asianmusicguy
-
Posts
289 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by asianmusicguy
-
-
Thanks @Dashke how soon do you think we will know for sure?
-
visiting
https://www.mi.comgave me the following detection may be related to a cdn they use?Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 2022-11-24
Protection Event Time: 11:44 AM
Log File: bd870302-6c0a-11ed-b5d6-9c5c8e3e5192.json-Software Information-
Version: 4.5.17.221
Components Version: 1.0.1806
Update Package Version: 1.0.62728
License: Premium-System Information-
OS: Windows 10 (Build 19044.2251)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: i01.appmifile.com.wsglb0.com
IP Address: 157.185.165.41
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
-
This detection appeared while attempting to access the cPanel address of the hosting provider I work for if this is legitimate please let me know so we can take action if needed..
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 2022-11-10
Protection Event Time: 1:25 PM
Log File: 7fa5cd4a-6118-11ed-b13f-9c5c8e3e5192.json-Software Information-
Version: 4.5.17.221
Components Version: 1.0.1806
Update Package Version: 1.0.62104
License: Premium-System Information-
OS: Windows 10 (Build 19044.2251)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Compromised
Domain: wolverine.server-protocol.com
IP Address: 192.169.82.134
Port: 2083
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
-
Virus Total
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 2/20/22
Protection Event Time: 6:44 PM
Log File: 6c047b77-929a-11ec-a72b-10bf487f7f03.json-Software Information-
Version: 4.5.2.157
Components Version: 1.0.1562
Update Package Version: 1.0.51421
License: Premium-System Information-
OS: Windows 10 (Build 19042.1526)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: looking-glass.io
IP Address: 139.99.244.113
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
-
Please review the following
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 11/9/21
Protection Event Time: 7:38 PM
Log File: f799af9c-41b1-11ec-8bb7-10bf487f7f03.json-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.47030
License: Premium-System Information-
OS: Windows 10 (Build 19042.1288)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: www.lazygamereviews.com
IP Address: 192.252.149.19
Port: 80
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
https://www.virustotal.com/gui/url/c4dab318ad6f44eb7af2a9420e08b7597518ba3b22357d5a09931d9be4045030
-
SHP is the first place to turn to for technical with the Sierra/Sierra Family classic games. It hosts most of the official patches from the original Sierra FTP server. SHP has been a resource for GOG. Some of the GOG releases were a collaborative with Collector of The Sierra Help Pages. SHP is also home to the new installers that ease the setup of these classics on modern PCs.
https://www.virustotal.com/gui/url/67a108ec497a7c24e58e1c55b2370a1b5f6531ffd33374568af4005587015ed8
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 11/10/21
Protection Event Time: 4:46 PM
Log File: 1b91b280-4263-11ec-8df9-10bf487f7f03.json-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.47054
License: Premium-System Information-
OS: Windows 10 (Build 19042.1288)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: sierrahelp.com
IP Address: 143.95.253.117
Port: 80
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
Note from website owner when i made them aware
"Not much that I can do about that. It is a false positive because of the installers that are scripted with NSIS. Malwarebytes flags NSIS installers because malware authors have used it to deliver their "goods". The only thing that I can do is either to remove the installers or spend a lot to sign them, which I am not not going to do for just a hobby."
-
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 7/28/21
Protection Event Time: 12:11 PM
Log File: ef02f26e-efb1-11eb-9bce-10bf487f7f03.json-Software Information-
Version: 4.4.3.125
Components Version: 1.0.1387
Update Package Version: 1.0.43650
License: Premium-System Information-
OS: Windows 10 (Build 19042.1110)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: wcnews.com
IP Address: 184.173.25.96
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
VT:
-
-
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 3/4/21
Protection Event Time: 1:30 PM
Log File: 25909e2c-7d0b-11eb-a2fe-10bf487f7f03.json-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1173
Update Package Version: 1.0.37781
License: Premium-System Information-
OS: Windows 10 (Build 18362.1379)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: similarworlds.com
IP Address: 162.0.210.143
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
-
your right all good with latest update thank you
-
@portnos thanks can you ask someone to look at that particular link though
-
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 12/8/20
Protection Event Time: 12:59 PM
Log File: 9ba4fd57-3972-11eb-aa12-10bf487f7f03.json-Software Information-
Version: 4.2.3.96
Components Version: 1.0.1122
Update Package Version: 1.0.34085
License: Premium-System Information-
OS: Windows 10 (Build 18362.1198)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Users\Branden\AppData\Local\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: RiskWare
Domain: www.ojrq.net
IP Address: 34.95.127.121
Port: 443
Type: Outbound
File: C:\Users\Branden\AppData\Local\Vivaldi\Application\vivaldi.exe(end)
Blocked Url was
