Jump to content

961Host

Techbench
  • Posts

    47
  • Joined

  • Last visited

Everything posted by 961Host

  1. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/1/21 Protection Event Time: 1:58 PM Log File: **** -Software Information- Version: 4.4.10.144 Components Version: 1.0.1499 Update Package Version: 1.0.47964 License: Premium -System Information- OS: Windows 10 (Build ****) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 **** -Website Data- Category: RiskWare Domain: cpab.circl.lu IP Address: 185.194.93.14 Port: 443 Type: Outbound **** (end)
  2. i have a question related to detected logs, where does malwarebytes keep the logs or there is a way to API these logs, is it possible to get these logs and send them to ELK or kafka so i can treat the logs in different ways ?
  3. https://brainerhub.com/ false positive flag for sure log.txt
  4. yes but the problem , they should fix this issue for developers .... its unreliable thing. it should be a option to turn it off.
  5. Dear Malwarebytes Team, my file got detected with "MachineLearning/Anomalous.100%", i created it with dotnet framework, why it got detected ? these are the details of the report -Log Details- Protection Event Date: 2/24/19 Protection Event Time: 3:26 PM Log File: d1c40a8c-3837-11e9-9650-b06ebf50c25a.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.538 Update Package Version: 1.0.9406 License: Premium -System Information- OS: Windows 10 (Build 17763.316) CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 MachineLearning/Anomalous.100%, C:\Users\****\Desktop\961API_-_Full_Licensing_API_Tool.exe, Quarantined, [0], [392687],1.0.9406 (end) 961API_-_Full_Licensing_API_Tool.zip
  6. i have reported to firefox and chrome community about this, and Malwarebytes should take this into consideration, 80K people infected with coinhive script I tried to track and read all plugin code but they did a good job by hiding it alot of API's are being used to get filters and things like data and JS files to load
  7. i can now be 100% that, this plugin causing the problem i did the same thing on my chrome browser (after installing it i updated some filters and restarted the browser)and look, i don't know if someone need to worn them or i don't know it seems a huge amount of people are infected 80K! this is catastrophic ! Malwarebytes should do something
  8. this two screenshot one before disabling the addon and the other after (you can see the add-blocker icon in browser)
  9. after long investigations on my browser, i come to a conclusion the infection is from this addon when i enable it! it injects coin hive into my browser ,i know it is strange to believe it this particular addon causing all these problems, maybe none will notice it, but thanks to WAPPALYZER i discovered it AdBlocker Ultimate https://adblockultimate.net/ when i disabled this addon and i kept all other add-ons ON Coin Hive script was gone after reporting this bug to Wappalyzer GitHub repo, they had some problems: https://github.com/AliasIO/Wappalyzer/pull/1777#issuecomment-342202690 i think in my guess that ADDON is for free! and alot of people and me trusted them, maybe this is one of the reasons, why Wappalyzer added alot of sites false positive
  10. thank you Yoan for your support I'm Tony and here is the requested files: Addition.txt FRST.txt
  11. after doing some research i ended up on this conclusion: some companies using CoinHive to mine in your browser without your knowledge, how i knew it ? https://github.com/AliasIO/Wappalyzer/issues/1807 i have an addon called WAPPALYZER it shows what tech your site is made, i noticed something is confusing all websites have CoinHive plugin, EVEN GOOGLE i was WHAT! no way its a bug i went there to GITHUB i opened an issue someone told me maybe iam infected somehow with it, i was hmm that seems logic on my computer i have those antiviruses:(both are paid licenses) Malwarebyte ESET Smart Security iam reporting that neither anyone noticed it but this is a big malware issue they are using COINHIVE API to USE your CPU to MINE! i scanned many times i disabled all my plugins nothing!!!
  12. i have the same problem on my client server 2003, always getting that error,ive contacted support but it seems not only me have this problem, we need offline activation for such things
  13. thank you for your reply, well i don't have problems, i have already did what you've suggested, but for my clients or in general i don't think this is a normal action to do each time, when you gonna remove a virus right? that's not a logical solution for business or personal.
  14. i discovered a confusing bug, when Malwarebytes catch a virus ESET block that file and block Malwarebytes, in the same time Malwarebytes do the same thing...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.