Raven5569 Posted December 29, 2020 ID:1429616 Share Posted December 29, 2020 Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/29/20 Protection Event Time: 3:47 AM Log File: 9339d8f9-49cb-11eb-8c72-708bcd543da0.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.34957 License: Trial -System Information- OS: Windows 10 (Build 19041.685) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Users\Raven\AppData\Local\authy\app-1.8.3\Authy Desktop.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: x.ss2.us IP Address: 99.84.39.177 Port: 80 Type: Outbound File: C:\Users\Raven\AppData\Local\authy\app-1.8.3\Authy Desktop.exe Is this a false positive? Link to post Share on other sites More sharing options...
Raven5569 Posted December 29, 2020 Author ID:1429617 Share Posted December 29, 2020 Attached below Detection.txt Link to post Share on other sites More sharing options...
Raven5569 Posted December 29, 2020 Author ID:1429620 Share Posted December 29, 2020 Might have posted this in the wrong section originally, sorry. Malwarebytes came up with detecting this site as a trojan from Authy. Not sure if it's a false positive. See attached. Detection.txt Link to post Share on other sites More sharing options...
Staff Dashke Posted December 29, 2020 Staff ID:1429628 Share Posted December 29, 2020 Thanks, the block will be removed. If you need additional help, please let us know. Happy Holidays and all the best! 1 Link to post Share on other sites More sharing options...
Raven5569 Posted December 29, 2020 Author ID:1429630 Share Posted December 29, 2020 3 hours ago, Dashke said: Thanks, the block will be removed. If you need additional help, please let us know. Happy Holidays and all the best! TY! So it was a false positive? I was really scared. Link to post Share on other sites More sharing options...
Raven5569 Posted December 30, 2020 Author ID:1429859 Share Posted December 30, 2020 I wanted to understand better when you said "block will be removed". Does it mean that the Trojan wasn't real? Do i still need Malwarebytes to run Authy? I'm paranoid of using Authy right now because of this. Link to post Share on other sites More sharing options...
Staff Dashke Posted December 30, 2020 Staff ID:1429871 Share Posted December 30, 2020 Please don't worry at all, the resource was blocked as one of the malicious files was connecting to it. But Authy should be safe. Link to post Share on other sites More sharing options...
Raven5569 Posted December 30, 2020 Author ID:1429922 Share Posted December 30, 2020 On 12/29/2020 at 2:16 AM, Dashke said: Thanks, the block will be removed. 5 hours ago, Dashke said: the resource was blocked as one of the malicious files was connecting to it But you said you were removing the block? If you're removing doesn't that mean it's not malicious and just a false positive? Link to post Share on other sites More sharing options...
Staff Dashke Posted December 31, 2020 Staff ID:1430027 Share Posted December 31, 2020 Yes, that is correct, the domain is not malicious indeed. If you need additional help, please let us know. Happy Holidays and all the best! Link to post Share on other sites More sharing options...
Recommended Posts