Jump to content

ataraxy

Honorary Members
  • Posts

    29
  • Joined

  • Last visited

Everything posted by ataraxy

  1. Thanks. I'm not sure if this is the right place for a suggestion, but could the notification for blocks be upgraded to show that Malwarebytes is blocking the whole IP address because of the trojan, rather than just saying "trojan". That way I have the information that I need to go back to the site owner so that this can be resolved.
  2. Could you please check the block on lexfridman.com. URLVoid shows all their checks thinks it is okay: https://www.urlvoid.com/scan/lexfridman.com/ Thanks Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 30/05/2023 Scan Time: 20:31 Log File: 2c05daf8-fed5-11ed-9d59-7085c25ed56b.json -Software Information- Version: 4.5.28.266 Components Version: 1.0.2005 Update Package Version: 1.0.70201 Licence: Premium -System Information- OS: Windows 10 (Build 19045.2965) CPU: x64 File System: NTFS User: DESKTOP-924NB8O\atara_8qkh5k2 -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 2 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  3. Great! Thanks for confirming. I can use that in my reports about the site.
  4. When trying to unsubscribe from an email list at trk.cpro20.com I got a warning from Malwarebytes - see below. URLVoid shows one other organisation thinks there is a problem, but 33 who think that it is okay: https://www.urlvoid.com/scan/trk.cpro20.com/ Could you please check and let me know who has the correct information. Thanks Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 19/02/2021 Protection Event Time: 16:50 Log File: 5fe8c2ba-7276-11eb-8ae6-7085c25ed56b.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1173 Update Package Version: 1.0.37281 Licence: Premium -System Information- OS: Windows 10 (Build 19041.804) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: trk.cpro20.com IP Address: 2001:8002:e21:f002::f5ff Port: 80 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  5. Could you please check the classification of fund.school. Malwarebytes currently blocking it, even though URL Void shows it as okay https://www.urlvoid.com/scan/fund.school/. I don't claim that it's a great site - it's being used by someone who just spammed the contact form on my web site - but if they are okay, I would like to be able to tell them about the spammer. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 27/01/2021 Protection Event Time: 18:34 Log File: 0e291fee-6072-11eb-a84e-7085c25ed56b.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1146 Update Package Version: 1.0.36271 Licence: Premium -System Information- OS: Windows 10 (Build 19041.746) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: fund.school IP Address: 104.238.93.235 Port: 80 Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end)
  6. Malwarebytes is detecting testdisk-7.0.win.zip as malicious. Since it's been sitting on my PC since 2016, I suspect that's a false positive. VirusTotal suggests it is okay: https://www.virustotal.com/gui/file/3c1fdbaca0ac686677f88b6bbf18d04c82f2c4047488c2e52da8e2347574b320/community Malwarebytes report: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 06/11/2020 Scan Time: 02:17 Log File: 0505106e-1f7a-11eb-9174-7085c25ed56b.json -Software Information- Version: 4.2.2.95 Components Version: 1.0.1096 Update Package Version: 1.0.32494 Licence: Premium -System Information- OS: Windows 10 (Build 19041.610) CPU: x64 File System: NTFS User: DESKTOP-924NB8O\atara_8qkh5k2 -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 17 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4231076329, D:\DATA\DOWNLOADS\TESTDISK-7.0.WIN.ZIP, No Action By User, 1000000, 0, 1.0.32494, DC84BCEF686F1AC0FC3119E9, dds, 00971019, 035792105F3221E1A8758E7F3F575418, 3C1FDBACA0AC686677F88B6BBF18D04C82F2C4047488C2E52DA8E2347574B320 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) testdisk-7.0.win.zip
