Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Heantrad

Pages: [1] 2 3 ... 7
1
Hi Heantrad,

The Validation Task is perfectly legit and is indeed used to check for non-genuine Windows activation.
It's linked to update KB971033.

Regards.
It seems a program has unistalled without apparent reason, is there a way to check what programs have been unistalled?

2
Hi Heantrad,
Quote from: Heantrad
For no reason in particular, Adblock Plus started crashing and needed to get restarted all the time today, after unistalling and installing it again, it keeped crashing, but after restarting the PC it seems to have stopped so far, any idea why could that have happened?
I have no clue, sorry.

Quote from: Heantrad
Also, as SuperAntiSpyware! runs in the background unless you exit the program and after that it still has a service running, can it cause conflict with Microsoft Security Essentials? I've searched if those programs are compatible and it seems it can cause some problems.
SuperAntiSpyware and Microsoft Security Essentials are not targetting the same type of threats, so they should be working fine together.
However, please take note I know very little about SuperAntiSpyware , so I could be wrong.

Regards.
Today when I checked the task manager I saw there was a new task called Validation Task, after searching for a bit it seems it's legit, but it's programmed to happen in 3 months and the description has the name of a Windows 7 update that got installed around two years ago.
It's just a task made by Microsoft (although I haven't installed any updates specific for Windows 7 recently) to check if your copy of Windows is original or it can be something else?
Thanks in advance

3
Hi Heantrad,
Quote from: Heantrad
I'm doing a full scan with every program I have and so far AdwCleaner detected something in Chrome, I'll attach the log, the deleted item is down in the file, as now it seems AdwCleaner only uses one file for all deletion logs.
AdwCleaner detected and deleted a PUP Search Provider, nothing to be afraid of.

Quote from: Heantrad
So, news sites like Forbes and Reuters are saying there has been a hack of millions of e-mail accounts (those including Google and Hotmail), I would like to ask if you know, as those news don't specifie, was it an info leaks, an attack to the service's servers, or just manually hacked?
This was not disclosed.

Regards.
For no reason in particular, Adblock Plus started crashing and needed to get restarted all the time today, after unistalling and installing it again, it keeped crashing, but after restarting the PC it seems to have stopped so far, any idea why could that have happened?
Also, as SuperAntiSpyware! runs in the background unless you exit the program and after that it still has a service running, can it cause conflict with Microsoft Security Essentials? I've searched if those programs are compatible and it seems it can cause some problems.

4
Hi Heantrad,

An error may have been detected and Windows scheduled CHKDSK to be run on startup to check your HDD.
I advice you to let it complete the scan.

Regards.
I'm doing a full scan with every program I have and so far AdwCleaner detected something in Chrome, I'll attach the log, the deleted item is down in the file, as now it seems AdwCleaner only uses one file for all deletion logs.

So, news sites like Forbes and Reuters are saying there has been a hack of millions of e-mail accounts (those including Google and Hotmail), I would like to ask if you know, as those news don't specifie, was it an info leaks, an attack to the service's servers, or just manually hacked?

5
Hi Heantrad,

This is definitely a false positive.

Regards.
For no apparent reason, the computer needs to do a full disk check to verify the integrity of some files on startup, it seems to be the same type of check I did time ago on the MalwareBytes forum after they found some errors with winows search.
When I turned on the PC today for the first time, it didn't appear, but the Windows Updates didn't download so I restarted the computer, when I restarted that message appeared after the OS started but before the desktop appeared, I was too slow to make it don't check the hardrive and it started, but I turned off the PC anyways.
When I started the PC again, it appeared again, but this time I cancelled it correctly, but it keeps appearing.
The computer doesn't seem to have anything wrong at first glance, why could that have happened and should I let the hardrive get checked?

6
Hi Heantrad,
Quote from: Heantrad
By the way, for some reason the last version of rkill is getting a bunch of detections and bad score in VirusTotal, has something happened with it?
Rkill is using techniques whose appear suspicious to some antivirus softwares.
It's perfectly safe to be used.

