jwclack52 Posted February 13, 2019 ID:1298515 Share Posted February 13, 2019 All of a sudden MB is block att.com (using current Chrome) with a malvertising caution: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 2/13/19 Protection Event Time: 5:30 PM Log File: 060c9ac2-2fdf-11e9-a4b3-b06ebf2ffa59.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.538 Update Package Version: 1.0.9252 License: Premium -System Information- OS: Windows 10 (Build 17763.292) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: netcheckcdn.xyz IP Address: 64.58.121.60 Port: [57268] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) No such block using MS Edge. Link to post Share on other sites More sharing options...
jwclack52 Posted February 14, 2019 Author ID:1298571 Share Posted February 14, 2019 Essential files. FRST.txt Addition.txt MBAM Threat Scan.txt Link to post Share on other sites More sharing options...
jwclack52 Posted February 15, 2019 Author ID:1298765 Share Posted February 15, 2019 All right - I just created a Win10 VM from scratch, installed MBAM premium and Chrome. Went to ATT.COM and, sure enough, got the same warning from MBAM. I wasn't even signed in to Chrome. This is obviously a false positive / bug in MBAM. I regret that this has wasted so much of my time. This needs to be addressed immediately. JWC Link to post Share on other sites More sharing options...
jwclack52 Posted February 16, 2019 Author ID:1298966 Share Posted February 16, 2019 In my 30+ years of being an IT professional, I have found that when I submit a valid problem/bug with software, it is invariably met with silence by the vendor. This tells me that it is, indeed a bug in the product - certainly the case here. The question here is, has the company not responded because they are hard at work fixing the bug or are they simply ignoring the customers problem in the hope that they (the customer) will go away? How dare a customer demand that their software actually work?!? Link to post Share on other sites More sharing options...
jwclack52 Posted February 16, 2019 Author ID:1298967 Share Posted February 16, 2019 This has nothing to do with chrome sync. Yesterday I created a virgin Win10 VM and installed MBAM, then Chrome. WITHOUT SIGNING IN TO THE NEWLY INSTALLED CHROME, I navigated to ATT.COM and MBAM threw up the same warning. MBAM has all of the pertinent files from this VM. The silence is deafening. Link to post Share on other sites More sharing options...
jwclack52 Posted February 16, 2019 Author ID:1298968 Share Posted February 16, 2019 This has nothing to do with your browser or a trojan on your system. I created a virgin Win10 VM and installed MBAM, then Chrome. WITHOUT SIGNING IN TO THE NEWLY INSTALLED CHROME, I navigated to ATT.COM and MBAM threw up the same warning. MBAM has all of the pertinent files from this VM. The silence is deafening. Link to post Share on other sites More sharing options...
DetroitRick Posted February 16, 2019 ID:1299013 Share Posted February 16, 2019 Thanks for posting. And especially for going through the VM machine exercise. Very helpful, and so I've reached the same conclusion you did - product bug/false positives. I did all the diagnostics yesterday before realizing that it wasn't my machine or setup. Same as everybody else is saying here - MB immediately flags two domains when accessing att.com - worldnaturenet.xyz (Trojan category) and netcheckcdn.xyz (fraud category). No issues on ANY other websites, no issues on ANY other browser. I'm sure we didn't all just coincidentally catch the exact same malware this week! I'm still shaking my head at the long list of solutions offered that did not work for any of us. Again, thanks for posting. Link to post Share on other sites More sharing options...
jwclack52 Posted February 17, 2019 Author ID:1299075 Share Posted February 17, 2019 Thanks. I still haven't heard anything about this here on the forums nor after submitting a ticket w/ "support." Link to post Share on other sites More sharing options...
jwclack52 Posted February 18, 2019 Author ID:1299225 Share Posted February 18, 2019 On 2/16/2019 at 2:24 PM, nasdaq said: Hi, Experts here are beginning to suspect ATT.COM. Contact them. We have many topics with that error and no solution found yet. Hmmmm.... Maybe MBAM reps, those who are getting paid to support MBAM, should contact ATT? We users have to work in order to pay for MBAM. Link to post Share on other sites More sharing options...
Staff Solution Zynthesist Posted February 18, 2019 Staff Solution ID:1299260 Share Posted February 18, 2019 Hello, We have removed netcheckcdn .xyz Link to post Share on other sites More sharing options...
Recommended Posts