king99

wow thanks Really thorough analysis i really appreciate the help Regards

thanks for the help itman i really appreciate it I clearly remember downloading the vbox back in 2018 from the original website does that mean that vbox site was compromised at that time ? or it was a mitm attack ? to make the situation more bizarre i just found in the download folder of Patchmypc an oracle cert which is extremely odd reported it to Patchmypc no response yet https://www.virustotal.com/gui/file/75e96bab78e894c582d115f74392d87213222e3356f858161d33f0f9719a05e9/detection could it be the malware evolved from 2018 to hide it self with compromised digital signatures please bear with me little I'm a noob in the malware world

i uploaded the file to intezer platform and it says it's 100 percent malicious could it be a false positive because of just a broken download ??? https://analyze.intezer.com/analyses/0bd6495e-4aa6-4522-a025-baf5ad79938c thanks for the reply

hi i found this malware like 5 years ago when i download vbox and for some reason the version downloaded was with invalid sig i uploaded the file to vt nothing came up i re uploaded the sample now after 5 years still undetected by all by some kind of evasion technique because of the large size i'm going to link the vt https://www.virustotal.com/gui/file/a172b1c18045400e459a2353de8f250c9ab36c72b30057feb9c2db894f39e568 a172b1c18045400e459a2353de8f250c9ab36c72b30057feb9c2db894f39e568 i think this a part of targeted attack further analysis and feedback is welcomed thanks in advance

thanks for the help i'm really glad that computrace is patched on my laptop because i can't afford a new laptop for the time being

thanks for the informative help but in my case my laptop bios doesn't have theses option in the bios I'm left with the only option to buy a new laptop or to use linux instead thanks again

sorry for the belated answer https://pcsupport.lenovo.com/nl/en/products/laptops-and-netbooks/lenovo-b-series-laptops/lenovo-b50-80-notebook/80ew/downloads/driver-list/component?name=BIOS%2FUEFI

those files and dlls are not present on the system also there is no option to disable computrace in the bios no new update for the bios is present for my computer nor will be according to the manufacturer i wonder what third party tools i could use to further investigate or modify the bios anyway it seems i need a new laptop but i can't afford a new one right now

no i don't use cracks or any low reputation app and on clean install i use a disk image made on another system and i re download all the apps from their websites i tried rescue disks like bitdefender , eset , kaspersky etc hmp , norton power eraser whatever you can think of no way for the malware to survive

hi itman if i didn't have another symptoms on the computer i would've said it's just an unwanted application but a while ago I was using another security program no need to mention names the security program settings started to get changed in that program like allowing inbound connection to the pc even that i strictly stopped it and put a rule to stop inbound connection and password protected the app other strange things happens in the computer like dropping connection when i was doing some online gaming "not the router or connection fault " the connection being stopped internally from the laptop , also the security software started detecting process with weird name "numbers like 1020140400104" is trying to change browser setting using other tools and task managers to detected the hidden process couldn't find anything nor using logging tools like farbar also another symptom is stopping VMware workstation from working by stopping the vmauth service formatting couldn't fixed the problem for a while just for the symptoms to back again that's why i changed the pervious solutions and choosed eset and eset detected this computrace thingy i wouldn't say this is a coincidence regards

i suspected a rootkit infection on my computer a while ago more than month anyway tried every scanner out there you could think of after using Eset it detected a computrace.a on my computer "kudos Eset " but how can i remove it since i can't flash the bios the official tool report " can't flash the bios with the same version "

to increase security i would like to block all incoming connections from local network or internet after creating this rule i couldn't run some app that uses local traffic from within the computer so i think i should re stack the rules having allow all traffic within the computer on top thanks for the help

hi i would like to know how i can create this rule Block all inbound connections without the local 127.0.0.1 addresses how i can do that thanks in advance

Description: Real Time connection View Detail: i would like to have the option to view the real time bandwidth speed and connection something similar to comodo product or glasswire it would be very helpful and useful to see connection in real time with bandwidth speed also thanks for the awesome product it's really good and affordable regards