Quote from: Heantrad
Another doubt, I checked the integrity of rpg-maker.fr because I needed to check something there and NortonSafeWeb detected a virus called Heuristic.AHD. My doubt is, does the virus infect you directly when you enter the page or only if you download the program it seems it's infected? (as it specifies a location for that virus)
I don't spot anything suspicious.
It must be a false positive.

Regards.
If needed, the localitation of that supossed virus is this scan here https://safeweb.norton.com/report/show?url=http%3A%2F%2Fwww.rpg-maker.fr%2F

7
Hi Heantrad,

Quote from: Heantrad
So, today I was trying to install a program in the other computer from my net, during the installation of it (although it was oficial) I saw it included adware so I told the owner of that computer to wait until I found a better program without adware. The thing is that he ignored me and he decided to enter Softonic and other pages which I don't know it's validity but they seemed to be fake websites with fake solutions.
Softonic is indeed repacking legit softwares with adwares.
It's adviced to not download anything from this site.

Quote from: Heantrad
The thing is, through entering in those webpages and as we're connected by cable to the same router, could it have affected my computer by any sort? He used Firefox with Adblock Plus and NoScript.
No, your computer is safe.

Quote from: Heantrad
I would also like to ask, any malware, spyware, etcetera that gets into his computer, can it infect or affect mine in any way?
Some malware may use vulnerabilities to propagate through computers in the same network, but they are not common.
Don't worry too much about it.

Quote from: Heantrad
I've done VirusTotal scans of RKill and AdwCleaner out of curiosity and the programs seem to have detections by some reason, are they fake positives?
Yes, they are.

Quote from: Heantrad
Also, a doubt I have, lately I've seen Multi.Threats.InArchive a lot on VirusTotal, what does it mean?
It's usually a software archive containing adwares.

Regards.
Alright, thanks a lot for helping me with that.
By the way, for some reason the last version of rkill is getting a bunch of detections and bad score in VirusTotal, has something happened with it? https://www.virustotal.com/en/file/6f084bfc9e26773a7d8f6c59b3650f7307a7b725fd2e9fddcba2199c28a349af/analysis/1461447181/
Another doubt, I checked the integrity of rpg-maker.fr because I needed to check something there and NortonSafeWeb detected a virus called Heuristic.AHD. My doubt is, does the virus infect you directly when you enter the page or only if you download the program it seems it's infected? (as it specifies a location for that virus)

8
Hi Heantrad,
Quote from: Heantrad
So, a pair of days ago my computer stopped completelly working because some problems with the graphic card or the motherboard, I still don't know, but right now I'm using my computer without the graphic card.
You are lucky your computer is still working. :)

Quote from: Heantrad
The thing is that I ran a RKill scan today and it detected an error in the Windows Service Integrity, I'll attach the log.
The TPM Base Services (TBS) feature is an optional system service that allows transparent sharing of the Trusted Platform Module (TPM) resources. It simultaneously shares the TPM resources among multiple applications on the same physical machine, even if those applications run on different virtual machines.
In short, in your case, this has no impact.

Quote from: Heantrad
I'm also configuring a computer that through cable is connected to the same net as my computer, today I finished installing all the windows updates (the computer is running Windows 7 too) and I ran a complete scan with Microsoft Security Essentials, the preliminary scan says that it   has detected potential malware, apart of the updates and the antivirus we didn't install anything else.
I haven't ran any other scans on my computer yet, so I don't know if there's anything else.
Any ideas of what can it be?
I believe it's a false positive.

Regards.
So, today I was trying to install a program in the other computer from my net, during the installation of it (although it was oficial) I saw it included adware so I told the owner of that computer to wait until I found a better program without adware. The thing is that he ignored me and he decided to enter Softonic and other pages which I don't know it's validity but they seemed to be fake websites with fake solutions.
The thing is, through entering in those webpages and as we're connected by cable to the same router, could it have affected my computer by any sort? He used Firefox with Adblock Plus and NoScript.
I would also like to ask, any malware, spyware, etcetera that gets into his computer, can it infect or affect mine in any way?
I've done VirusTotal scans of RKill and AdwCleaner out of curiosity and the programs seem to have detections by some reason, are they fake positives?
Also, a doubt I have, lately I've seen Multi.Threats.InArchive a lot on VirusTotal, what does it mean?

