-
Posts
47 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by 961Host
-
Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/1/21 Protection Event Time: 1:58 PM Log File: **** -Software Information- Version: 4.4.10.144 Components Version: 1.0.1499 Update Package Version: 1.0.47964 License: Premium -System Information- OS: Windows 10 (Build ****) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 **** -Website Data- Category: RiskWare Domain: cpab.circl.lu IP Address: 185.194.93.14 Port: 443 Type: Outbound **** (end)
-
yes thank you
-
i have a question related to detected logs, where does malwarebytes keep the logs or there is a way to API these logs, is it possible to get these logs and send them to ELK or kafka so i can treat the logs in different ways ?
-
-
False Positive: MachineLearning/Anomalous.100%
961Host replied to 961Host's topic in File Detections
yes but the problem , they should fix this issue for developers .... its unreliable thing. it should be a option to turn it off. -
Dear Malwarebytes Team, my file got detected with "MachineLearning/Anomalous.100%", i created it with dotnet framework, why it got detected ? these are the details of the report -Log Details- Protection Event Date: 2/24/19 Protection Event Time: 3:26 PM Log File: d1c40a8c-3837-11e9-9650-b06ebf50c25a.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.538 Update Package Version: 1.0.9406 License: Premium -System Information- OS: Windows 10 (Build 17763.316) CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 MachineLearning/Anomalous.100%, C:\Users\****\Desktop\961API_-_Full_Licensing_API_Tool.exe, Quarantined, [0], [392687],1.0.9406 (end) 961API_-_Full_Licensing_API_Tool.zip
-
i think you should email virustotal ?
-
it opens without any probems
-
i have reported to firefox and chrome community about this, and Malwarebytes should take this into consideration, 80K people infected with coinhive script I tried to track and read all plugin code but they did a good job by hiding it alot of API's are being used to get filters and things like data and JS files to load
-
i can now be 100% that, this plugin causing the problem i did the same thing on my chrome browser (after installing it i updated some filters and restarted the browser)and look, i don't know if someone need to worn them or i don't know it seems a huge amount of people are infected 80K! this is catastrophic ! Malwarebytes should do something
-
this two screenshot one before disabling the addon and the other after (you can see the add-blocker icon in browser)
-
after long investigations on my browser, i come to a conclusion the infection is from this addon when i enable it! it injects coin hive into my browser ,i know it is strange to believe it this particular addon causing all these problems, maybe none will notice it, but thanks to WAPPALYZER i discovered it AdBlocker Ultimate https://adblockultimate.net/ when i disabled this addon and i kept all other add-ons ON Coin Hive script was gone after reporting this bug to Wappalyzer GitHub repo, they had some problems: https://github.com/AliasIO/Wappalyzer/pull/1777#issuecomment-342202690 i think in my guess that ADDON is for free! and alot of people and me trusted them, maybe this is one of the reasons, why Wappalyzer added alot of sites false positive
-
thank you Yoan for your support I'm Tony and here is the requested files: Addition.txt FRST.txt
-
after doing some research i ended up on this conclusion: some companies using CoinHive to mine in your browser without your knowledge, how i knew it ? https://github.com/AliasIO/Wappalyzer/issues/1807 i have an addon called WAPPALYZER it shows what tech your site is made, i noticed something is confusing all websites have CoinHive plugin, EVEN GOOGLE i was WHAT! no way its a bug i went there to GITHUB i opened an issue someone told me maybe iam infected somehow with it, i was hmm that seems logic on my computer i have those antiviruses:(both are paid licenses) Malwarebyte ESET Smart Security iam reporting that neither anyone noticed it but this is a big malware issue they are using COINHIVE API to USE your CPU to MINE! i scanned many times i disabled all my plugins nothing!!!
-
ESET and Malwarebyte going crazy
961Host replied to 961Host's topic in Malwarebytes for Windows Support Forum
thank you for your reply, well i don't have problems, i have already did what you've suggested, but for my clients or in general i don't think this is a normal action to do each time, when you gonna remove a virus right? that's not a logical solution for business or personal.- 4 replies
-
- eset
- malwarebyte
-
(and 2 more)
Tagged with:
-
i discovered a confusing bug, when Malwarebytes catch a virus ESET block that file and block Malwarebytes, in the same time Malwarebytes do the same thing...
- 4 replies
-
- eset
- malwarebyte
-
(and 2 more)
Tagged with: