All Activity
- Past hour
-
Thanks. We've also gotten this notice as well. Is this the same issue? Anything in general we should be doing to mitigate these short of using a static vs shared pool of IP addresses? Is
-
Fell for Discord "Test my game" Scam
Advon0352 replied to Advon0352's topic in Windows Malware Removal Help & Support
Windows Firewall pinged me, telling me to allow "chrome.exe". Is this a false positive by Windows Firewall? Aside from that, are there any other steps or scans I should take to make sure my PC is clean? If not then we should be good. - Today
-
False positive - website blocked for suspicious content
BjelakovicL replied to cdgx83's topic in Chrome
The site has been whitelisted. Please allow around 30 minutes for the changes to take effect. -
Website Blocked: project.wshapp.com.sg and cco.wshapp.com.sg
BjelakovicL replied to Vetri's topic in Website Blocking
Hi, The site has been whitelisted. Please allow 15-30 minutes for the changes to take effect. -
Hello, Could you also whitelist https://api.lsp.expert? For a reason this url is also blocked by your software. It would be nice to understand what our urls have been blacklisted. Thank you!
-
Vetri started following Website Blocked: project.wshapp.com.sg and cco.wshapp.com.sg
-
Vetri joined the community
-
It was an old block due to RDP attacks: https://www.abuseipdb.com/check/146.190.222.240
-
David H. Lipman started following nintendo switch
-
Anything connected through a compromised WiFi network has the propensity of being targeted and being compromised. However by shear definition a RAT is not a virus. A RAT is the acronym for Remote Access Trojan. Just like a Chevrolet is not a Ford, a virus is not a trojan. All Chevrolets and Fords are automobiles just like all viruses and trojans are malware. Some notes on WiFi security Disable acceptance of ICMP PingsChange the Default Router password using a Strong PasswordUse a Strong WiFi password on WPA2 using AES encryption or Enable WPA3 if it is an option.Disable Remote ManagementCreate separate WiFi networks for groups of devices with similar purposes to prevent an entire network of devices from being compromised if a malicious actor is able to gain unauthorized access to one device or network. Example: Keep IoT devices on one network and mobile devices on another.Change the network name (SSID). Do not use your; Name, Postal address or other personal information. Make it unique or whimsical and known to your family/group.Is the Router Firmware up-to-date ? Updating the firmware mitigates exploitable vulnerabilities.Specifically set Firewall rules to BLOCK; TCP and UDP ports 135 ~ 139, 445, 1234, 3389, 5555 and 9034Many Routers support Saving and Restoring settings from a file. It is suggested to make a backup by saving your Router's settings once it has been configured.Document passwords created and store them in a safe but accessible location.
-
Thanks for the help. Is there any information you can share on what caused the block originally? We manage that IP so asking just to see if there's something we should be doing.
-
sp123 started following defender control issues and Cracked Game Disabled Windows Defender.
-
Adlice Diag detected 392 Hook.IEAT
matawak replied to matawak's topic in Windows Malware Removal Help & Support
@AdvancedSetup looks like the forum is dead, no activity. problem has been resolved after updating Windows Firewall Control 6.11.0.0 -
[ RESOLVED ] Cannot update to version 5
David H. Lipman replied to GhostX's topic in Malwarebytes for Windows Support Forum
Closing this topic as it's been resolved. -
Hi, Thanks for reporting. The block will be removed.
-
Hi, The IP (146.190.222.240) block was removed about three weeks ago. Please tell your costumers to check if they're using the latest database.
-
Dear MalwareBytes Team, I hope this message finds you well. We have recently been informed by our users that our domain, saftehnika.com, has been blocked by MalwareBytes due to alleged fraudulent activity. Attached is a screenshot illustrating this. I would like to clarify that saftehnika.com, along with all affiliated websites under our domain, is owned and operated by our company, AS “SAF Tehnika,” a registered legal entity in Latvia (registration details available at https://www.ur.gov.lv/en/legal-entity/?id=40003474109). We take security and compliance seriously and do not engage in any knowingly malicious activities, including but not limited to fraud or the distribution of malware. If there is any evidence indicating fraudulent activity originating from our online resources, we kindly request that you share it with us so that we can promptly address the issue. However, if there has been a misunderstanding or if there is no substantiated evidence of malicious activity associated with our domain, we respectfully request the removal of saftehnika.com from your blacklist. Thank you for your attention to this matter. We look forward to your prompt response and resolution. Best regards, Viesturs Eihentāls System Administrator IT department, AS "SAF Tehnika"
-
@JPopovic should the URL be blocked by the browser guard, if there is and instant redirection from https://win.jugabet.cl/casino/wheel-v1 to https://win.jugabet.cl/casino/wheel-v1/ and back to https://win.jugabet.cl/casino/wheel-v1 ? We have localised that some redirections happen, could it be a false positive trigger for Malwarebytes browser guard?
-
Just for extra clarity, the blocked domain is: https://rbtdaorv.gelato.com/assets/wxyz.rb.js
-
We're getting intermitent reports of the following domain being blocked: Source domain: gelato.com Blocked domain: rbtdaorv.gelato.com/assets/wxyz.rb.js When I personally visit gelato.com I don't see an issue: But this is the report we've gotten: If there's anything else I can provide please let me know.
-
ken1288 joined the community
-
WhiteShelf123 joined the community
-
Kolopostic joined the community
-
SAF-Tehnika joined the community
-
Hi, Thanks for reporting. The block will be removed.
-
@miekiemoes @Porthos Thanks a million for fixing this, I can confirm it works now. This is going to make my life easier.
-
Additional info, If I use Chrome browser I have no issues. It only happens with Edge.
-
Malwarebytes detected this website and I want to verify if the detection is legitimate for research reasons. -------------------------------------------------------------------------------------------------------- Website Blocked: modsreloaded.com v2.6.25 | Trojan: 2.0.202404260906 Malwarebytes Browser Guard blocked this page because it may contain malicious activity.
-
BjelakovicL started following Website Blocked: project.wshapp.com.sg and cco.wshapp.com.sg
-
Slido gives Exploit.OfficeLoadingPointsAbuse message and block
Porthos replied to geoffnewson's topic in Exploit
This might help. https://support.threatdown.com/hc/en-us/articles/4413802356755-Anti-exploit-policy-settings-in-Nebula -
Slido gives Exploit.OfficeLoadingPointsAbuse message and block
Porthos replied to geoffnewson's topic in Exploit
This may or may not help you, But in the consumer version, you would disable the following setting in the Advanced exploit settings. I do not know if you have similar controls. -
Slido gives Exploit.OfficeLoadingPointsAbuse message and block
geoffnewson replied to geoffnewson's topic in Exploit
Apologies, followed the support links so assumed it was the appropriate place to raise a ticket. I'll do as you suggest. Geoff.