do?I ran a scan and no threat was found. Same thing happened 6 months ago but I thought the problem was solved: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/17/21 Protection Event Time: 10:41 PM Log File: fdfb7c88-e736-11eb-94f2-c85b76fa0d60.json -Software Information- Version: 4.4.3.125 Components Version: 1.0.1387 Update Package Version: 1.0.43205 License: Trial -System Information- OS: Windows 10 (Build 19043.1110) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , System, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: IP Address: 101.30.23.129 Port: 137 Type: Outbound File: System (end) log 2: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/17/21 Protection Event Time: 10:39 PM Log File: c572b7aa-e736-11eb-b0ae-c85b76fa0d60.json -Software Information- Version: 4.4.3.125 Components Version: 1.0.1387 Update Package Version: 1.0.43205 License: Trial -System Information- OS: Windows 10 (Build 19043.1110) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , System, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: IP Address: 112.247.175.17 Port: 137 Type: Outbound File: System (end) log 3: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/17/21 Protection Event Time: 10:39 PM Log File: bc8dfeec-e736-11eb-999b-c85b76fa0d60.json -Software Information- Version: 4.4.3.125 Components Version: 1.0.1387 Update Package Version: 1.0.43205 License: Trial -System Information- OS: Windows 10 (Build 19043.1110) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , System, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Compromised Domain: IP Address: 123.129.153.204 Port: 137 Type: Outbound File: System (end)
  6. should I consider this "malware" gone? is it possible that it was stealing my files (pictures ...)? really appreciated your help thanks!!
  7. hello, I did not receive the notification anymore. thank you
  8. here is the log: RKlog2.txt. I will wait 24 hours and report back if it happened again or not. thank you so much
  9. it looks like it's safe. on another note I did not receive the notification in the last 23 hours. Should I wait and see if it happens again? what do you think it was? is it possible my files are somehow infected? thank you for everything
  10. anghami is a popular music application like spotify, will roguekill delete it?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.