[Possible FP related to Xiaomi page?]

 @DashkeVery welcome I take it this means it was indeed a FP?

[Possible FP related to Xiaomi page?]

Thanks @Dashke how soon do you think we will know for sure?

[Possible FP related to Xiaomi page?]

visiting 

https://www.mi.com 

gave me the following detection may be related to a cdn they use?

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2022-11-24
Protection Event Time: 11:44 AM
Log File: bd870302-6c0a-11ed-b5d6-9c5c8e3e5192.json

-Software Information-
Version: 4.5.17.221
Components Version: 1.0.1806
Update Package Version: 1.0.62728
License: Premium

-System Information-
OS: Windows 10 (Build 19044.2251)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: i01.appmifile.com.wsglb0.com
IP Address: 157.185.165.41
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

 

[Possible false positive on company server]

This  detection appeared  while attempting to access the cPanel address of the hosting provider I work for if this  is legitimate please let me know so we can take action if needed..

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2022-11-10
Protection Event Time: 1:25 PM
Log File: 7fa5cd4a-6118-11ed-b13f-9c5c8e3e5192.json

-Software Information-
Version: 4.5.17.221
Components Version: 1.0.1806
Update Package Version: 1.0.62104
License: Premium

-System Information-
OS: Windows 10 (Build 19044.2251)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Compromised
Domain: wolverine.server-protocol.com
IP Address: 192.169.82.134
Port: 2083
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

 

[looking-glass.io]

Virus Total

https://www.virustotal.com/gui/url/2b36775ad14fa3921ec91a2b76e0615aa8f059ffc5c585172f84246a1ca52834?nocache=1

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/20/22
Protection Event Time: 6:44 PM
Log File: 6c047b77-929a-11ec-a72b-10bf487f7f03.json

-Software Information-
Version: 4.5.2.157
Components Version: 1.0.1562
Update Package Version: 1.0.51421
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1526)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: looking-glass.io
IP Address: 139.99.244.113
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

[.lazygamereviews.com]

Please review the following

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/9/21
Protection Event Time: 7:38 PM
Log File: f799af9c-41b1-11ec-8bb7-10bf487f7f03.json

-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.47030
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1288)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: www.lazygamereviews.com
IP Address: 192.252.149.19
Port: 80
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

https://www.virustotal.com/gui/url/c4dab318ad6f44eb7af2a9420e08b7597518ba3b22357d5a09931d9be4045030

 

[Possible FP Website block]

SHP is the first place to turn to for technical with the Sierra/Sierra Family classic games. It hosts most of the official patches from the original Sierra FTP server. SHP has been a resource for GOG. Some of the GOG releases were a collaborative with Collector of The Sierra Help Pages. SHP is also home to the new installers that ease the setup of these classics on modern PCs. 

https://www.virustotal.com/gui/url/67a108ec497a7c24e58e1c55b2370a1b5f6531ffd33374568af4005587015ed8

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/10/21
Protection Event Time: 4:46 PM
Log File: 1b91b280-4263-11ec-8df9-10bf487f7f03.json

-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.47054
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1288)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: sierrahelp.com
IP Address: 143.95.253.117
Port: 80
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

Note from website owner when i made them aware

"Not much that I can do about that. It is a false positive because of the installers that are scripted with NSIS. Malwarebytes flags NSIS installers because malware authors have used it to deliver their "goods". The only thing that I can do is either to remove the installers or spend a lot to sign them, which I am not not going to do for just a hobby."

 

 

[Please analyze wcnews.com]

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/28/21
Protection Event Time: 12:11 PM
Log File: ef02f26e-efb1-11eb-9bce-10bf487f7f03.json

-Software Information-
Version: 4.4.3.125
Components Version: 1.0.1387
Update Package Version: 1.0.43650
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1110)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: wcnews.com
IP Address: 184.173.25.96
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

VT:

https://www.virustotal.com/gui/url/6b4a7a76a3a7ea5be82e37e8630a7e6aac54eea9561b5bbacfba5dd9014685ea/detection

 

[Please review - similarworlds.com]

https://www.virustotal.com/gui/url/b9b5375c112a2ef931afefbaaac6373685376af8b873c7717317caf82d81eb16/detection

[Please review - similarworlds.com]

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 3/4/21
Protection Event Time: 1:30 PM
Log File: 25909e2c-7d0b-11eb-a2fe-10bf487f7f03.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1173
Update Package Version: 1.0.37781
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1379)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: similarworlds.com
IP Address: 162.0.210.143
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

[Malwarebytes blocking Vivaldi affiliate link for instacart]

 your right all good with latest update thank you

[Malwarebytes blocking Vivaldi affiliate link for instacart]

@portnos thanks can you ask someone to look at that particular link though

[Malwarebytes blocking Vivaldi affiliate link for instacart]

