Jump to content

ataraxy

Honorary Members
  • Posts

    29
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks. I'm not sure if this is the right place for a suggestion, but could the notification for blocks be upgraded to show that Malwarebytes is blocking the whole IP address because of the trojan, rather than just saying "trojan". That way I have the information that I need to go back to the site owner so that this can be resolved.
  2. Could you please check the block on lexfridman.com. URLVoid shows all their checks thinks it is okay: https://www.urlvoid.com/scan/lexfridman.com/ Thanks Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 30/05/2023 Scan Time: 20:31 Log File: 2c05daf8-fed5-11ed-9d59-7085c25ed56b.json -Software Information- Version: 4.5.28.266 Components Version: 1.0.2005 Update Package Version: 1.0.70201 Licence: Premium -System Information- OS: Windows 10 (Build 19045.2965) CPU: x64 File System: NTFS User: DESKTOP-924NB8O\atara_8qkh5k2 -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 2 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  3. Great! Thanks for confirming. I can use that in my reports about the site.
  4. When trying to unsubscribe from an email list at trk.cpro20.com I got a warning from Malwarebytes - see below. URLVoid shows one other organisation thinks there is a problem, but 33 who think that it is okay: https://www.urlvoid.com/scan/trk.cpro20.com/ Could you please check and let me know who has the correct information. Thanks Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 19/02/2021 Protection Event Time: 16:50 Log File: 5fe8c2ba-7276-11eb-8ae6-7085c25ed56b.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1173 Update Package Version: 1.0.37281 Licence: Premium -System Information- OS: Windows 10 (Build 19041.804) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: trk.cpro20.com IP Address: 2001:8002:e21:f002::f5ff Port: 80 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  5. Could you please check the classification of fund.school. Malwarebytes currently blocking it, even though URL Void shows it as okay https://www.urlvoid.com/scan/fund.school/. I don't claim that it's a great site - it's being used by someone who just spammed the contact form on my web site - but if they are okay, I would like to be able to tell them about the spammer. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 27/01/2021 Protection Event Time: 18:34 Log File: 0e291fee-6072-11eb-a84e-7085c25ed56b.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1146 Update Package Version: 1.0.36271 Licence: Premium -System Information- OS: Windows 10 (Build 19041.746) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: fund.school IP Address: 104.238.93.235 Port: 80 Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end)
  6. Malwarebytes is detecting testdisk-7.0.win.zip as malicious. Since it's been sitting on my PC since 2016, I suspect that's a false positive. VirusTotal suggests it is okay: https://www.virustotal.com/gui/file/3c1fdbaca0ac686677f88b6bbf18d04c82f2c4047488c2e52da8e2347574b320/community Malwarebytes report: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 06/11/2020 Scan Time: 02:17 Log File: 0505106e-1f7a-11eb-9174-7085c25ed56b.json -Software Information- Version: 4.2.2.95 Components Version: 1.0.1096 Update Package Version: 1.0.32494 Licence: Premium -System Information- OS: Windows 10 (Build 19041.610) CPU: x64 File System: NTFS User: DESKTOP-924NB8O\atara_8qkh5k2 -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 17 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4231076329, D:\DATA\DOWNLOADS\TESTDISK-7.0.WIN.ZIP, No Action By User, 1000000, 0, 1.0.32494, DC84BCEF686F1AC0FC3119E9, dds, 00971019, 035792105F3221E1A8758E7F3F575418, 3C1FDBACA0AC686677F88B6BBF18D04C82F2C4047488C2E52DA8E2347574B320 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) testdisk-7.0.win.zip
  7. Malwarebytes is blocking https://covid-drm.org/ It looks okay at https://www.urlvoid.com/scan/covid-drm.org/ so could you please check it. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 15/05/2020 Protection Event Time: 17:49 Log File: 9055d3fc-9680-11ea-b1b9-7085c25ed56b.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.896 Update Package Version: 1.0.23862 Licence: Premium -System Information- OS: Windows 10 (Build 18362.836) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: RiskWare Domain: covid-drm.org IP Address: 172.104.242.238 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  8. Malwarebytes is blocking zipgenius.it. It looks okay on https://www.urlvoid.com/scan/zipgenius.it/ so could you please check it. Thanks Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 06/07/2019 Protection Event Time: 17:58 Log File: d06c2428-9fc3-11e9-b9c0-7085c25ed56b.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.11420 Licence: Premium -System Information- OS: Windows 10 (Build 17763.557) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: www.zipgenius.it IP Address: 89.40.174.36 Port: [52492] Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end)
  9. Malwarebytes is blocking tightvnc.com. Is there are problem with this site, or is this a false positive? It looks okay on https://www.urlvoid.com/scan/tightvnc.com/ Thanks Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 10/06/2019 Protection Event Time: 15:02 Log File: e57499b9-8b3c-11e9-be0a-7085c25ed56b.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.10974 Licence: Premium -System Information- OS: Windows 10 (Build 17763.503) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: www.tightvnc.com IP Address: 178.57.221.94 Port: [61736] Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end)
  10. Thanks. My post was mainly a response to but for some reason it was split off into its own thread.
  11. I just upgraded to v3 today, and I'm seeing the same thing. I don't know whether it is due to the upgrade, or whether it is because as a result of the upgrade, I got the 14 day free trial of the premium version. As utorrent seems to the be working okay - I'm only seeding at present, but stuff seems to be going out - I guess that there are various users that are being blocked.
  12. Thanks. Ran a scan with the new definitions and no problems.
  13. OpenCandy is being detected in the uTorrent v3.4.9.42606 executable (not the installer). This is with Malwarebytes v2.2.1.1043 Free, database 2016.10.07.03. The file is attached. uTorrent v3.4.9_42606.7z
  14. Finally had time to get back to this. Looks like the setting only takes effect when you run Malwarebytes as administrator.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.