asianmusicguy
-
Posts
289 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by asianmusicguy
-
-
well i eould except im not really expering the issue after running chkdsk /R i wanted to dig deeper to find out why hence the logs posted if i was still haveing issues id try this ? ot should i do as instructed regardless
?
-
-
-
37 minutes ago, David H. Lipman said:
Please elaborate. Do you see your Profile based Desktop Background ?
Yes
38 minutes ago, David H. Lipman said:- do you have icons in the System Tray
YES partly
39 minutes ago, David H. Lipman said:- do you have icons in the System Tray and on the Desktop ?
Yes
At what point does this problem in the process and what do you see or experiencing ?
Right after boot seems to hang when loading the wifi connection (my desktop has a wifi card*
the problem started when i lost network yesterday and reset the modem to get it back
in the wifi adortor settings window i noticed a extra adapter after a windows update (which presumably failed) called
Microsoft Virtual Wifi Miniport Adapter dont know if thats related
anyway on boot the computer starts slowly t loads a few tray icons and the desktop then nothing and im running on 16 gb of ram so my pc is by no means slow
its also custom so not bloat exct except the pro edition of cyberlinjk for blu rays
I ran a full dsk chk with /R from safe mode via cmd promp and it seems "ok": i did have to reinstall malwarebytes
so my best guess is true image really went bad
so should we do some log checks should i restore to a earlier date with true image or system restore or?
-
System restored faild which is why i thought acronis may have messed up so i did chkdsk/ R which seems to have at the very least resoled it temporarily
id love to work with you David to dive deeper if we can ?
-
hi guys i need help tonight i made the mistake of using a acronis to Restore my PC to yesterday after a failed windows update now looking back I think that was The wrong thing to do if my computer will successfully booed within safe mode but hangs at the normal windows desktop and refuses to completely load i'm trying achk dsk /R to see if that will help so fingers crossed but I fit that doesn't work I really need your guises help to get the computer operational again I do not have access to any recoverable media nor my windows CD as I've been the recent victim of a house fire but given the fact that the computer was working perfectly fine before I did the above operation I'm really hoping something can be done I do have a secondary laptop that I can use for repair
-
47 minutes ago, Aura said:
I do like the feature proposition (submit a false positive through Malwarebytes directly), though I think the same should be done for suspicious files, but done via a web interface (as it would probably make the program bigger and I personally don't want that). A web submission without going through the forums is a good idea. A lot of Antivirus companies do it.
Well i dont not think a feature such as that would increase the size of the program by all that much think for example how hitmanpro does this considering i want to see malwarebytes current line of products merged with the flagship product at some point anyway such a small addition is of little consequence however I do agree a web submission method is good aswell so maybe there is a compromise of both methods in there somewhere? either way i think we can agree a casual easy to use non forum method is needed and should be explored and your absolutely right suspicious files should be included
-
Give my recent scare with a false positive i have since reported and gotten fixed and how much trouble the average user has to go through to report such events could something not be created to automatically uploaded said file to malwarebytes through a "report possible False positive button which then generates a small report and possibly also makes use of Virus total and is then securely transmitted over https 256?
