Jump to content

Mark_Albrosco

Members
  • Content Count

    36
  • Joined

  • Last visited

About Mark_Albrosco

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Mark_Albrosco

    Email with link to blocked site

    Completely understandable TonyCummins ...I shall wait for Zynthesist to add his "two cents". Cheers.
  2. Mark_Albrosco

    Email with link to blocked site

    Wow...thanks Tony - I've alerted the sender to what we've been experiencing. I'm guessing even the sender is unaware of that tracking mechanism embedded in the image. Should I recommend that they remove the image as it has been identified as the source of the issue?
  3. Mark_Albrosco

    Email with link to blocked site

    Below is an image of the only area that contains any links in the email - hovering over the URLs shows a link that matches the hypertext (so it's not a redirect to a bad site). The section above the contact info, is an image - hovering over it does not show any link. Would you be willing to look directly at the attachment in one of my earlier posts? Maybe I'm missing something?
  4. Mark_Albrosco

    Email with link to blocked site

    Thanks Zynthesist - the host (onlykem) is a supplier; users get email from them on occasion. As soon as the email is opened, the user receives "blocked site" notifications. They haven't clicked any links in the email, so I'm having trouble understanding what about the email is causing the attempts to launch the site. I'm suspecting maybe the images in the signature line, or something of that nature, might be the culprit? But I was hoping Malwarebytes Labs could confirm Maybe I should inform the supplier of the experience?
  5. Mark_Albrosco

    Remove PUP Crossbrowser

    @KDawg @Karland - so I got a fresh detection today of the same PUP. I checked my detection history and it's the same registry entry each time. I deleted it from quarantine again. After reading the article suggested by KDawg, I could not narrow it down to a specific browser; so I followed the steps suggested for a possible "root kit" infection. The policy for the endpoints has "Scan Rootkits" disabled; I enabled it and ran a scan of the specific device - results came back with 0 threats detected. How do I kick this up to "Support"?
  6. Good day - would like to know if the following site is actually a malicious site or is it safe: <ns-1739.awsdns-25.co.uk> IP address = 205.251.198.203 This was detected on our primary domain controller; executed by dns.exe Thanks, Mark
  7. Mark_Albrosco

    Is Spyware.Formbook a False-Positive - VSTAPROJECT.DLL

    Miekie - thanks again for the feedback.
  8. Mark_Albrosco

    Is Spyware.Formbook a False-Positive - VSTAPROJECT.DLL

    Hi Miekie - below is the status of our endpoints re: Malwarebytes Version and Protection Update Version. Is it safe to assume that the Protection Update Version is more important than the Malwarebytes engine version? There were 15 "false-positive" detections regarding VSTAPROJECT.DLL. 9 of these were in Quarantine and restored. 5 were under "Remediation Required" - I opted to remediate: will it place the file in Quarantine and allow us to restore? What can I expect to happen here? 1 was under "Detections" - submitted a fresh scan+quarantine...or is no action required here, i.e. the file just won't be detected as malware by the newer "protection versions" Malwarebytes version 3.4.5.2470 1.0.8267 Malwarebytes version 3.5.1.2600 1.0.8217 1.0.8261 1.0.8265 Malwarebytes version 3.6.1.2716 1.0.8145 1.0.8195 1.0.8201 1.0.8215 1.0.8229 1.0.8251 1.0.8253 1.0.8261 1.0.8263 1.0.8265 1.0.8267 1.0.8269 1.0.8271 1.0.8277
  9. Mark_Albrosco

    Email with link to blocked site

    Hi David - anyway to know if the analysis of the email attachment is in progress?
  10. Mark_Albrosco

    Context menu scan not launching MB scan

    @KDawg issue resolved; followed your steps to the letter and scan feature returned. Thanks again!
  11. As Malwarebytes Cloud Endpoint Protection does not automatically scan USB drives, I right click and select "Scan with Malwarebytes" from the context menu. Usually it works, but it is not launching the application. Help?
  12. Mark_Albrosco

    Remove PUP Crossbrowser

    Thanks Kalrand - I followed those steps on Thursday, and the detection returned yesterday (I repeated the delete from quarantine process this morning, see below) - any thoughts?
  13. Mark_Albrosco

    Is Spyware.Formbook a False-Positive - VSTAPROJECT.DLL

    We're using Malwarebytes Endpoint Cloud Protection. I ran the Asset Summary report for the managed Endpoints - the spreadsheet has Software Version (Endpoint Agent and Malwarebytes version 3.6.1.xxxx), as well as a Protection Update Version column. Would I be correct in assuming the database information is under the Protection Update Version column? If so then a number of my endpoints still need updating to the last published database. I may have to force an update?
  14. Mark_Albrosco

    Is Spyware.Formbook a False-Positive - VSTAPROJECT.DLL

    Mieke - is there anything I can check to make sure that the "false-positives" won't reappear after the file is restored?
  15. Mark_Albrosco

    Is Spyware.Formbook a False-Positive - VSTAPROJECT.DLL

    Thank you for your usual prompt...not mention stress relieving...response. Have a good day.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.