Jump to content

sg09

Honorary Members
  • Posts

    73
  • Joined

  • Last visited

Reputation

0 Neutral

About sg09

  • Birthday 08/09/1985

Contact Methods

  • Website URL
    http://www.techoffer.in/
  • ICQ
    0

Profile Information

  • Location
    Kolkata, India
  • Interests
    Malware Research.

Recent Profile Visitors

6,916 profile views
  1. Syrma SGS Technology is a reputed engineering company based in India. Its website syrmasgs[dot]com is blocked due to blocking of the IP 184.168.97.197. Please do the needful. https://www.urlvoid.com/scan/syrmasgs.com/
  2. Following site is blocked. https://forum.valuepickr.com/ It is a highly regarded forum dedicated for discussions around investment in stock market.
  3. Hi, just found that the company is using shared IP. Hi, does that mean that someone else might have used that IP for brute-force attack?
  4. Following site is blocked. https://www.srlchem.com/ It is a popular chemical company website based on India.
  5. Please find the attached files which has been zipped and uploaded from the Seamonkey Portable folder. The Scan results are also uploaded. I tried scanning at VirusTotal but none came up with detection, so these are possibly false positives. VirusTotal - File - 78e23e16afa23a405e4d267846726ad4328b4f3f9c878052426b632459a7f269 VirusTotal - File - ed6e85a8578dc1a4a3882a9eed06497ba20e13a058648f8149b9d130a54068cc MapiProxy.zip AccessibleHandler.zip Scan Results.txt
  6. I always used to visit the site through my mobile where I use Bitdefender and it never blocked it but I haven't found anything suspicious also. But today tried to visit through my desktop and Malwarebytes blocked it. I checked at Virustotal and found that Kaspersky detects it too... Can you please check it? https://www.virustotal.com/gui/url/e940023bee05f1223bdfa77f897bac3676096a52fa469e013902f22847b8955a
  7. Path: C:\Program Files (x86)\JetAudio\jetChat.exe Action Taken: No Action By User Scan time: 2021-09-17 2:58 AM (IST) Report time: 2021-09-17 3:17 AM (IST) Threat name: Malware.AI.4093377762 CRC-32: 84724721 SHA-1: d84902e3f2d266a7ba33970f1f2b7a9c2d29328e SHA-256: 913dc235bf811805298e3f44e90ca50a5db9d79bf5c0938d013612f4e5aef0d7 SHA-512: 1c05f47acb3fdc131af483e7706dd5359133347613172bda9df8d801d0d2c1803304806d4d4199b28eb38e5a738e51daaf14889fde9cc9be7103f5b3c49a6db6 P.S: I am having trouble uploading the file here. Always getting upload error. For that reason I have uploaded the file to an external server. https://easyupload.io/ztdo8j
  8. Hi, I have seen for a long time that pcwintech.com is blocked which is supposedly a clean site. Earlier I haven't reported due to laziness. 😃 Can you please check and whitelist? https://www.urlvoid.com/scan/pcwintech.com/ https://www.virustotal.com/gui/url/2560ed2c01002ac78bb0ebc38856a09469b4a1c0e8ab9c31fd80c92e53a82ac7/detection
  9. Please review the attached file which is most probably a False Positive detection. https://www.virustotal.com/gui/file/6be5ff3d94c15a4ec1b44c6b572a1e1b83a234e34fb3e218794e4d96f5909948/detection Stockfish-13_x32.zip Detection Log of Stockfish.txt
  10. My main website is on a Shared IP (GoDaddy) 118.139.171.1 and I discovered that this IP is blacklisted in Malwarebytes & also in WOT. http://www.urlvoid.com/ip/118.139.171.1 http://www.mywot.com/en/scorecard/118.139.171.1 I found that a number of websites in this shared IP is blacklisted here and there, but I want to know exactly which domain(s) is/are so much abusive for Malwarebytes to blacklist the IP. I am asking this because I want to submit that information to GoDaddy for taking possible necessary action.
  11. A file in PDFMate is wrongly detected as "Trojan Agent" http://www.pdfmate.com/ Developer mode scan yields the following: See attachment VT Scan https://www.virustot...sis/1332569764/ mbam-log-2012-03-24 (11-33-35).txt
  12. All fixed! But sumo.exe indeed contains Relevant Knowledge so it needs to be detected.
  13. Not sure if someone already posted it. SUMO from KC softwares http://www.kcsoftwar.../index.php?sumo incorporates relevant knowledge and other sponsors in one of its installers http://www.kcsoftwares .com/files/sumo.exe (remove space) In its nork installer, relevant knowledge is absent but other sponsors are present. http://www.kcsoftwares .com/files/sumo_nork.exe (remove space) In its lite installer it contains no foreign stuffs. http://www.kcsoftwares .com/files/sumo_lite.exe (remove space) But MBAM detects all three as Adware.RKN as containing relevant knowledge. I know its not the proper way of presenting FP but for the three files I was not prepare to made a full scan in developer mode. Sorry for that.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.