[Malwarebytes Browser Guard doesn't like my.malwarebytes]

The Markup Blacklight scan suggests "forum.malwarebytes.com sends information to Alphabet.  
Does a BG tracker detect correspond with a BG tracker block? 
Does a detect always mean a block? 
Might BG detect an already blocked (by other) tracker? 
Does BG only report a tracker that BG actually blocked? 

[browser.pipe.aira.microsoft.com]

Thanks

[Malwarebytes Browser Guard doesn't like my.malwarebytes]

On 5/20/2020 at 8:25 PM, tonguetwister said:

Hell, even this forum racks up five for www.googletagmanager.com

as test -
Firefox Tracking Protection - Strict
uBlock Origin - 22 filters checked

Does BG detect/block google marketing tags on 'forums.malwarebytes.com' because BG happens to see "googletagmanager" before Firefox & uBlock Origin....or, ....BG is better than Firefox Tracking Protection + uBlock Origin 22 filters.   Maybe, Firefox + uBlock Origin allow "googletagmanager"? 

btw ~ same observation with Edge Tracking Prevention - Strict + uBlock Origin - 22 filters.  

Curious....BG sees "googletagmanager" before Firefox & uBlock Origin..... or ___________?
Thanks

[browser.pipe.aira.microsoft.com]

2 hours ago, gatortail said:

The reason browser.pipe.aira.microsoft.com was blocked even with Ads/Trackers off is because it was flagged as malicious, not as an Ad or Tracker.  That is why it was shown in red with a little bug to the left.  It didn't require a complete page block because the call could just be skipped.  I'm guessing research reviewed that item and updated how it's categorized.  

Hmm, numbers on BG button for - "malicious" - Malware category? 
Thanks for your interest n' info.  

[browser.pipe.aira.microsoft.com]

4 minutes ago, Porthos said:

Key word is WAS.

Yes, "was".   
head scratch 😕
Regards w Respect

[browser.pipe.aira.microsoft.com]

2 minutes ago, Porthos said:

I use Firefox 98%of the time.😉

So, BG from Firefox was reporting ...browser.pipe.aira.microsoft.com ...too. 
Just seemed odd, for me, to see numbers on BG toolbar button. 
Seeing numbers on BG button made me curious.  

[browser.pipe.aira.microsoft.com]

10 minutes ago, Porthos said:

Mine is gone now as well. I do have all options on though.

Yeah, I tried with Ads/Trackers on when I was seeing ....browser.pipe.aira.microsoft.com ...trying to understand why Ads/Trackers off was reporting ....browser.pipe.aira.microsoft.com.  
I run uBlock Origin.  I run Edge Tracking Prevention off and BG Ads/Trackers off.  Just me. 
Thanks

[browser.pipe.aira.microsoft.com]

2 minutes ago, gonzo said:

I asked one of our devs for his input on the subject.  This is a brand new tracker, and I don't have enough knowledge of it or its behavior to speak intelligently on the subject.

Okay....Thanks for your interest.   
FWIW ~ at this time "Nothing to block"

Something updated/changed my side or your side? 
Thanks again for Malwarebytes Community interest.  

[browser.pipe.aira.microsoft.com]

Um, so with Ads/Trackers off. 
BG still reports trackers ? 
BG still blocks trackers ?

I imagined Ads/Trackers turned off globally....turned off Ads/Trackers.
Please explain.....

[browser.pipe.aira.microsoft.com]

and now "29" ....29 what ?
 

[browser.pipe.aira.microsoft.com]

Hi
I'm curious what's "browser.pipe.aira.microsoft.com ?  Malware | Scam | PUP ?
What does "Total 18" represent ?  18 what ?
Note: I have Ads/Trackers off globally.  

Thanks

[I've a problem with a "Generic.Malware.Suspicius" program.]

