Jump to content

Gramps33

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. FP After my last reply to you I ran a complete scan SUPERAntiSpyware Scan. Below are the results of the scan: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 08/05/2011 at 01:32 AM Application Version : 5.0.1108 Core Rules Database Version : 7511 Trace Rules Database Version: 5323 Scan type : Complete Scan Total Scan Time : 09:54:27 Operating System Information Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600) Administrator Memory items scanned : 830 Memory threats detected : 0 Registry items scanned : 40811 Registry threats detected : 0 File items scanned : 89786 File threats detected : 390 388 Adware.Tracking Cookies 2 Trogans: Trojan.Agent/Gen-Krpytik C:\COREL\SUITE8\MACROS\WPWIN\CORCMS01.EXE Trojan.Agent/Gen-Nullo[short] C:\SYSTEM VOLUME INFORMATION\_RESTORE{BFAA719B-281F-45B6-9E39-9D4BB578C2A4}\RP171\A0018535.EXE After rebooting my computer and running IExplorer for a few hours tonight I have not received any more IP-BLOCK 93.190.143.52 (Type: outgoing) messages. So, for now I’ll skip your packet log suggestion. BTW, what is your educated guess about what internet site was attached to the IP 93.190.143.52 address. Gramps33
  2. FD,sorry I took so long getting back to you, but I was busy running and rerunning my three anti-virus programs – McAfee’s Security Suite, MalwareBytes 30 day Trial Program, and Panda Cloud AntiVirus to see what they would do. The Answer NADA.Finally because of its excellent reviews*** I decided to give the latest version of SuperAntiSpyware a whirl, with the following great results. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 08/04/2011 at 11:41 AM Application Version : 5.0.1108 Core Rules Database Version : 7508 Trace Rules Database Version: 5320 Scan type : Quick Scan Total Scan Time : 00:56:51 Operating System Information Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600) Administrator Memory items scanned : 769 Memory threats detected : 0 Registry items scanned : 33138 Registry threats detected : 16 File items scanned : 8838 File threats detected : 79 Needless to say No More Aggravating IP- Block 93.190.143.52 (Type: outgoing) pop-up messages. However, in the course of trying to find a solution I came across the following on the bleepingcomputer forum. 08/03/2011 - Security researcher Xylitol recently wrote an article about a new malware that performs some tricks to make you think your computer is running normally, when it is in fact infected with a variety of malware. Typically when a brand new computer infection is released, your antivirus program is hard-pressed to update its malware database fast enough to protect you from it. Even if the malware is installed before your antivirus can detect it, the hopes are that once the malware is added to the security software's virus database, it will then be detected and removed. What is a malware to do then to protect itself from this tactic? Most malware will terminate known antivirus programs and other security programs when they are started. This, though, can quickly become suspicious when various programs you try to run are immediately terminated. This new malware offers a sneakier solution; simply uninstall the antivirus software installed on the computer and then run a malware that pretends to be it This is exactly what Xylitol found when researching a new Trojan that has been labeled Trojan.FakeAV.LVT See http://www.bleepingcomputer.com/forums/topic412702.html/page__p__2357986__hl__superantispyware__fromsearch__1#entry2357986 for rest of comment about this new really sneaky piece of s__t malware Gramps33 *** http://www.ghacks.net/2011/08/04/superantisypware-pro-5-review-giveaway/ http://www.thejakartapost.com/news/2011/08/01/my-pc-slow-now-what.html http://www.marketwatch.com/story/supportcom-announces-superantispywarer-5-major-update-of-popular-malware-and-spyware-detection-removal-and-protection-software-2011-08-02?reflink=MW_news_stmp http://www.betanews.com/article/SUPERAntiSpyware-5-Big-changes-in-a-small-package/1312381872 PS: What is a "packet log", and how would I get one to you?
  3. On July 27, 2011 I converted from Malwarebytes free version to its full trial period version. For almost a year I’ve been running AT&T’s Full Mcafee Security Suite with automatic updates, Panda Cloud’s free Antivirus program concurrently with Malwarebytes free antivirus program without any problems or conflicts. All of a sudden early Tuesday morning after Malware updated its database I have been continuously receiving about 108 IP-BLOCK messages from MBAM according to its 8/02/11 protection log. Below is an excerpt from the log. As far as I can tell everything is working as usual except for these IP-BLOCK messages. Who does IP 93.190.143.50 belong to, and what, if anything, can I do to stop these MBAM IP-BLOCK messages. 04:54:03 xxxxxx x xxxxxxx MESSAGE Scheduled update executed successfully 04:54:26 xxxxxx x xxxxxxx MESSAGE IP Protection stopped 05:02:59 xxxxxx x xxxxxxx MESSAGE Database updated successfully 05:03:28 xxxxxx x xxxxxxx MESSAGE IP Protection started successfully 06:50:44 xxxxxx x xxxxxxx IP-BLOCK 93.190.143.50 (Type: outgoing) . . . . " " " " . . . . " " " " . . . . " " " " 21:27:39 xxxxxx x xxxxxxx IP-BLOCK 93.190.143.52 (Type: outgoing) 21:27:45 xxxxxx x xxxxxxx IP-BLOCK 93.190.143.52 (Type: outgoing) 21:30:47 xxxxxx x xxxxxxx IP-BLOCK 93.190.143.52 (Type: outgoing) 21:30:50 xxxxxx x xxxxxxx IP-BLOCK 93.190.143.52 (Type: outgoing) 21:30:56 xxxxxx x xxxxxxx IP-BLOCK 93.190.143.52 (Type: outgoing) Thanx for your assistance. Gramps33 08/02/11
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.