Jump to content

zappe

Honorary Members
  • Posts

    57
  • Joined

  • Last visited

Posts posted by zappe

  1. Malwarebytes Anti-Malware (PRO) 1.70.0.1100

    www.malwarebytes.org

    Database version: v2013.03.22.03

    Windows 7 Service Pack 1 x64 NTFS

    Internet Explorer 10.0.9200.16521

    zappe :: ZPP [administrator]

    Protection: Enabled

    2013-03-22 07:49:34

    MBAM-log-2013-03-22 (08-29-07).txt

    Scan type: Flash scan

    Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

    Scan options disabled: Registry | File System | P2P

    Objects scanned: 225499

    Time elapsed: 1 minute(s), 12 second(s)

    Memory Processes Detected: 0

    (No malicious items detected)

    Memory Modules Detected: 1

    C:\Program Files (x86)\GIGABYTE\Gamer HUD\GVDisplayLib.dll (Trojan.Passwords.LD) -> No action taken.

    Registry Keys Detected: 0

    (No malicious items detected)

    Registry Values Detected: 1

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\GIGABYTE\GAMER HUD\GVDISPLAYLIB.DLL (Trojan.Passwords.LD) -> Data: 1 -> No action taken.

    Registry Data Items Detected: 0

    (No malicious items detected)

    Folders Detected: 0

    (No malicious items detected)

    Files Detected: 1

    C:\Program Files (x86)\GIGABYTE\Gamer HUD\GVDisplayLib.dll (Trojan.Passwords.LD) -> No action taken.

    (end)

    GVDisplayLib.rar

  2. 2012/06/07 21:07:13 +0200 ZPP zappe IP-BLOCK 91.201.60.30 (Type: outgoing, Port: 51139, Process: chrome.exe)

    2012/06/07 21:07:21 +0200 ZPP zappe IP-BLOCK 91.201.60.30 (Type: outgoing, Port: 51152, Process: chrome.exe)

    2012/06/07 21:07:21 +0200 ZPP zappe IP-BLOCK 91.201.60.30 (Type: outgoing, Port: 51153, Process: chrome.exe)

    2012/06/07 21:07:21 +0200 ZPP zappe IP-BLOCK 91.201.60.30 (Type: outgoing, Port: 51154, Process: chrome.exe)

  3. 2012/01/23 15:05:03 +0100 ZPP zappe IP-BLOCK 91.206.200.30 (Type: outgoing, Port: 61942, Process: chrome.exe)

    2012/01/23 15:05:19 +0100 ZPP zappe IP-BLOCK 91.206.200.30 (Type: outgoing, Port: 61946, Process: chrome.exe)

    2012/01/23 15:05:19 +0100 ZPP zappe IP-BLOCK 91.206.200.30 (Type: outgoing, Port: 61947, Process: chrome.exe)

    www.hamalia.ua

  4. A few of the ips of irc.undernet.org is blocked.

    Name: irc.undernet.org

    Addresses: 66.252.29.2

    70.33.251.254

    94.125.182.255

    95.141.29.22

    130.237.188.216

    194.109.20.90

    208.83.20.130

    64.18.128.86

    66.198.80.67

    19:17:01 zappe IP-BLOCK 94.125.182.255 (Type: outgoing, Port: 52699, Process: mirc.exe)

    19:03:40 zappe IP-BLOCK 66.252.29.2 (Type: outgoing, Port: 51077, Process: mirc.exe)

    19:03:08 zappe IP-BLOCK 208.83.20.130 (Type: outgoing, Port: 50984, Process: mirc.exe)

    19:02:36 zappe IP-BLOCK 130.237.188.216 (Type: outgoing, Port: 50936, Process: mirc.exe)

    19:02:12 zappe IP-BLOCK 194.109.20.90 (Type: outgoing, Port: 50878, Process: mirc.exe)

    19:01:40 zappe IP-BLOCK 64.18.128.86 (Type: outgoing, Port: 50827, Process: mirc.exe)

    Can this be solved?

  5. Isn't this a false positive?

    I got it will playng on Expekt.com Casino.

    File is attached.

    Malwarebytes' Anti-Malware 1.51.2.1300

    www.malwarebytes.org

    Database version: 8351

    Windows 6.1.7601 Service Pack 1

    Internet Explorer 9.0.8112.16421

    2011-12-11 19:15:43

    mbam-log-2011-12-11 (19-15-38).txt

    Scan type: Full scan (C:\|D:\|)

    Objects scanned: 810862

    Time elapsed: 1 hour(s), 52 minute(s), 8 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 1

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 1

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\expekt (PUP.Casino.Gen) -> No action taken.

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    c:\microgaming\Casino\Expekt\install.exe (PUP.Casino.Gen) -> No action taken.

    install.rar

  6. 22:42:42 zappe IP-BLOCK 78.129.142.67 (Type: outgoing, Port: 55001, Process: chrome.exe)

    22:42:42 zappe IP-BLOCK 78.129.142.67 (Type: outgoing, Port: 55002, Process: chrome.exe)

    22:42:42 zappe IP-BLOCK 78.129.142.67 (Type: outgoing, Port: 55005, Process: chrome.exe)

    daemon-tools.cc

    20:06:18 zappe IP-BLOCK 77.247.179.66 (Type: outgoing, Port: 52900, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.66 (Type: outgoing, Port: 52901, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.83 (Type: outgoing, Port: 52902, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.83 (Type: outgoing, Port: 52903, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.66 (Type: outgoing, Port: 52904, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.66 (Type: outgoing, Port: 52905, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.83 (Type: outgoing, Port: 52906, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.83 (Type: outgoing, Port: 52907, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.66 (Type: outgoing, Port: 52908, Process: chrome.exe)

    20:06:18 zappe IP-BLOCK 77.247.179.83 (Type: outgoing, Port: 52909, Process: chrome.exe)

    wiziwig.tv

  7. Absolute rubbish, it's their network, and their responsibility. The issues have been reported to them not only by myself, several times (and in the case of Portlane, reports have been sent hundreds of times over the years, with no action and no response, hence my applying the "Criminal friendly" tag to them), with no action and no response.

    You're free to add it to the ignore list, yes. You can't add an ignore for a range block however, you'll need to do each IP individually.

    Until they start responding to abuse reports, the malware is removed, and the criminal activity ceases, the block won't be removed.

    I see your point, I just said that since they don't keeps logs they can't suspend users. They prefer anonymity like TOR or I2P.

    As long as they are not obligated by law to keep logs I don't think they will start responding.

    I guess I have to add it to ignore list.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.