-Log Details-
Scan Date: 4/1/21
Scan Time: 8:10 PM
Log File: e2f7f396-9347-11eb-b849-3c2c30e5a972.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1236
Update Package Version: 1.0.38996
License: Premium

-System Information-
OS: Windows 10 (Build 19042.804)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 344653
Threats Detected: 0
Threats Quarantined: 0

[I've a problem with a "Generic.Malware.Suspicius" program.]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/1/21
Scan Time: 2:34 PM
Log File: efe1802e-9318-11eb-863c-3c2c30e5a972.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1236
Update Package Version: 1.0.38982
License: Premium

-System Information-
OS: Windows 10 (Build 19042.804)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 344869
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 1 min, 57 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Generic.Malware/Suspicious, C:\USERS\BJM\DESKTOP\ASSASSINS.CREED.VALHALLA_V1.0.2-V1.2.0_PLUS_19.TRAINER-FLING.ZIP, No Action By User, 0, 392686, 1.0.38982, , shuriken, , 16AFF4E61BDD648DA01DF3A3C03C7479, 3B6CA12F75F88B8EA8AB32B5FF22A73BC7145F27263AD21E973243F656FC5EA3
Generic.Malware/Suspicious, C:\USERS\BJM\DESKTOP\ASSASSINS CREED VALHALLA V1.0.2-V1.2.0 PLUS 19 TRAINER.EXE, No Action By User, 0, 392686, 1.0.38982, , shuriken, , 73B81E1864C485FCF12BD1648BBEC00A, C2D011739B7DD167D983B572E63F05A0C0E0456BCAA1B08E922D6339AACB2648

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

[I've a problem with a "Generic.Malware.Suspicius" program.]

Yes, I had "expert system algorithms" On.

Now, with "expert system algorithms" Off.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/1/21
Scan Time: 1:45 AM
Log File: 7e7af03e-92ad-11eb-b6e7-3c2c30e5a972.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1236
Update Package Version: 1.0.38962
License: Premium

-System Information-
OS: Windows 10 (Build 19042.804)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 344915
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 1 min, 51 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

File: 2
Generic.Malware/Suspicious, C:\USERS\BJM\DESKTOP\ASSASSINS.CREED.VALHALLA_V1.0.2-V1.2.0_PLUS_19.TRAINER-FLING.ZIP, Quarantined, 0, 392686, 1.0.38962, , shuriken, , 16AFF4E61BDD648DA01DF3A3C03C7479, 3B6CA12F75F88B8EA8AB32B5FF22A73BC7145F27263AD21E973243F656FC5EA3
Generic.Malware/Suspicious, C:\USERS\BJM\DESKTOP\ASSASSINS CREED VALHALLA V1.0.2-V1.2.0 PLUS 19 TRAINER.EXE, Quarantined, 0, 392686, 1.0.38962, , shuriken, , 73B81E1864C485FCF12BD1648BBEC00A, C2D011739B7DD167D983B572E63F05A0C0E0456BCAA1B08E922D6339AACB2648

(end)

[I've a problem with a "Generic.Malware.Suspicius" program.]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/1/21
Scan Time: 1:16 AM
Log File: 5d58815e-92a9-11eb-b05d-3c2c30e5a972.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1236
Update Package Version: 1.0.38962
License: Premium

-System Information-
OS: Windows 10 (Build 19042.804)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 0 min, 25 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, C:\USERS\BJM\DESKTOP\ASSASSINS CREED VALHALLA V1.0.2-V1.2.0 PLUS 19 TRAINER.EXE, No Action By User, 0, 392686, 1.0.38962, , shuriken, , 73B81E1864C485FCF12BD1648BBEC00A, C2D011739B7DD167D983B572E63F05A0C0E0456BCAA1B08E922D6339AACB2648

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

[I've a problem with a "Generic.Malware.Suspicius" program.]