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/8/20
Protection Event Time: 12:59 PM
Log File: 9ba4fd57-3972-11eb-aa12-10bf487f7f03.json

-Software Information-
Version: 4.2.3.96
Components Version: 1.0.1122
Update Package Version: 1.0.34085
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1198)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Users\Branden\AppData\Local\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: RiskWare
Domain: www.ojrq.net
IP Address: 34.95.127.121
Port: 443
Type: Outbound
File: C:\Users\Branden\AppData\Local\Vivaldi\Application\vivaldi.exe

(end)

Blocked Url was

https://www.ojrq.net/p/?return=https%3A%2F%2Finstacart.oloiyb.net%2Fc%2F1434500%2F415003%2F7412%3FsubId1%3D916d7502a9a967cae45a4fe9885f9675%26level%3D1%26srcref%3Dhttps%253A%252F%252Fww55.siteplug.com%252Ffb_veve.php%253Fenk%253D34c8221c58596c1d64c2d6013730c1600201cd87a5370ef0%2526fb%253D916d7502a9a967cae45a4fe9885f9675%2526setup%253Dql%2526csk%253Dujl09%2526site_id%253D53105&cid=7412&tpsync=yes

[keshande.com please check]

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 10/9/20
Protection Event Time: 12:48 PM
Log File: abbe2e42-0a42-11eb-936e-10bf487f7f03.json

-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1045
Update Package Version: 1.0.31046
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1082)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: keshande.com
IP Address: 192.169.82.134
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

[Top.gg]

Unsure if this is  false at this point but top.gg is a very popular and normally safe site for discord bots

https://www.virustotal.com/gui/url/23f371d399493183ce1b01df06a38779d9275f471ff08c95e7a6dae98a6f1873/detection

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 9/22/20
Protection Event Time: 3:02 PM
Log File: 93b21cb0-fcf9-11ea-b808-10bf487f7f03.json

-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1045
Update Package Version: 1.0.30252
License: Premium

-System Information-
OS: Windows 10 (Build 18362.1082)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: top.gg
IP Address: 104.16.173.56
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe

(end)

[BSOD for emsisoft users caused by malwarebytes]

@Porthos thanks for the reply however this has never been a issue until recently and we have every indication that the fault is with malwarebytes  in the interest of product harmony we need a fix here I still view malwarebytes  as companion product it is simoly not up to the standard of a full solution but i still love it   

[BSOD for emsisoft users caused by malwarebytes]

Can this please be addressed as a loyal user of both products  i feel this has not been acknowledged nor addressed fast enough please see 

https://support.emsisoft.com/topic/33669-possible-program-conflict-leading-to-bsod/

 and 

https://support.emsisoft.com/topic/33153-facing-issues-with-bsod-on-pc/

[Foobar2000]

I added 2 files the latest stable verson 1.5.5 and the detection  1.5.4 as you can see foobar is always packed in the same installer type in the same way with the same components and has been for over 17 years

 

 

foobar2000_v1.5.4.zip foobar2000_v1.5.5.zip

[Foobar2000]

Program

foobar2000

obar2000 is a freeware audio player for Microsoft Windows, iOS and Android developed by Peter Pawłowski.

this program is over 17 years old in development and trusted by millions I do not know why Malwayebytes continues to detect older trusted programs

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/4/20
Scan Time: 3:00 PM
Log File: ff9dcb80-be1b-11ea-ab1c-10bf487f7f03.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.972
Update Package Version: 1.0.26415
License: Premium

-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 275776
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 2 min, 57 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.4206814736, C:\USERS\ysername\DOWNLOADS\FOOBAR2000_V1.5.4.EXE, No Action By User, 1000000, 0, 1.0.26415, 8DBDD7F267BC453FFABEE610, dds, 00792905

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

 

[Acoustica Pianissimo]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/22/19
Scan Time: 2:03 PM
Log File: 309e6fd5-24e1-11ea-b51b-10bf487f7f03.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.785
Update Package Version: 1.0.16584
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 304184
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 5 min, 42 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
Adware.DownloadAssistant, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Pianissimo, No Action By User, 7842, 776321, , , , 

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\PIANISSIMO\UNWISE.EXE, No Action By User, 7842, 776321, 1.0.16584, , ame, 

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

 

 

product link

https://acoustica.com/products/pianissimo

 

[Cant find liftime key after clean install]

ok really not sure what happened however collected keys from CB and then made a MBAM   account so they will not get lost again 

[Cant find liftime key after clean install]

there doesnt seem to be thats the issue what is the file name ?

[Cant find liftime key after clean install]

the clan log said that 

[Cant find liftime key after clean install]

no unfortunate;y  it saysThe license key of Malwarebytes for Windows was backed up successfully. but i dont see it

[Cant find liftime key after clean install]

This should be a rather simple thing but im unsure what to do