-
Posts
195 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by boombastik
-
I downloaded the legit IUWEshare USB Flash recover from giveaway of the day. When tries to update it contact: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/8/19 Protection Event Time: 11:15 PM Log File: 30534fec-a1bd-11e9-91fc-7085c23fec94.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.613 Update Package Version: 1.0.11456 License: Premium -System Information- OS: Windows 10 (Build 18362.207) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 Category: Trojan Domain: 91datarecovery.gotoip1.com IP Address: 43.224.153.192 Port: [65008] Type: Outbound File: C:\Program Files (x86)\IUWEshare\IUWEshare USB Flash Drive Data Recovery\IUWEshare.exe Is this false positive?
-
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
@LiquidTension i will wait for more news. @David H. Lipman no problem 😊 -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
@exile360 i captured with wireshark when it can not block this phishing site. In the second capture (in the same windows session without restart after one minute from the first capture) i visit mbam ip test site and the ip protection worked, then i re-visit this phishing site and it blocked successfully(so it started to block it successfully after i visit mbam ip test). My nic card is Intel i218-v(2) with driver 12.18.8.9 (24/1/2019) from Microsoft update catalog with rss load balancing profile NUMAscalingstatic. I uploaded the 2 files to we transfer: -https://we.tl/t-hR7RM0YaII -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
@exile360 i clean installed it with malware-bytes support tool and it blocked the phishing site successfully. After i run ipconfig /flushdns It always block IP addresses and fail to block domains. -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
OK i recreated it. It always block IP addresses and fail to block domains. 50 minute after last restart. -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
I forget to say that i tried with zero downloads also and it didn't blocked. I Think that the malwares IP protection is locally in databases and the phishing protection is server based. -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
Ok here is the logs: mbst-grab-results.zip -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
I Meet this problem 2 times with the same results: I left my PC powered up for 2 days to download from steam. After i test , the IP protection it block successfully malware sites but failed to block this phishing site. After a restart it solved it. Again i leaved my PC powered up to download from origin and steam. After 1 and a half day again i tried the IP protection. It blocked successfully the ip test but failed to block this phishing site after a lot of retries. Now i restarted my machine and it blocked successfully. My thought is that after you leave a PC for many hours it lost the ability to block phishing sites. The upload fail and it is only 9 mb. -
phising sites mbam version 3
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
The site is already submitted and already blocked before one moth before and continue to be blocked by malware researcher MacteryCFM of mbam . He prompted me to do a bug report. @David H. Lipman i don't have many time to analyze why this site is phishing you can read the thread below. I find your post rude and you don't even know how many bugs i have reported in internet community in general. And i am not speaking about malware bytes forum which i have offered very little. - -
I found an interesting bug. The malware-bytes ip protection don't always block phishing sites. For example the site: hxxps://www.windowsphoneinfo.com/ Is a phishing site. The IP protection works for malicious sites every time but for phishing not every time. For example yesterday this phishing site is blocked as phishing and today this time i write it not.
-
@LiquidTension With details, I will make the bug this clear so everyone will understand why it happens. 1)If the user has windows defender in windows 10 it will not have this problem because the option let malwarebytes lets the malwarebytes decide the best options for windows center is set to not register. 2) the problem is when the user has a third party antivirus for example avast. the user will install the malware bytes free trial now the option malware bytes let the malware byes decide the best option will make itself register in windows center with avast. Now the user leave the trial to end. Later the user decide to uninstall avast to use windows defender. but he cant because windows defender find the malwarebytes registered in windows security cender and disable itself leaving the user totally unprotected. In reality this is not a bug but limitation. The only real solution here for you is when the malwarebytes revert to free after the trial end is to make it the program to never register in windows center.
-
thanks you can lock it. regards.
-
Thanks you! I dont have problems but i checked 4 pc that i have with similar software and not have this restriction so i thought that it is a registry restriction leftover. Can u tell me wht is the porpuse of this driver : S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2018-08-19] () Ps. Thanks very match for your help and for confirmation tha my machine is clean. If u dont have the time to answer the question about the above driver u can close the thread as i understand that this section is only for malware cleaning.
-
Because i have macrium backups and i like to learn i created a frst.fix alone: fixlist content: ***************** Start GroupPolicy: Restriction ? <==== ATTENTION Reboot: End ***************** C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully The system needed a reboot. My machine restarted and i checked again and now i don't have this problem. My new files are: Addition.txt FRST.txt
-
GroupPolicy: Restriction ? <==== ATTENTION frst.txt i uploaded them here: Addition.txt FRST.txt
-
Hallo, i don't have any problem with malware but i have a strange value in frst. I created the logs from mbam tool to report a bug, and i found in the FRST/Troubleshooting folder in the frst.txt this: GroupPolicy: Restriction ? <==== ATTENTION is this a problem? How i can fix it? mbst-grab-results.zip
-
False Positive Trojan ? DoubleTwist website
boombastik replied to SeaMike's topic in Malwarebytes for Windows Support Forum
Before 7-8 hours i had a false positive that put it on forum, mbam updated the definitions but it continued to block the site. The false positive has no connection with this false positive but your solution worked. My restart of PC didn't solve it only the cache clear. Thanx @exile360 -
-http://ebooks.edu.gr/new/ It is a Greek site with school books.
-
generic question about license
boombastik replied to boombastik's topic in Malwarebytes for Windows Support Forum
thanks for the answer -
My neighborhood has a problem and we will not have internet for seven days until they fix it. Malware bytes will continue to protect me or will turn to free because it will cant check the license for seven days. Thanks
-
I read that Mozilla 66 will block dll ejection. there will be a alternative method like google chrome for protection? -https://techdows.com/2019/01/firefox-66-launcher-process-to-block-dll-injections-from-antivirus-and-third-party-software.html
-
CU 527 Test Preview Build - AOK!
boombastik replied to 1PW's topic in Malwarebytes for Windows Support Forum
I believe under the hood this update will help with web shield performance in windows 10. I am wrong here? -
thanks for the answer! for now i disabled the notifications.
-
I have tried 5 old versions of mbam 3, and clean install. only mbam version 2 works ok, and i encounter this in other pcs also.