  7. Malwarebytes is blocking https://covid-drm.org/ It looks okay at https://www.urlvoid.com/scan/covid-drm.org/ so could you please check it. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 15/05/2020 Protection Event Time: 17:49 Log File: 9055d3fc-9680-11ea-b1b9-7085c25ed56b.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.896 Update Package Version: 1.0.23862 Licence: Premium -System Information- OS: Windows 10 (Build 18362.836) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: RiskWare Domain: covid-drm.org IP Address: 172.104.242.238 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  8. Malwarebytes is blocking zipgenius.it. It looks okay on https://www.urlvoid.com/scan/zipgenius.it/ so could you please check it. Thanks Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 06/07/2019 Protection Event Time: 17:58 Log File: d06c2428-9fc3-11e9-b9c0-7085c25ed56b.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.11420 Licence: Premium -System Information- OS: Windows 10 (Build 17763.557) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: www.zipgenius.it IP Address: 89.40.174.36 Port: [52492] Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end)
  9. Malwarebytes is blocking tightvnc.com. Is there are problem with this site, or is this a false positive? It looks okay on https://www.urlvoid.com/scan/tightvnc.com/ Thanks Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 10/06/2019 Protection Event Time: 15:02 Log File: e57499b9-8b3c-11e9-be0a-7085c25ed56b.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.10974 Licence: Premium -System Information- OS: Windows 10 (Build 17763.503) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: www.tightvnc.com IP Address: 178.57.221.94 Port: [61736] Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end)
  10. Thanks. My post was mainly a response to but for some reason it was split off into its own thread.
  11. I just upgraded to v3 today, and I'm seeing the same thing. I don't know whether it is due to the upgrade, or whether it is because as a result of the upgrade, I got the 14 day free trial of the premium version. As utorrent seems to the be working okay - I'm only seeding at present, but stuff seems to be going out - I guess that there are various users that are being blocked.
  12. Thanks. Ran a scan with the new definitions and no problems.
  13. OpenCandy is being detected in the uTorrent v3.4.9.42606 executable (not the installer). This is with Malwarebytes v2.2.1.1043 Free, database 2016.10.07.03. The file is attached. uTorrent v3.4.9_42606.7z
  14. Finally had time to get back to this. Looks like the setting only takes effect when you run Malwarebytes as administrator.
  15. The explorer context menu entry doesn't appear in Windows 10 Build 10565 using Malwarebytes v2.2.0.1024 free version. I've gone through the mbam-clean process, reinstalled, re-enabled the explorer context menu setting, restarted, and the entry still doesn't appear. It was working in previous versions with Malwarebytes v2.1.8.1057. Note that this is a bug report. I'm not looking for a "solution".
  16. Updating is not failing, since the database is being updated, e.g. I just got v2015.07.02.03. The problem is that rather than reporting a successful update, Malwarebytes is reporting that it is unable to access the update server. My solution is repeatable. Starting and stopping the system does not have anything to do with this problem. It only occurs when manually updating the database. I'll have a look a running the diagnostics and see whether I have time to do it.
  17. I have a similar issue - see https://forums.malwarebytes.org/index.php?/topic/168554-access-update-server/#entry973602 Try unchecking the Check for program updates when checking for database updates setting in the Update Settings. If I do that, the Unable to access update server message does not appear.
  18. Thanks daledoc1. Just to clarify, my intention was to report a solution, and a probable bug. Since I have found a solution to the problem, i.e uncheck the Check for program updates when checking for database updates setting, I am not looking for help. Do you still need me to generate the diagnostic logs, i.e. is this necessary to get the bug investigated?
  19. I've been seeing this message too. From memory it first appeared about the time of the opening post above. I solved it then by updating from v2.1.4 to v2.1.6. It started appearing yesterday as well. Checking here, I see that a new version, v2.1.8 has just been released, so I'm guessing that it's related to the new version appearing. This appears to be confirmed since if I uncheck the Check for program updates when checking for database updates setting in the Update Settings, I don't get the message. Check the setting, and the message returns. So there is a bit of bug in the update process. As far as I can tell, the database is being updated correctly, e.g. at 06:11 GMT on 2 July 2015 I just got v2015.07.01.05. This is using the free version of v2.1.6.1022 on Windows 7 SP1 64 bit.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.