Jump to content

Search the Community

Showing results for tags 'domain'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello, This is my first time in this forum, Requesting the concerned person to remove the following domain name from Malware list as it's a valid ecommerce site. The URL is: https://www.meenaclick.com Quick action would be highly appreciated. Thanks & Regards S N Alam
  2. Hello, we're writing from a venezuela fake news debunking forum. We've noticed that our website cazadoresdefakenews.info is currently blocked by MalwareBytes. Can you please whitelist us? It's actually a Wordpress-based blog. Thank you very much! Adrian Gonzalez. cazadoresdefakenews.info CEO
  3. Since upgrading the console to 1.9.0.3671 most machines cannot be found. Even if I scan by IP range only 58 out of 450 machines show up. Domain sync does not sync. The console is useless for installing or updating clients to the latest version. I followed the directions on page 5 of the MCAG to configure the clients. I did this to 2 machines and they both disappeared. The endpoint are windows 10 1803 with at least .NET 4.6. How can I get the PCs to display in the console?
  4. Hello, I was just trying to access the website and I could not because Malwarebytes was running. As soon as I deactivated the antivirus, I was able to access the site. 104.31.80.192 hxxps://www.coinimp.com/ Please can you remove it from your malware list? Thanks.
  5. What does Malwarebytes for Mac do, if anything, to protect against phishing? As we all know, that is the main threat vector and I want to put something on my mother's Macbook to protect her against some of the more clever phishing attempts as she is not very technically inclined. I didn't see anything on the product page that specifically referenced phishing protection...
  6. Greetings, I think this is a false positive, as I've never seen any sort of phishing activity on the PQ website. Just a silly game to play. You can see more info by pulling up Progress Quest on Wikipedia as well. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/27/18 Protection Event Time: 4:26 PM Log File: ab7bb2aa-aa50-11e8-8042-005056c00001.json -Software Information- Version: 3.5.1.2522 Components Version: 1.0.421 Update Package Version: 1.0.6529 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: progressquest.com IP Address: 173.230.140.86 Port: [65402] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) Best, Zzyzx
  7. I have a Raspberry Pi set up to act as my DNS server on my network to block advertisements (Pi-Hole). It also tracks all DNS searches and has revealed that two domains are being accessed every 2 minutes by my Win7 PC - primewire.ag and 123netflix.com This happens even when the browsers on my PC are closed. I previously visited these domains using Chrome incognito mode so I thought they infected my PC. Malwarebytes and Avira find nothing. There are no suspicious add-ons to my browsers. I kept track of exactly when the Pi-Hole showed access to the two domains from my PC (every 2 minutes exactly). Ran Process Monitor (to show Network Activity) and Wireshark both as Admin. Opened Windows Powershell as Admin and typed: Then I waited and clicked enter on the command exactly when my PC was accessing those 2 domains. Checked Wireshark for the same time and found the packets being sent to the pi-hole to check the DNS of those two domains. Double clicked the packets and scrolled down to find the Source Port numbers: 57098 and 65208 Switched to Process Monitor and located the processes captured during the same time that was using those same Source Port numbers. Double clicked and now I had: the PID (1576), the Path (C:\Windows\system32), the Command Line parameters (-k NetworkService) and the process name (svchost.exe) Unfortunately, it’s the ubiquitous svchost.exe Switch to Windows Powershell and checked out the results from when I ran the tasklist command. PS C:\Users\MyPC> tasklist /svc /fi “imagename eq svchost.exe” Image Name PID Services ========================= ======== ============================================ svchost.exe 1576 CryptSvc, Dnscache, LanmanWorkstation, NlaSvc Now I have the Services behind svchost.exe. Then I went into the Registry and found the Registry Entries for each of the 4 Services and that gave me the DLL files and the file paths. They’re all under %SystemRoot%\System32: Ran system filechecker with command Scanned each file with MalwareBytes and Avira. Nothing found. Decided to check each service’s Display Name and Description: CryptSvc = Cryptographic Services = Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Dnscache = DNS Client = The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer’s name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start. LanmanWorkstation = Server = Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. NlaSvc = Network Location Awareness = Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Now I’m stumped. Other than Blacklisting those sites on the Pi-Hole, any ideas on how to find out why they are being accessed every 2 minutes?
