boombastik
-
Posts
195 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by boombastik
-
-
@LiquidTension i will wait for more news.
@David H. Lipman no problem 😊
-
@exile360 i captured with wireshark when it can not block this phishing site. In the second capture (in the same windows session without restart after one minute from the first capture) i visit mbam ip test site and the ip protection worked, then i re-visit this phishing site and it blocked successfully(so it started to block it successfully after i visit mbam ip test).
My nic card is Intel i218-v(2) with driver 12.18.8.9 (24/1/2019) from Microsoft update catalog with rss load balancing profile NUMAscalingstatic.
I uploaded the 2 files to we transfer:
-
@exile360 i clean installed it with malware-bytes support tool and it blocked the phishing site successfully.
After i run ipconfig /flushdns It always block IP addresses and fail to block domains.
-
OK i recreated it. It always block IP addresses and fail to block domains. 50 minute after last restart.
-
I forget to say that i tried with zero downloads also and it didn't blocked.
I Think that the malwares IP protection is locally in databases and the phishing protection is server based.
-
Ok here is the logs:
-
I Meet this problem 2 times with the same results:
I left my PC powered up for 2 days to download from steam. After i test , the IP protection it block successfully malware sites but failed to block this phishing site.
After a restart it solved it.
Again i leaved my PC powered up to download from origin and steam. After 1 and a half day again i tried the IP protection. It blocked successfully the ip test but failed to block this phishing site after a lot of retries.
Now i restarted my machine and it blocked successfully. My thought is that after you leave a PC for many hours it lost the ability to block phishing sites.
The upload fail and it is only 9 mb.
-
The site is already submitted and already blocked before one moth before and continue to be blocked by malware researcher MacteryCFM of mbam .
He prompted me to do a bug report.
@David H. Lipman i don't have many time to analyze why this site is phishing you can read the thread below.
I find your post rude and you don't even know how many bugs i have reported in internet community in general. And i am not speaking about malware bytes forum which i have offered very little.
-
-
I found an interesting bug.
The malware-bytes ip protection don't always block phishing sites.
For example the site: hxxps://www.windowsphoneinfo.com/
Is a phishing site. The IP protection works for malicious sites every time but for phishing not every time.
For example yesterday this phishing site is blocked as phishing and today this time i write it not.
-
I don't Know if that help but i had an old PC with the Intel driver 11.7.0.1013 that freeze with malware bytes. I returned to default Microsoft drivers and don't take any i/o error on startup.
-
The problem with right click was this:
Notifications must be turned ON when u update. If turned off (and I had turned them off), Malwarebytes' scan option won't appear in the Windows context menu if u upgrade a new version above it with this option disabled.
For details i send u a personal conversation.
-
With details, I will make the bug this clear so everyone will understand why it happens.
1)If the user has windows defender in windows 10 it will not have this problem because the option let malwarebytes lets the malwarebytes decide the best options for windows center is set to not register.
2) the problem is when the user has a third party antivirus for example avast.
the user will install the malware bytes free trial now the option malware bytes let the malware byes decide the best option will make itself register in windows center with avast.
Now the user leave the trial to end.
Later the user decide to uninstall avast to use windows defender. but he cant because windows defender find the malwarebytes registered in windows security cender and disable itself leaving the user totally unprotected.
In reality this is not a bug but limitation.
The only real solution here for you is when the malwarebytes revert to free after the trial end is to make it the program to never register in windows center.
-
thanks you can lock it.
regards.
-
Thanks you! I dont have problems but i checked 4 pc that i have with similar software and not have this restriction so i thought that it is a registry restriction leftover.
Can u tell me wht is the porpuse of this driver :
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2018-08-19] ()
Ps. Thanks very match for your help and for confirmation tha my machine is clean. If u dont have the time to answer the question about the above driver u can close the thread as i understand that this section is only for malware cleaning. -
Because i have macrium backups and i like to learn i created a frst.fix alone:
fixlist content:
*****************
StartGroupPolicy: Restriction ? <==== ATTENTION
Reboot:
End
*****************C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
The system needed a reboot.My machine restarted and i checked again and now i don't have this problem.
My new files are:
-
-
Hallo, i don't have any problem with malware but i have a strange value in frst.
I created the logs from mbam tool to report a bug, and i found in the FRST/Troubleshooting folder in the frst.txt
this: GroupPolicy: Restriction ? <==== ATTENTION
is this a problem? How i can fix it?
-
@LiquidTension in both my pcs with beta the right click don't exist in explorer. The show-disable right click from option do nothing.
-
21 minutes ago, boombastik said:
I use it in 2 pc without any ill-effects .
The web browsing seems quicker.
I am in stable channel 1809 no in 1823
-
...This beta is not intended to fix the issue of protection modules not starting on the insider preview builds.. --> Post 3 by Malwarebytes Staff :dcollins
-
I use it in 2 pc without any ill-effects .
The web browsing seems quicker.
-
Before 7-8 hours i had a false positive that put it on forum, mbam updated the definitions but it continued to block the site.
The false positive has no connection with this false positive but your solution worked.
My restart of PC didn't solve it only the cache clear.
Thanx @exile360
-
-http://ebooks.edu.gr/new/
It is a Greek site with school books.
-
thanks for the answer
IUWEshare USB Flash
in Website Blocking
Posted
I downloaded the legit IUWEshare USB Flash recover from giveaway of the day.
When tries to update it contact:
Malwarebytes
www.malwarebytes.com
-Log Details-
Protection Event Date: 7/8/19
Protection Event Time: 11:15 PM
Log File: 30534fec-a1bd-11e9-91fc-7085c23fec94.json
-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11456
License: Premium
-System Information-
OS: Windows 10 (Build 18362.207)
CPU: x64
File System: NTFS
User: System
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
Category: Trojan
Domain: 91datarecovery.gotoip1.com
IP Address: 43.224.153.192
Port: [65008]
Type: Outbound
File: C:\Program Files (x86)\IUWEshare\IUWEshare USB Flash Drive Data Recovery\IUWEshare.exe
Is this false positive?