Dapto

Hi again! Feels a bit like whack-a-mole here 🙃 There are far fewer warnings now, but a new one's come up for music.hyperreal[.]org. This one might be real since hyperreal's been rogue for a long time. Could you please have a look at it? Attached is the latest log file. MBAMSERVICE (4).zip

I let this go for a few days to give you a chance to update the software. I've just updated MWB, restarted the PC and ran an analysis with BeaTunes. This time MWB seems to be blocking a site called www.lyricsmusica[.]it . It seems to be the same problem caused by another website that BeaTunes calls for data. Attached is today's log file. MBAMSERVICE (3).zip

Thanks! I'll be able to test it later today.

Here's the log file. I ran BeaTunes just before zipping to provoke some new data. MBAMSERVICE.zip

Hi! I've just restarted the PC and started analysis with BeaTunes - and it produces the same warnings as before. Either port 80 or 443 is mentioned in the warnings. BeaTunes blocked v3 port 80.txt BeaTunes blocked v2 port 443.txt

I've been using BeaTunes for years, and the current version hasn't been updated since late January 2023. Today MWB has been blocking outgoing traffic (RTP) from the BeaTunes .exe file. MWB says it's blocking a website, but it doesn't include a URL in the report, just the .exe file. To remediate, I first added the .exe file, and then the whole BeaTunes folder to the Exclusions list, but MWB continues to block it. Also restarted the PC and checked for updates for both MWB and Beatunes, but no change. I expect this is an FP. Can you look into it please? BeaTunes blocked.txt

Thanks!

With Malwarebytes I'm getting what I believe to be fp's with parts of Code 42's Crashplan. When I quarantine the files Crashplan no longer can connect to its server and back-ups stop. Here's the threat scan log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 11/30/19 Scan Time: 3:33 PM Log File: 6db1e7ee-137e-11ea-8a73-0c9d92c2ca0c.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.764 Update Package Version: 1.0.15578 License: Premium -System Information- OS: Windows 10 (Build 18362.476) CPU: x64 File System: NTFS -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 296527 Threats Detected: 2 Threats Quarantined: 0 Time Elapsed: 0 min, 42 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 1 Trojan.Starter.E.Generic, HKU\S-1-5-21-951794708-1484855528-2252583993-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CRASHPLANSERVICEUSER, No Action By User, 6662, 767369, 1.0.15578, , ame, Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Trojan.Starter.E.Generic, C:\USERS\MARK\APPDATA\LOCAL\PROGRAMS\CRASHPLAN\CRASHPLANSERVICE.VBS, No Action By User, 6662, 767369, , , , Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)