9
Hi Heantrad,

This registry key is a leftover of some adware.
You can safely remove it.

Regards.
Okay, thanks for answering.
So, a pair of days ago my computer stopped completelly working because some problems with the graphic card or the motherboard, I still don't know, but right now I'm using my computer without the graphic card.
The thing is that I ran a RKill scan today and it detected an error in the Windows Service Integrity, I'll attach the log.
I'm also configuring a computer that through cable is connected to the same net as my computer, today I finished installing all the windows updates (the computer is running Windows 7 too) and I ran a complete scan with Microsoft Security Essentials, the preliminary scan says that it   has detected potential malware, apart of the updates and the antivirus we didn't install anything else.
I haven't ran any other scans on my computer yet, so I don't know if there's anything else.
Any ideas of what can it be?

10
First of all, sorry for all the wait with the Skype thing, I've been busy lately and I couldn't do it yet.
Today, Adwcleaner updated and detected a registry key.
Any idea of what can it be?
As it was a WIN key, could it be related to the update Microsoft Security Essentials recently had?

11
Hi Heantrad,
Quote from: Heantrad
I wanted to ask something that happens when I use RogueKiller, the icon of 'Extract hardware safely' in the notification area dissapears without aparent reason, why does this happen?
You are the first user to report this behaviour. We will investigate it.

Quote from: Heantrad
Also, is Quttera a bad analizyng site? Everytime there's a detection from a safe page in VirusTotal is normally from Quttera, it even detects blog.malwarebytes.org as malicious.
Quttera performs automatics websites malwares scan, so it can leads to false positives (blog.malwarebytes.org for exemple).

Regarding your questions about Skype, I suggest you to open a new thread on the Skype Community Forum. They will be more qualified than me to help you with this.

Regards.
Alright, I'll post a thread there soon.
It's just strange as they seem to exist, but they don't appear on the search engine of the community forums.
Is puu.sh a dangerous site?, it has detections and a bad score on Virustotal, and I've searched info and it seems it can download a scr file which can act as a keylogger or something similar.
This e-mails were on the deleted e-mails folder, I don't remember having deleted them, as I'm keeping every e-amil from Skype, any idea of what they could be? (the one from 2015 didn't appear before).
Is akamaihd.net unsafe? It seems it has adware, and if that's the case, why does Facebook use it? It seems it's a CDN, so, does that mean that the adware that seems quite common and is distributed through this website doesn't have anything to do with the Facebook one?
Bing.com is a phising site?
So, is it true that one can get malware by using and viewing (not clicking any links or images) Google Images?
Is win.rar GmbH the legit editor of Winrar or does that mean I installed a bad version of it?

Also, I wanted to apologize for all the "is this page safe" questions I've been doing lately.

12
Hi Heantrad,
Quote from: Heantrad
Strange, Virustotal says that blog it's dangerous and it also has a bad score.
Check this.

Quote from: Heantrad
Also, was it a bad idea to use the haveibeenpwned page? As it can get breached or the creator (although the creator seems trustable) can sell the information.
There is no way to be sure.