[I've a problem with a "Generic.Malware.Suspicius" program.]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/31/21
Scan Time: 9:14 PM
Log File: aa45203e-9287-11eb-887a-3c2c30e5a972.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1236
Update Package Version: 1.0.38954
License: Premium

-System Information-
OS: Windows 10 (Build 19042.804)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 1
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 0 min, 21 sec

-Scan Options-
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, C:\USERS\BJM\DESKTOP\ASSASSINS CREED VALHALLA V1.0.2-V1.2.0 PLUS 19 TRAINER.EXE, Quarantined, 0, 392686, 1.0.38954, , shuriken, , 73B81E1864C485FCF12BD1648BBEC00A, C2D011739B7DD167D983B572E63F05A0C0E0456BCAA1B08E922D6339AACB2648

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

[Malware.AI.1254230990]

5 minutes ago, Porthos said:

You are correct about the following.

Malwarebytes has no control on the Virus Total results. They usually change (get removed) after several days.

Okay....regarding "no control on the Virus Total results".

My understanding .... Malwarebytes command-line engine employs different configuration and detection techniques/heuristics which might detect more than the commercial product. Malwarebytes employs false-positive suppression mechanisms in the commercial product which are not present in the Virus Total command-line engine.

With my opening post Malware.AI.1254230990 detection was reported with my Malwarebytes commercial product, as with Virus Total.  
So, either AI detection evolved over time or Malwarebytes manually changed detection with commercial product.  

Thanks

 

[Malware.AI.1254230990]

Yes, (same) sample is not detected locally.

Version: 4.3.0.98
Components Version: 1.0.1217
Update Package Version: 1.0.38391
License: Premium
Objects Scanned: 1
Threats Detected: 0

[Malware.AI.1254230990]

Please confirm Malware.AI.1254230990 detection (consumer product) has changed. 

Thank you

 

 

[Malware.AI.1254230990]

Please advise has AI detection been fixed?....remains under review?

Malwarebytes static scan
Version: 4.3.0.98
Components Version: 1.0.1217
Update Package Version: 1.0.38351
License: Premium
Objects Scanned: 1
Threats Detected: 0

File: tomb4.exe
File size: 1.77 MB (1,851,392 bytes)
MD5 checksum: 1D97D0BDE7A64CB81DEB31F547B471A1
SHA1 checksum: 403522D7E43F9508D082F5B83ACDBFC4FA5F312D
SHA256 checksum: 4AC9D22DC556E4D485C8A1E46FD556311605D4D4AB414A24ED7CA19211FB811A

My understanding is that VirusTotal uses the command-line scanner versions of the products that support VirusTotal. Some of the solutions included in VirusTotal are configured according to the parameters requested by the vendor, with a more aggressive level of heuristic detection than the official end-user default configuration would offer. 

[Malware.AI.1254230990]

https://www.virustotal.com/gui/file/4ac9d22dc556e4d485c8a1e46fd556311605d4d4ab414a24ed7ca19211fb811a/detection

Please confirm AI detection.
Thanks

Malware.AI.1254230990.txt tomb4.zip

[Malware.AI.896372918]

[Malware.AI.896372918]

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1173
Update Package Version: 1.0.38053
License: Premium

-System Information-
OS: Windows 10 (Build 19042.804)
CPU: x64
File System: NTFS
User: DESKTOP-DELL\bjm

File: 1
Malware.AI.896372918, C:\USERS\BJM\DESKTOP\0.7.2 - 5.49.0\SANDBOXIE-PLUS-X64-V0.7.2.EXE, No Action By User, 1000000, 0, 1.0.38053, FDD3A3D8DB903DFA356D90B6, dds, 01154351, 1BCE5F2B705F0BB24CAC84E85D797AF7, 7EE710C0182215B2C8C51F39708E7C83F63CB08183BC55A8B71F8C9351DE6678

 

[Website blocked: anonfiles.com]

Website blocked due to phishing

Website blocked: anonfiles.com

Malwarebytes Browser Guard blocked this website because it may contain malware activity.