https://www.ojrq.net/p/?return=https%3A%2F%2Finstacart.oloiyb.net%2Fc%2F1434500%2F415003%2F7412%3FsubId1%3D916d7502a9a967cae45a4fe9885f9675%26level%3D1%26srcref%3Dhttps%253A%252F%252Fww55.siteplug.com%252Ffb_veve.php%253Fenk%253D34c8221c58596c1d64c2d6013730c1600201cd87a5370ef0%2526fb%253D916d7502a9a967cae45a4fe9885f9675%2526setup%253Dql%2526csk%253Dujl09%2526site_id%253D53105&cid=7412&tpsync=yes
-
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 10/9/20
Protection Event Time: 12:48 PM
Log File: abbe2e42-0a42-11eb-936e-10bf487f7f03.json-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1045
Update Package Version: 1.0.31046
License: Premium-System Information-
OS: Windows 10 (Build 18362.1082)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: keshande.com
IP Address: 192.169.82.134
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
-
Unsure if this is false at this point but top.gg is a very popular and normally safe site for discord bots
https://www.virustotal.com/gui/url/23f371d399493183ce1b01df06a38779d9275f471ff08c95e7a6dae98a6f1873/detection
Malwarebytes
www.malwarebytes.com-Log Details-
Protection Event Date: 9/22/20
Protection Event Time: 3:02 PM
Log File: 93b21cb0-fcf9-11ea-b808-10bf487f7f03.json-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1045
Update Package Version: 1.0.30252
License: Premium-System Information-
OS: Windows 10 (Build 18362.1082)
CPU: x64
File System: NTFS
User: System-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Vivaldi\Application\vivaldi.exe, Blocked, -1, -1, 0.0.0, ,-Website Data-
Category: Trojan
Domain: top.gg
IP Address: 104.16.173.56
Port: 443
Type: Outbound
File: C:\Program Files\Vivaldi\Application\vivaldi.exe(end)
-
@Porthos thanks for the reply however this has never been a issue until recently and we have every indication that the fault is with malwarebytes in the interest of product harmony we need a fix here I still view malwarebytes as companion product it is simoly not up to the standard of a full solution but i still love it
-
Can this please be addressed as a loyal user of both products i feel this has not been acknowledged nor addressed fast enough please see
https://support.emsisoft.com/topic/33669-possible-program-conflict-leading-to-bsod/
and
https://support.emsisoft.com/topic/33153-facing-issues-with-bsod-on-pc/
-
I added 2 files the latest stable verson 1.5.5 and the detection 1.5.4 as you can see foobar is always packed in the same installer type in the same way with the same components and has been for over 17 years
-
Program
foobar2000
obar2000 is a freeware audio player for Microsoft Windows, iOS and Android developed by Peter Pawłowski.
this program is over 17 years old in development and trusted by millions I do not know why Malwayebytes continues to detect older trusted programs
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 7/4/20
Scan Time: 3:00 PM
Log File: ff9dcb80-be1b-11ea-ab1c-10bf487f7f03.json-Software Information-
Version: 4.1.2.73
Components Version: 1.0.972
Update Package Version: 1.0.26415
License: Premium-System Information-
OS: Windows 10 (Build 18362.900)
CPU: x64
File System: NTFS
User: System-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 275776
Threats Detected: 1
Threats Quarantined: 0
Time Elapsed: 2 min, 57 sec-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect-Scan Details-
Process: 0
(No malicious items detected)Module: 0
(No malicious items detected)Registry Key: 0
(No malicious items detected)Registry Value: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Data Stream: 0
(No malicious items detected)Folder: 0
(No malicious items detected)File: 1
Malware.AI.4206814736, C:\USERS\ysername\DOWNLOADS\FOOBAR2000_V1.5.4.EXE, No Action By User, 1000000, 0, 1.0.26415, 8DBDD7F267BC453FFABEE610, dds, 00792905Physical Sector: 0
(No malicious items detected)WMI: 0
(No malicious items detected)
(end) -
Malwarebytes
www.malwarebytes.com-Log Details-
Scan Date: 12/22/19
Scan Time: 2:03 PM
Log File: 309e6fd5-24e1-11ea-b51b-10bf487f7f03.json-Software Information-
Version: 4.0.4.49
Components Version: 1.0.785
Update Package Version: 1.0.16584
License: Premium-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 304184
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 5 min, 42 sec-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect-Scan Details-
Process: 0
(No malicious items detected)Module: 0
(No malicious items detected)Registry Key: 1
Adware.DownloadAssistant, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Pianissimo, No Action By User, 7842, 776321, , , ,Registry Value: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Data Stream: 0
(No malicious items detected)Folder: 0
(No malicious items detected)File: 1
Adware.DownloadAssistant, C:\PROGRAM FILES (X86)\PIANISSIMO\UNWISE.EXE, No Action By User, 7842, 776321, 1.0.16584, , ame,Physical Sector: 0
(No malicious items detected)WMI: 0
(No malicious items detected)
(end)product link
https://acoustica.com/products/pianissimo
-
ok really not sure what happened however collected keys from CB and then made a MBAM account so they will not get lost again
-
there doesnt seem to be thats the issue what is the file name ?
-
the clan log said that
-
no unfortunate;y it saysThe license key of Malwarebytes for Windows was backed up successfully. but i dont see it
-
This should be a rather simple thing but im unsure what to do
Possible FP related to Xiaomi page?
in Website Blocking
Posted
@DashkeVery welcome I take it this means it was indeed a FP?