Jump to content

Zzyzx

Members
  • Content Count

    19
  • Joined

  • Last visited

Everything posted by Zzyzx

  1. Bobby3.com, a site I download Visio templates from was blocked when I tried to update them today. Not sure why. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 2/23/19 Protection Event Time: 10:31 AM Log File: e08a0d34-3790-11e9-bb0d-005056c00001.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.538 Update Package Version: 1.0.9406 License: Premium -System Information- OS: Windows 10 (Build 17134.590) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: bobby3.com IP Address: 66.147.244.96 Port: [52596] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  2. Hey, I got a response from the webmaster. Can you tell me if anything shows up on the site now? Best, Zzyzx
  3. Weird. I'll try to get in touch with the webmaster and see if they can get it removed. Thanks!
  4. Greetings, I think this is a false positive, as I've never seen any sort of phishing activity on the PQ website. Just a silly game to play. You can see more info by pulling up Progress Quest on Wikipedia as well. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/27/18 Protection Event Time: 4:26 PM Log File: ab7bb2aa-aa50-11e8-8042-005056c00001.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.421 Update Package Version: 1.0.6529 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: progressquest.com IP Address: 173.230.140.86 Port: [65402] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) Best, Zzyzx
  5. Greetings, I am on 1803 build 17134.167 with Malwarebytes 3.5.1.2522 with component package 1.0.391 and update package 1.0.6113, and I am having the server connectivity blocked issue whenever web protection is enabled with no events being logged. If there is any information I can provide that will help in fixing this issue again, please let me know. Best, Zzyzx
  6. Greetings, For some reason, the news site, Salon.com is blocked, and I'm not sure why, since it's a legitimate news site. You can see more info about it on Wikipedia: hxxps://en.wikipedia.org/wiki/Salon_(website) Here is the protection log: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/18/18 Protection Event Time: 2:01 PM Log File: cc50677a-733a-11e8-99a1-005056c00001.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.374 Update Package Version: 1.0.5530 License: Premium -System Information- OS: Windows 10 (Build 17134.112) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: RiskWare Domain: www.salon.com IP Address: 151.101.1.167 Port: [61616] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) Best, Zzyzx
  7. Greetings, I've noticed that this morning, Malwarebytes has started blocking this IP for Gaijin's War Thunder launcher, a game distributed through Steam. Please see the relevant log file below. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 5/10/18 Protection Event Time: 6:40 AM Log File: a425d2aa-5457-11e8-93e9-005056c00001.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.342 Update Package Version: 1.0.5054 License: Premium -System Information- OS: Windows 10 (Build 16299.431) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: IP Address: 193.23.181.144 Port: [51939] Type: Outbound File: C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (end) Thanks for your help, Zzyzx
  8. Greetings, I noticed that while accessing ballotpedia.org that I got blocking notices for magic.piktochart, a sub-domain of piktochart.com, an infographics site that isn't blocked itself. Could this possibly be in error? Please see the log below: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 2/8/18 Protection Event Time: 7:23 AM Log File: aad0498c-0cdb-11e8-a8d5-005056c00001.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3900 License: Premium -System Information- OS: Windows 10 (Build 16299.192) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Unspecified Domain: magic.piktochart.com IP Address: 104.25.200.10 Port: [50156] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) Best, Zzyzx
  9. Greetings, For some reason, this IP (217.23.187.143) used by the game War Thunder launcher/updater, a Gaijin Entertainment game distributed by Steam is being blocked as a malicious website. Please see the log below: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 2/8/18 Protection Event Time: 2:25 AM Log File: fd0cdce4-0cb1-11e8-87d1-005056c00001.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3897 License: Premium -System Information- OS: Windows 10 (Build 16299.192) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Unspecified Domain: IP Address: 217.23.187.143 Port: [54041] Type: Outbound File: C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (end) Thanks for your help, Zzyzx
  10. Greetings, I have noticed over the last few days that both NE-1 and NE-2 on AWS are blocked for some reason, specifically: s3-ap-northeast-1.amazonaws.com s3-ap-northeast-2.amazonaws.com NE-1 was from something in Chrome, while NE-2 was actually while Samsung Magician was trying to download an update. Here are the logs for both: Northeast-1: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/5/17 Protection Event Time: 6:46 PM Log File: 4df8b71c-da27-11e7-ad9c-005056c00001.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3419 License: Premium -System Information- OS: Windows 10 (Build 16299.64) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: s3-ap-northeast-1.amazonaws.com IP Address: 52.219.0.88 Port: [50666] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) Northeast-2: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/9/17 Protection Event Time: 2:07 AM Log File: 55dff026-dcc0-11e7-ab36-005056c00001.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.3450 License: Premium -System Information- OS: Windows 10 (Build 16299.64) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: s3.ap-northeast-2.amazonaws.com IP Address: 52.219.58.4 Port: [58889] Type: Outbound File: C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (end) Thanks for your help, Zzyzx
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.