  8. Our website, www.cheathappens.com is being blocked by your software for no apparent reason. We have been in business for 18 years, have over 3 MILLION subscribers and have no malicious content on our site that would necessitate a block. We have a full clean bill of health from VirusTotal: https://www.virustotal.com/#/url/81021c9e78eb908e36c4c9fb15b3e97436952011f7be82db1aaaa49670b3f796/detection Please remove this block on our website. Thanks, Chris O. Cheat Happens Attached is the log file from Malwarebytes and the specific error in the browser is: Can’t connect securely to this page This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner. log.txt
  9. Hi! I'm new to the forums, but I hope they're effective! I recently purchased the domain name "thegentle.men" from NameCheap, and connected it to my Shopify store in hopes to eventually open a gentlemen's shop. To my displeasure though, I can't even access my own website without making an exclusion (which is okay for me). But then I thought, if this happens to me, what about my future clients? Are they not going to be able to access my site, and instead be slapped with a Malwarebytes warning that my innocent Shopify store is malicious. This isn't going to help sales... at all.... My request? Is it possible to have my domain removed from the Malwarebytes block list? I understand '.men' may not be the greatest ending to a domain and does kinda seem shady, but hey, come on it's perfect for my idea! "TheGentlemen" = Thegentle.men how good is that!? Anyway, I thank you for your time - Niinja
  10. Hi; I'm using malwarebytes 3.1.2.1733. Today i trying to connect to the VPN server under L2TP/IPSEC Connection(With presharedkey), everything is ok for about 1 hours, but then suddenly i got 'DNS Problem', it's mean i can't resolve any domain. i'm using L2TP VPN Protocol provided by windows10. In PPTP Connection it's ok, but when i using L2TP, i must disable 'web protection' to permit to the DNS traffic. so, its seems that problem caused by 'web protection' module.
  11. i am getting search terms like, 大奖PT老虎机充送活动 Q82019309.com 大奖HB老虎机开户 Q82019309.com大奖HB老虎机首存活动 Q82019309.com大奖MG老虎机注册送彩金 Q82019309.comon my website searchbox.does anyone know what this mean and why it is happening..??????
  12. Hi, my domain http://sendinger.com/ marked as malware again, Please help me with my problem. Thank you a lot
  13. The paid soccer streaming service http://fubo.tv is blocked. I have to exclude the IPs 104.156.81.230 and 151.101.40.230 to access it.
