-
Posts
175 -
Joined
Content Type
Events
Profiles
Forums
Posts posted by bjm
-
-
-
-
Please review.
Browser Guard
Website blocked due to trojan
Website blocked: www.savolinna.com
Malwarebytes Browser Guard blocked this website because it may contain malware activity.
-
Website blocked due to suspicious content
Download blocked: https://www.pulsarmodular.com/wp-content/uploads/2021/12/P42-Climax-V2_0_4-WIN-UT.zip
Malwarebytes Browser Guard scans downloads started in the browser and may block/remove the item if it looks suspicious.
--------------------------------
Please confirm. Thanks
----------------------------------
Filename: P42 Climax.exe
Developers
Pulsar Novation Bilgisayar ve Programcılık Hiz. Tic. Ltd. Şti.File Thumbprint - SHA:
153e7155a93120dc62063d23fd5eba4bc0ee961abe51ce2b1143bc9e9926b958
File Thumbprint - MD5:
5194c88fb96e1dd4f474b934ea2710b1 -
Website blocked due to trojan
Website blocked: www.westvolusiaaudubon.org
Malwarebytes Browser Guard blocked this website because it may contain malware activity.
Please confirm.
Thanks
-
Please review: Thanks
------------------------------------Website blocked due to trojan
Website blocked: www.exactlly.com
Malwarebytes Browser Guard blocked this website because it may contain malware activity.
We strongly recommend you do not continue.
-
Website blocked due to riskware
Website blocked: www.dcreport.org
Malwarebytes Browser Guard blocked this website because it may contain malware activity.
-
FWIW ~ file from ID:1481144 & file from ID:1481209 = 17,003 KB ... my side.
-
-
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 7/21/21
Scan Time: 4:37 PM
Log File: 73577a48-ea63-11eb-a8c6-3c2c30e5a972.json-Software Information-
Version: 4.4.3.125
Components Version: 1.0.1387
Update Package Version: 1.0.43349-System Information-
OS: Windows 10 (Build 19043.1083)
CPU: x64
File System: NTFS
User: DESKTOP-DELL-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 0 min, 12 sec-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect-Scan Details-
File: 1
RiskWare.BitCoinMiner, C:\PROGRAM FILES\NORTON SECURITY\ENGINE\22.21.6.51\NCRYPT.EXE, No Action By User, 917, 868256, 1.0.43349, 9D5E4754B893B8AF0DD2912D, dds, 01343013, AB3D8AA84421227F5E9C69AB8F62AA16, C68BEEE19034D32B2BAFF25B470E8617EA3139D0715B50C8D8C40D90636E6DC4_________________________________________
Filename: NCrypt.exe
Full Path: C:\Program Files\Norton Security\Engine\22.21.6.51\NCrypt.exeDevelopers
NortonLifeLock Inc.Version
1.0.0.33Identified
7/20/2021 at 10:16:11 AMLast Used
Not AvailableStartup Item
NoFew Users
Hundreds of users in the Norton Community have used this file.Very New
This file was released less than 1 week ago.Good
Norton has given this file a favorable rating.Source File:
NCrypt.exeFile Thumbprint - SHA:
c68beee19034d32b2baff25b470e8617ea3139d0715b50c8d8c40d90636e6dc4
File Thumbprint - MD5:
ab3d8aa84421227f5e9c69ab8f62aa16 -
6bb92709e160a8410cd2fb465c40ddf6fd7b9d8891473fcc69760a2caa5b4918
-
-
2 hours ago, brad03 said:
Do continents of the sandbox get automatically deleted now where before you had to do it manually after process termination?
Automatically delete contents of sandbox... works, for me.
-
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 5/9/21
Scan Time: 4:23 AM
Log File: c4f6b484-b09f-11eb-a722-3c2c30e5a972.json-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1292
Update Package Version: 1.0.40246
License: Premium-System Information-
OS: Windows 10 (Build 19042.928)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 345396
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 3 min, 53 sec-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect-Scan Details-
Process: 0
(No malicious items detected)Module: 0
(No malicious items detected)Registry Key: 0
(No malicious items detected)Registry Value: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Data Stream: 0
(No malicious items detected)Folder: 0
(No malicious items detected)File: 1
Malware.AI.4144071842, C:\WINDOWS\INSTALLER\1FE99B.MSI, No Action By User, 1000000, 0, 1.0.40246, 41DC257937C73BC7F70184A2, dds, 01237346, 65CF6E856D008DC8E116A1655E68D48C, 6CDDF2621BB7DDA55C97AB227FA697C3D3B98A04789D85C35FCEB7A757D38F3BPhysical Sector: 0
(No malicious items detected)WMI: 0
(No malicious items detected)
(end) -
I hear ya'
Okay by me if you consider "Website blocked: extensions" closed.
-
FWIW ~ I'm not reproducing since 2.2.24.
IDK if "Website blocked: extensions" was sorted with 2.2.24 or "Website blocked: extensions" was sorted with my BG uninstall/install for my Ads/Trackers issue.
Thanks
-
another uninstall/install to sort community.norton.com
-
community.norton.com does not recognize Ad/Trackers global off?
-
20 minutes ago, gonzo said:
Short of an uninstall/reinstall, I do not believe there is any provision for that.
Okay. Thanks
I'd like to see feature to turn off showing number of blocked requests on the icon and Statistics reset.
Thanks again........ -
Um, how may I reset Statistics?
-
-
-
FWIW ~Hybrid Analysis Overview for sample in opening post.
-
Advanced Exploit Protection
in Resolved Malware Removal Logs
Posted
btw ~
I see the same before and after boxes as OP posted here.
I see "after" check'd boxes - uncheck'd after machine restart.