Everything posted by Frk
I agree, I think this is the best way forward. I have had serious issues with my PC and in the end MB was the culprit. This is strike three for me. I will also deactivate my Premium license. Thanks
Hi Imacri, Thanks for your reply. That was not really what I meant. My question was why MalwareBytes queries domains that have been excluded every 2 minutes. I found the 'answer' in MB's FAQ: https://support.malwarebytes.com/docs/DOC-2432 Not really a satisfactory answer though. For example, 1337x.to uses Cloudflare. So if I would visit 1337x.to in between of the two minute query interval of MalwareBytes, there is a good chance MalwareBytes would still block the attempt, since I might be connecting to a different Cloudflare IP. Or am I mistaken?
I recently noticed something strange in the logs of my DNS server. My PC was querying 1337x.to and eu-central450.discord.gg every two minutes. For the life of me I couldn't figure out why. Yes I was running Discord, but even with Discord closed, it kept querying eu-central450.discord.gg every 2 minutes... And what about 1337x.to? That doesn't look too good... It got me thinking whether or not I got infected. https://i.imgur.com/wbMVpw8.png Well after two hours of digging with Fiddler, Wireshark, ProcMon, TCPView and Torch (in Winbox), I found the answer. Lo and Behold, it was *Malwar