  14. Hello, I have clear my website from bad files. Please can you remove it from your list. My website is www.cactusweb.gr and ip is 37.60.226.132
  15. Hi, my domain http://sendinger.com/ marked as malware, I use it for link redirections only, and thats all, can you check it again. Thank you
  16. The domain http://ec1investments.co.uk/ is being marked as Malicious but I'm unsure why as all other scans have come back as safe - can you please have a look? Kindest regards, Pete
  17. Hi, my domain http://sendinger.com/ marked as malware, I use it for link redirections only, and thats all, can you check it again. Thank you
  18. Hi, all, I opened Chrome today and Malwarebytes notified me that it blocked an outboud Malicious Website Protection, Domain, to docs.ironbeast.io I've never heard of this website/service and it only happens when I use Chrome. It just started about a few hours ago after booting my computer. I've tried many things to fix this and the problem only occurs with Chrome. Here's what I've done: Uninstalled Chrome Ran scans with Malwarebytes (treat detections as malware and with rootkits) and my AV protection Ran and used Rkill (?), Adwcleaner, and JRT following another post on weird outbound Chrome Set my DNS to Google (yet another post from a different article on here) AV and Malwarebytes did not detect any infections and the Adw cleaner, etc., removed some old registry values that were not associated with Chrome. After all this, I reinstalled Chrome and went to a website and the same message appeared docs.ironbeast.io was blocked. I've attached the Malwarebytes log file. Researching around, it seems the outbound IPs associated with this are through Amazon..http://www.techsupportforum.com/forums/f320/malware-suspicious-site-1054890.html -- the IPs in the log are apparently associated with Amazon. Any thoughts or solutions? Is this unsafe? Not a computer expert, but I won't use Chrome for now. log.txt
  19. MBAM & MBAE for Business subscription were purchased yesterday and downloaded from the link supplied. Installed MBAM with no problem. The icon displayed, app started, ran an update and a full scan. Installed MBAE but the GUI & icon on the taskbar are never displayed after the install. I clicked MBAE in the start menu but it never displayes n icon or notification message at taskbar. I checked the event viewer and there are no entries in the application or system Event logs mentioning Malwarebytes. I rebooted and nothing changes. I opened Word 2013 and the MBAE notification does not display and the app icon is not displayed as running. I opened task manager and the service is running. PC is running Windows 7 Pro, Windows domain with 2008 r2 server, Symantec Endpoint Protection 12x. All non-optional windows updates were already applied.
  20. Hello, The website ribastiendaonline.com was scanned and cleaned from malware and spam, please review and remove it from your blacklist. Thank you
  21. Hello folks, the Ukrainian AirVPN server named Nair has been identified as a malicious site by Malwarebytes. Malwarebytes blocks the connection even if an exception is made forcing me to temporarily disable Malwarebytes until the connection is made. On top of the ip block it also seems to block the DNS Check to the server. Any help is appreciated. 176.103.56.78 91.217.91.54 nair.airservers.org nair_exit.airservers.org
  22. This morning malware bytes blocked 4 outbound attacks (for lack of a better term), all with the same time stamp. The site referenced is click.watchjmp.com, 54.219.179.252. It was coming from firefox.exe. I'm unable to find much of any information about this site. I was on msn.com reading an article, and had a flickr site open, and one other normal, non-suspicious webpage. Has anyone had a similar incident? I'm not sure what to make of the fact that this was an outbound attack....
  23. Hello, first of all I want to say thanks for making this great software available for free. Now I want to give you some feedback. We have installed the MBARW on the Windows 7 Clients in a corporate network (for testing purposes). We had to uninstall it, because it caused some troubles. Now we want to share this feedback, so you guys can eventually improve this software. The problem was: after installing the MBARW software and rebooting the client, the roaming profiles of the users (which are hosted on the company's Windows Small Business Server 2011) aren't loading anymore. They are loading as temporary profiles instead. This was verified, as this behaviour occurred on many clients (but not on all of them --> odd behaviour). After uninstalling MBARW they started to load correctly again. If you need any more information on this "bug" or if you have some informations for me on how to avoid the occurrence of this problem, please contact me. Greetings from Germany, Philipp A.
  24. Hello Team, Business Catalyst is an all-in-one business website and online marketing solution, built for web designers delivered by Adobe Systems.I am part of the Support Team for BC and I would like to report a false-positive. After signing in, our clients get a subdomain to businesscatalyst.com before they add their own domain, also our main website and documentation site have been affected:http: //prntscr .com/9ngbg7http ://prntscr .com/9ngast Can you please look into as soon as possible? All of our clients that want to access theirsitename.businesscatalyst.com and have Malwarebytes installed are affected by this. Thank you,Mihai Stoichitescu Technical Support Consultant for Adobe Business Catalyst
  25. Hi, I'm pretty new here, hope I ask it in the right place.. I'm work on Python project that analyzing domain names and tries to convict them as malicious. I'm using some blacklisted domain names repositories, VT scan and WhoIs scan. Does anybody has an idea to other valuable scan method? Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.