Jump to content

drinx

Members
  • Posts

    19
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, an old file but I'm presuming it's a false positive as the last proxy.exe file detected was no longer detected after an update. The log file and the .exe are in the attached file. Detected as Malware AI. 1631137956.7z
  2. Hi, Detected as Phishing: IP: 51.38.62.138 Domain: d-15.winudf.com Link: hxxps://d-15.winudf.com/b/apk/b3JnLndhdGVyZm94cHJvamVjdC53YXRlcmZveF8yMDE1NTc2OTAwXzZjNDZlYTM2?_fn=V2F0ZXJmb3ggV2ViIEJyb3dzZXIgT3BlbiBGcmVlIGFuZCBQcml2YXRlX3Y2MC4xLjBfYXBrcHVyZS5jb20uYXBr&_p=b3JnLndhdGVyZm94cHJvamVjdC53YXRlcmZveA&am=U2nT8CrEjWJhGHjAjgex1w&at=1622928447&k=81c57d6e7a3b0ad2c128b414934ae56060bd3e6a
  3. Hi, as title. AdbWinApi.zip Scan log - AdbWinApi.dll _.txt
  4. Hi, I will do that, I just read about that elsewhere. Thank you.
  5. 48 files detected in C:\Windows\assembly False positives?. .NET files I assume?, but after restoring them all back out of quarantine all of the file paths lead nowhere, so I am unable to upload them. Advise?. C Windows assembly log.txt
  6. Hi, both the log file and the .exe file are in the zip. Log & DivX Uninstaller.zip
  7. I just re-scanned the files before tying your suggestion and the files are now no longer detected. Does the cache flush itself after a while?, I also ran some cleaning programs before making a system restore and updating by browser, I'm unsure if that might of deleted the cache. Thanks for you help. If I get any further detection's of those files I will do as you suggested though.
  8. Hi thanks, but the .zip file that I sent to you is still being detected on its own, it might of been detected after I changed the zip file name, I can't recall now, but after changing the name back again it is still being detected and the .paff file is still being detected (depending on how many files I choose to scan together at once) as it is not detected anymore if it is scanned on its own which seems odd. Please see the new log files [New Histrory, scan logs] of MediaInfo Portable (Multilingual).zip
  9. Malwarebytes History and the detected file are included in the zip file Reported by Malwarebytes as: Malware.Generic.4280996595 virustotal picks up nothing: https://www.virustotal.com/gui/file/68ae0d768e56558dfde75cbce7fd556c64f67352978ca99997adb3ac68d21ccd/detection So false positive?. Thanks MEDIAINFOPORTABLE_0.7.64.PAF.EXE [Malware.Generic.4280996595].zip
  10. Hi, advise please as to if this website block by Malwarebytes is a false positive or not?. hxxps://ohsw7kcq3.qnssl.com/file/14984687013583gjox1savd4.zip The zip file is attached to this post. Log: -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: ohsw7kcq3.qnssl.com IP Address: 117.91.177.227 Port: [49897] Type: Outbound .. The IP address changes though!. The link that was blocked is a firmware update and update program/tool which runs on Windows, but the firmware is for a non windows device. I scanned the zip file that I downloaded after removing the website block and Malwarebytes detects nothing. The webpage with the Link on it to the firmware update and update tool is not blocked: hxxps://www.smoktech.com/faq/273 but the download link for the firmware update and update tool on the above webpage is blocked & listed as a Trojan, but like I said, Malwarebytes detects nothing when I scan the zip file. So what I need to know is was it just a false positive?, or was the connection to the Domain the problem?. 14984687013583gjox1savd4.zip
  11. *Update: (literally) it is now updating again, the Main database updated but the Rootkit database stayed the same, I presume that there is just no update for the Rootkit database?.
  12. Hi, update failed, it was working earlier today, any problems with the server?.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.