i find this is also why Fps go so long because often you have to join a forum or semd a email and the user cant be botherd thinking somone else will catch it which in most cases they do not
-
Thank you updated and scanning now to check results if i may say so i really dont understand how such a well established program got flagged to start with i understand false positives happen in any security environment my main concern is what it is labeled as i nearly lost my mind till i calmed down and looked closer ransomware is not a detection anyone wants so can we try to be slightly more conservative with the use of the world and perhaps make up a title for generic detection
-
Hey Folks so ro day I woke to malwarebytes blocking threats all from different games all of which are from Independent developers and made using Adventure Game Studio
http://www.adventuregamestudio.co.uk/site/ags/
winsetup.exe is the name used for each games setup file
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, Starting,
Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, Started,
Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Starting,
Protection, 20/11/2016 10:21 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Started,
Update, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Scheduler, Rootkit Database, 2016.10.31.1, 2016.11.20.1,
Update, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Scheduler, Domain Database, 2016.11.20.1, 2016.11.20.2,
Update, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Scheduler, Malware Database, 2016.11.19.9, 2016.11.20.6,
Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Refresh, Starting,
Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Stopping,
Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Stopped,
Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Refresh, Success,
Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Starting,
Protection, 20/11/2016 10:22 AM, SYSTEM, BRANDEN-PC, Protection, Malicious Website Protection, Started,
Detection, 20/11/2016 10:24 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Blackwell Deception\winsetup.exe, Quarantine, [6620caf83e5c54e200591abf5ca72dd3]
Detection, 20/11/2016 10:24 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Blackwell Unbound\winsetup.exe, Quarantine, [4f3701c176246ec8f861865354af758b]
Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Technobabylon\winsetup.exe, Quarantine, [226411b1fd9dab8b63f69940d82be41c]
Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Al Emmo and the Lost Dutchman's Mine\winsetup.exe, Quarantine, [fc8aead82377b08652078455bf44738d]
Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\Resonance\winsetup.exe, Quarantine, [6c1a9032efab61d570e97d5ca75ced13]
Detection, 20/11/2016 10:25 AM, Branden, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\The Blackwell Convergence\winsetup.exe, Quarantine, [483e388a9307d95dd8816c6dc142fb05]
Detection, 20/11/2016 10:25 AM, SYSTEM, BRANDEN-PC, Protection, Malware Protection, File, Ransom.FileCryptor, C:\games\The Blackwell Legacy\winsetup.exe, Quarantine, [1d69b50d2377d264f168607918ebb14f](end)
interestingly they were automatically blocked on walwarebytes startup i did not launch them
please advise
EDIT: Virus Total check
offical wikipedia article https://en.m.wikipedia.org/wiki/Adventure_Game_Studio
i never mind helping the community however this is quite the mistake and will effect many independent game developers i know the games in question have been on my hard drive for years and i know the developer personally
http://www.wadjeteyegames.com/games/
please resolve this quickly thank you
-
there we go
-
no matchs
-
it came back after restart
-
ok booted into safe mode as a precaution and removed the file does this warrant any sort of deeper invistagtion over in the malware thread or you do not believe so?
Thanks again David
-
Well first https://downloads.malwarebytes.com/file/mbam_current/
and second Malwarebytes is in many different langues all of which should be accessible via the drop down many at the start of the installer hope that helps
-
next question how did it get there and may it be safely removed ?
-
11 hours ago, Firefox said:
You could always upload the file for analysis to see if its malicious.....
Upload the file to VirusTotal-
Open your favorite web browser, and go on virustotal.com;
-
From there, click on the Choose file button and wait for the Windows Explorer to open;
-
Browse to the file below, select it and click on Open;
\AppData\Roaming\sp_data.sys -
Once done, click on the Analyze button;
-
If you get a message that the file was already analyzed, click on the Re-analyze button;
-
At the end of the analysis, copy and paste the VirusTotal report URL in your next reply;
-
-
I have a file in \AppData\Roaming\sp_data.sys no signs of any issues the file pre dates the purchase of my computer i bought it may the file has a date of February its a new asus laptop when i look it up i get conflicting reports all scans normal
-
hey there guys looks like i have solved my own issue it appers to have been a bad nvida driver update once i reverted to a backup before the update i have not had issues please close
-
yes it is and safemode loads perfectly as a side note
-
I think the title says it all on ocation for the last week or so i have been getting Black screen with mouse cusor on computer start im not sure why I have done a number of scans and things always come up with no resu;t so im hopping someone has a idea of what may be causing this attched these logs if i need ti move to a malware thread i will do so but im hoping not
note this is not the same system i posted about recently
-
so i recently updated my Kasperskey product on my main pc and noticed to things i didnt like script injection(which they claim is used so there things like safe money and brower extensions function to me this is very questionable
and MIM style scanning of encryption
ive disabled both but wantd the honest thoughts of members here as to weather if what i did the appropriate action
-
May i post whois look up or virus total report for the domain somewhere for review seems shady did i follow the right steps above or am i hust freaking out for nothing status was not parked it append active
thanks so much for the reply dave you really know your stuff
-
I went to a webpage that is common to me it used to belong to a independent web designer i know seems to have been squatted on by someone from Romania as of yesterday according to whois records no script was enabled so it actively blocked something no alerts from malwarebytes but i imminently cleared all my temp files using TFC ccleaner and glary utilities and am currently running a full scan with avast even ran the link on virus total they say its clean but im not so sure maybe i am just paranoid but is there a way to check the website safely ?
computer hangs at desktop after true image restored
in General Windows PC Help
Posted
true but sunce im not experinceing the issue since repair via chk disk a clean boot may not reval much so i thought the logs may be more helpful if you still wish me to do so though i will first thing in the morning if thats fine?