Regards.
I wanted to ask something that happens when I use RogueKiller, the icon of 'Extract hardware safely' in the notification area dissapears without aparent reason, why does this happen?
Also, is Quttera a bad analizyng site? Everytime there's a detection from a safe page in VirusTotal is normally from Quttera, it even detects blog.malwarebytes.org as malicious.
So, yesterday I was checking some options in Skype and I clicked on help, it took me to my browser and opened sesion in Skype to see the help forum, the thing is that the account name was gibberish it was live:name, so I unlinked that account to my Microsoft account, but an e-mail reached saying that I had registered correctly and I decided to check what had happen, when I checked it the same happen, but this time it was live:name_2. The thing is that I've done that a bunch of times to test how it worked, and now there are a bunch of accounts with my name if you search it on the Skype desktop application.
I want to know, if I unlinked all those accounts from my Microsoft account, do they still have my login information and probably my e-mail too?
Is there any way to delete them?
Also, when I click my account name to enter my profile, it goes to my actual real profile, but not the one with the gibberish name.
And it seems I can register in the Skype Community with that gibberish name, but I need to enter a profile name to start.
I attached a image so you can see what I mean, if I click the profile name I enter on my normal account, if I click in the option below, I'm still registered with the gibberish name but I need to enter an actual profile name to fully register and use the Skype community.
So, it seems that gibberish name is just the normal name that is given to everyone before thet register to the community but alredy have a Skype account, so all those accounts seems to be linked to the same account, the one I use. But then, why there is a Skype result for every account that I have "created" now if they're all the same account in general?
So, basically, it seems that gibberish name was a temporal name for my Skype account in the forums, as I didn't fully ended registering, but my question is, what has happen to the rest of the accounts that are now left behind, they don't seem to have got deleted, as they appear on Skype's search in their application, but they also seem inaccesible, as if I log with my account, I enter the last one I created with the gibberish name.
Also, it seems that if I log either on hotmail, skype or the skype community I log on the rest of accounts, and if I unlog I unlog on everyone, but this time I entered the skype community, clicked my name and they asked me to log on my skype account. This is getting kind of messy to be honest.
It seems there are two _17 accounts now, instead of beign _17 and _18. Also, should I tell inform the Skype staff of this error? As if they take it as account spam or something and delete my Microsoft account, I will be left without e-mail.
I've checked the profiles of various of the accounts I seem to have created through this error, as I still have the registration mails I can see the profiles on the Skype community, they're all different accounts that seem to still active, as every each of them has a different profile picture that is given randomly and all of them have different registration times.

13
Hi Heantrad,
Quote from: Heantrad
Sadly, I use Chrome, so I can't install that, but I have Avast Online Security in Chrome.
You can find a version for Chrome HERE.

Quote from: Heantrad
Is there any way to unhide those entries?
Not right now.

Quote from: Heantrad
Also, is there any way to know what a new version of Chrome includes? I only know this blog googlechromereleases.blogspot.com and it seems it wasn't safe
This website is maintained by Chrome developers; it's safe.

Regards.
Strange, Virustotal says that blog it's dangerous and it also has a bad score.
Also, was it a bad idea to use the haveibeenpwned page? As it can get breached or the creator (although the creator seems trustable) can sell the information.

14
Hi Heantrad,
Quote from: Heantrad
It's webm.land safe?
The website itself should be safe but the ads displayed may be not.
I advice you to install the Web of Trust module for Firefox, it will help you to check the safety of websites .

Quote from: Heantrad
Also, when I do a RogueKiller scan now, the registry part appears totally clean now, without the DNS entries, have that DNS entries been whitelisted?
Sort of. Those entries are now hidden by default.

Regards.
Sadly, I use Chrome, so I can't install that, but I have Avast Online Security in Chrome.
Is there any way to unhide those entries?
Also, found this page haveibeenpwned.com, it seems trustable, when I checked if it happened to my accounts, they all appeared clean, so we can guess the proxy server didn't send any important information I guess.
Also, is there any way to know what a new version of Chrome includes? I only know this blog googlechromereleases.blogspot.com and it seems it wasn't safe.

15
Hi Heantrad,

A quick examination of the site doesn't reveal anything malicious.
However, please keep in mind that the content hosted may be malicious.

Regards.
It's webm.land safe?
Virustotal and Safeweb say it's clean, but if I've hearded that video uploading webpages normally contain malware.
Also, when I do a RogueKiller scan now, the registry part appears totally clean now, without the DNS entries, have that DNS entries been whitelisted?

Pages: [1] 2 3 ... 7