Juergen Posted June 2, 2022 ID:1518447 Share Posted June 2, 2022 Hello, hiere is the report of a file detected as bad website, maybe because of unc. Actually the file is part of a kind of erp-software at a customer site. -Protokolldetails- Datum des Schutzereignisses: 30.05.22 Uhrzeit des Schutzereignisses: 08:55 Protokolldatei: 7798e2b9-dfe5-11ec-a8f2-4c5262a55fbe.json -Softwaredaten- Version: 4.5.9.198 Komponentenversion: 1.0.1689 Version des Aktualisierungspakets: 1.0.55558 Lizenz: Premium -Systemdaten- Betriebssystem: Windows 10 (Build 19044.1706) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierten Websites- Bösartige Website: 1 , \\server-name\WA3DATEN\WA3-ZUSATZ\WA3DOTNET.exe, Blockiert, -1, -1, 0.0.0, , -Website-Daten- Kategorie: Schadsoftware Domäne: IP-Adresse: Port: 80 Typ: Ausgehend Datei: \\server-name\WA3DATEN\WA3-ZUSATZ\WA3DOTNET.exe Best regards from Hainburg, Germany Jürgen Dannoritzer WA3dotNET.zip Link to post Share on other sites More sharing options...
Staff BjelakovicL Posted June 3, 2022 Staff ID:1518471 Share Posted June 3, 2022 Hi, I can't figure out what is causing this block as both IP and domain fields are blank. Can you run an update and see if you still have this issue. Thank you! Link to post Share on other sites More sharing options...
Juergen Posted June 22, 2022 Author ID:1521605 Share Posted June 22, 2022 Hello, sorry for creating some confusion. I had already made an exception for the domain www.update.dietronic.info, which is the internal download site of our ERP-System. Then in addtion I made an exception for the executable wa3dotnet.exe which calls the website to download some database content. For some reason malwarebytes is still complaining Could it be the wwww. before the subdomain, which is causing the problem? Best regards from Hainburg, Germany Jürgen Dannoritzer Link to post Share on other sites More sharing options...
Juergen Posted June 22, 2022 Author ID:1521607 Share Posted June 22, 2022 Hello, as exception I also entered the IP address, wothout luck. Malwarebytes www.malwarebytes.com -Protokolldetails- Datum des Schutzereignisses: 22.06.22 Uhrzeit des Schutzereignisses: 22:43 Protokolldatei: fdaa2964-f26b-11ec-ad04-4c5262a55fbe.json -Softwaredaten- Version: 4.5.10.200 Komponentenversion: 1.0.1702 Version des Aktualisierungspakets: 1.0.56405 Lizenz: Premium -Systemdaten- Betriebssystem: Windows 10 (Build 19044.1766) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierten Websites- Bösartige Website: 1 , \\FACTSRV03\WA3DATEN\WA3-ZUSATZ\WA3DOTNET.exe, Blockiert, -1, -1, 0.0.0, , -Website-Daten- Kategorie: Trojaner Domäne: update.dietronic.info IP-Adresse: 92.60.36.28 Port: 80 Typ: Ausgehend Datei: \\FACTSRV03\WA3DATEN\WA3-ZUSATZ\WA3DOTNET.exe (end) Here the extended list of allowed sites/files/ip-address. Best regards from Hainburg, Germany Jürgen Dannoritzer Link to post Share on other sites More sharing options...
Staff Solution BjelakovicL Posted June 23, 2022 Staff Solution ID:1521688 Share Posted June 23, 2022 The block will be removed in the next database update. Sorry for the inconvenience. Link to post Share on other sites More sharing options...
Recommended Posts