Jump to content

l3386490

Members
  • Content Count

    21
  • Joined

About l3386490

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. In my case I did run a game sandboxied and found out that this file got edited after running the game, [I know this post is old but as for today even after 4 years ppl do reach here from google so...] After reading about this I'm more curious Why would a small game cause this file to be modified, The question is which cases this file get modified? This could help me in the future as I remember it maybe the 4 time I search for the same thing [for the same or very similar reason]
  2. https://www.virustotal.com/gui/file/27108117c99cac2d0e9ad532e37e8e75586e6a91ef50f33388948f336680fd11/detection Avtoran base DVD-applications to the magazine GameLand (RU). AutoRun.zip
  3. If there is a waiting period until the list is updated, please, ignore.
  4. Please, remove www.codeload.github.com Relevant: https://forums.malwarebytes.com/topic/247447-hphosts-codeloadgithubcom/?tab=comments#comment-1313014 Still present: https://hosts-file.net/?s=www.codeload.github.com https://hosts-file.net/emd.txt
  5. The "Ad and Tracking servers" file (which I use with uBlock Origin) contains an entry for swift.com. I don’t think it qualifies as an ad or tracking server. It provides, for example, technical documentation for SEPA payments (hxxps://www.swift.com/sites/default/files/resources/swift_standards_ibanregistry.pdf#page=16).
  6. MachineLearning detects yaP.exe files from yet another Portablizer. This should be false positive but I am not completely sure. KuKnetFileRenamer-yaP.zip ML Anomalous 95.txt
  7. hxxp://ntscorp.ru & hxxp://www.ntscorp.ru Download and auto-update domain for hxxp://openiv.com/. Freeware for modding Rockstar Games titles, used by many thousands of users (http://gtaforums.com/forum/403-openiv/) without malware detection.
  8. This list: https://hosts-file.net/psh.txt https://hosts-file.net/default.asp?s=caixa https://hosts-file.net/?s=www.caixa.gov.br
  9. The site is on the phishing lists. The address caixa.gov.br is the correct address for the 4th largest bank in Brazil. https://en.wikipedia.org/wiki/Caixa_Econ%C3%B4mica_Federal
  10. buscape.com.br is currently blocked (since 2009!) in the EMD lists. Not sure what it was like back in 2009, but it is currently a fairly big site used for price comparison in Brasil and Latin America. I would say it is worth a recheck. Host list: https://hosts-file.net/emd.txt https://hosts-file.net/default.asp?s=buscape https://hosts-file.net/?s=buscape.com.br https://hosts-file.net/?s=www.buscape.com.br
  11. Hi, I'm using the hpHosts list, and newrelic.com is blocked for tracking. I understand newrelic tracks users and all, but all their tracking activities are under subdomains. The main domain, plus a few additional sub domains are used for applications debugging and monitoring for their clients. They are unrelated to tracking users. Can we please remove newrelic.com from the blocklist?
  12. Hello. Could really use some help ASAP. Thank you guys for the support. All the attachments are included. I think i might be infected everytime i boot there is multiple cmd connhosts and random cmd pop ups running when i check taskmanager and pc is laggy at start. If i switch to safe mode pc always informs me with black screen no operating system found then i go bios and choose boot sector manually im able to boot normally.
  13. Hello, Office Tab Enterprise detected as an exploit for the Microsoft Office Word and etc, the program can be downloaded here https://www.extendoffice.com/download/office-tab.html To do this, you just need to open the Word, then try to create a second tab, suddenly everything closes with a message about blocked rop injection, "applicationVersion" : "3.4.5.2467" "threatName" : "Malware.Exploit.Agent.Generic" "exploitData" : { "appDisplayName" : "Microsoft Office Word", "blockedFileName" : "", "layerText" : "Protection Against OS Security Bypass", "protectionTechnique" : "Exploit ROP gadget attack blocked", "url" : "" }, "generatedByPostCleanupAction" : false, the system Windows 10 x64 is absolutely clean! It's impossible to disable this blocking rule, this is the biggest problem Yours faithfully
  14. where to get the updated installer, I will not install this defective version anymore ....
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.