Jump to content

bjm

Honorary Members
  • Posts

    135
  • Joined

Everything posted by bjm

  1. Website blocked due to riskware Website blocked: www.dcreport.org Malwarebytes Browser Guard blocked this website because it may contain malware activity.
  2. FWIW ~ file from ID:1481144 & file from ID:1481209 = 17,003 KB ... my side.
  3. FWIW ~ file from https://forums.malwarebytes.com/topic/279076-microsoft-security-flagged/?do=findComment&comment=1481209
  4. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/21/21 Scan Time: 4:37 PM Log File: 73577a48-ea63-11eb-a8c6-3c2c30e5a972.json -Software Information- Version: 4.4.3.125 Components Version: 1.0.1387 Update Package Version: 1.0.43349 -System Information- OS: Windows 10 (Build 19043.1083) CPU: x64 File System: NTFS User: DESKTOP-DELL -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 12 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- File: 1 RiskWare.BitCoinMiner, C:\PROGRAM FILES\NORTON SECURITY\ENGINE\22.21.6.51\NCRYPT.EXE, No Action By User, 917, 868256, 1.0.43349, 9D5E4754B893B8AF0DD2912D, dds, 01343013, AB3D8AA84421227F5E9C69AB8F62AA16, C68BEEE19034D32B2BAFF25B470E8617EA3139D0715B50C8D8C40D90636E6DC4 _________________________________________ Filename: NCrypt.exe Full Path: C:\Program Files\Norton Security\Engine\22.21.6.51\NCrypt.exe Developers NortonLifeLock Inc. Version 1.0.0.33 Identified 7/20/2021 at 10:16:11 AM Last Used Not Available Startup Item No Few Users Hundreds of users in the Norton Community have used this file. Very New This file was released less than 1 week ago. Good Norton has given this file a favorable rating. Source File: NCrypt.exe File Thumbprint - SHA: c68beee19034d32b2baff25b470e8617ea3139d0715b50c8d8c40d90636e6dc4 File Thumbprint - MD5: ab3d8aa84421227f5e9c69ab8f62aa16
  5. 6bb92709e160a8410cd2fb465c40ddf6fd7b9d8891473fcc69760a2caa5b4918 Messenger Plus! https://www.virustotal.com/gui/file/6bb92709e160a8410cd2fb465c40ddf6fd7b9d8891473fcc69760a2caa5b4918/detection
  6. Automatically delete contents of sandbox... works, for me.
  7. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/9/21 Scan Time: 4:23 AM Log File: c4f6b484-b09f-11eb-a722-3c2c30e5a972.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1292 Update Package Version: 1.0.40246 License: Premium -System Information- OS: Windows 10 (Build 19042.928) CPU: x64 File System: NTFS User: DESKTOP-DELL\bjm -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 345396 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 3 min, 53 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4144071842, C:\WINDOWS\INSTALLER\1FE99B.MSI, No Action By User, 1000000, 0, 1.0.40246, 41DC257937C73BC7F70184A2, dds, 01237346, 65CF6E856D008DC8E116A1655E68D48C, 6CDDF2621BB7DDA55C97AB227FA697C3D3B98A04789D85C35FCEB7A757D38F3B Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  8. I hear ya' Okay by me if you consider "Website blocked: extensions" closed.
  9. FWIW ~ I'm not reproducing since 2.2.24. IDK if "Website blocked: extensions" was sorted with 2.2.24 or "Website blocked: extensions" was sorted with my BG uninstall/install for my Ads/Trackers issue. Thanks
  10. another uninstall/install to sort community.norton.com
  11. community.norton.com does not recognize Ad/Trackers global off?
  12. Okay. Thanks I'd like to see feature to turn off showing number of blocked requests on the icon and Statistics reset. Thanks again........
  13. FWIW ~Hybrid Analysis Overview for sample in opening post. https://www.hybrid-analysis.com/sample/5c61c0c5c1f57a25b0ce0924d043e7e1c42c7f9287420364703662453c0131c1
  14. When I enable Malwarebytes Browser Guard >
  15. The Markup Blacklight scan suggests "forum.malwarebytes.com sends information to Alphabet. Does a BG tracker detect correspond with a BG tracker block? Does a detect always mean a block? Might BG detect an already blocked (by other) tracker? Does BG only report a tracker that BG actually blocked?
  16. as test - Firefox Tracking Protection - Strict uBlock Origin - 22 filters checked Does BG detect/block google marketing tags on 'forums.malwarebytes.com' because BG happens to see "googletagmanager" before Firefox & uBlock Origin....or, ....BG is better than Firefox Tracking Protection + uBlock Origin 22 filters. Maybe, Firefox + uBlock Origin allow "googletagmanager"? btw ~ same observation with Edge Tracking Prevention - Strict + uBlock Origin - 22 filters. Curious....BG sees "googletagmanager" before Firefox & uBlock Origin..... or ___________? Thanks
  17. Hmm, numbers on BG button for - "malicious" - Malware category? Thanks for your interest n' info.
  18. Yes, "was". head scratch 😕 Regards w Respect
  19. So, BG from Firefox was reporting ...browser.pipe.aira.microsoft.com ...too. Just seemed odd, for me, to see numbers on BG toolbar button. Seeing numbers on BG button made me curious.
  20. Yeah, I tried with Ads/Trackers on when I was seeing ....browser.pipe.aira.microsoft.com ...trying to understand why Ads/Trackers off was reporting ....browser.pipe.aira.microsoft.com. I run uBlock Origin. I run Edge Tracking Prevention off and BG Ads/Trackers off. Just me. Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.