Jump to content

Aardvark

Members
  • Content Count

    11
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Aardvark

  • Rank
    New Member

Profile Information

  • Location
    Australia
  • Interests
    Everything

Recent Profile Visitors

579 profile views
  1. Not doing it for me any more either 👍
  2. Product: MalwareBytes Browser Guard URL: hxxp://wiztreefree.com/files/wiztree_3_35_setup.exe Block reason: Reputation Website blocked due to suspicious download Download blocked: wiztree_3_35.setup.exe Malwarebytes Browser Guard blocks downloads that either come from websites that see relatively light traffic or may contain potentially malicious content. This is intended to protect you from new scams. However, if you trust content from this site and would like to proceed, click "Continue". Just an alternative software to WinDirStat for finding disk consumption in
  3. Having the same problem. The UJR software looks legit, source code is available. But it seems the whole domain is flagged because of summoner.zip. UJR does a version check back to evilc.com to check for updates, see here.
  4. Product: MalwareBytes Browser Guard URL: hxxp://www.amazonregistry.com Block reason: Reputation Website blocked due to reputation Website blocked: www.amazonregistry.com Malwarebytes Browser Guard blocked this website because it may contain malware activity.
  5. Product: MalwareBytes Browser Guard URL: hxxps://www.grouppolicy.biz/2010/09/how-to-delegate-ad-permission-to-organisational-units-using-the-powershell-command-add-qadpermission/ Block reason: Website blocked due to a suspicious top level domain (TLD) VirusTotal Scan: https://www.virustotal.com/gui/url/8b377ec36e9495956f3ff3d3808ef805d9e43ce8c8dca3516a4598a0ccc1c410/detection
  6. Product: MalwareBytes Browser Guard Short URL is: hxxps://staff.connectanywhere.biz, hxxps://staff.accessanywhere.biz Block reason: Website blocked due to a suspicious top level domain (TLD) These are corporate logon portals.
  7. Product: MalwareBytes Browser Guard Short URL is: hxxp://soph.so/cSFi30qp1EC Redirects to: hxxps://community.sophos.com/b/community-blog/posts/sophosid-is-migrating-please-log-in-with-your-sophosid Block reason: Reputation The domain seems to be getting used as Sopho's short URL service for redirects. A truly horrible domain name to use because it definitely looks like a scam, but appears to be legit 🙄
  8. Wasn't exactly sure where to report this as it is not a file detection as such. MalwareBytes is detecting the Microsoft tool Process Explorer as attempting an attack. I suppose normally image hijack settings would be a bad thing, but in this case it is a good thing (if you use Process Explorer over Task Manager). mbytesscan.zip
  9. And the latest update finally came down, problem resolved.
  10. I am getting this too for everything from chrome.exe, firefox.exe to svchost.exe. To me it would appear that MalwareBytes is blocking the domains: g.symcd.com ss.symcd.com gp.symcd.com gn.symcd.com sh.symcd.com gt.symcd.com Which also happen to be Symantec's OCSP responders. So I suspect MalwareBytes is blocking application cert validation check ups to Symantec's OCSP servers because I have a clean build of Windows 10 and it 100% has no Symantec products installed. C:\Windows\system32>nslookup g.symcd.com Server: x.x.x Address: x.x.x.x Non-authoritative answer: Name: e8218.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.