Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by exile360

  1. That detection is actually coming from the Exploit Protection component in Malwarebytes 3, not the Malwarebytes browser extension being discussed in this thread. To get that issue resolved please create a new topic in the Malwarebytes Exploit false positive area by clicking here and a member of the Research team will assess the situation and take the necessary measures to correct the FP. Thanks
  2. I found the following information for hyperurl.co that may prove useful to you: First, I found a listing for it on hosts-file.net which is a Malwarebytes run site that it maintained by the same Researchers in charge of the Web Protection block database: https://hosts-file.net/default.asp?s=hyperurl.co Next, I found the following two assessments of the site claiming that the site was involved in suspicious and/or malicious activity: https://review.easycounter.com/reputation-Hyperurl-safe https://www.scamadviser.com/is-hyperurl.co-a-fake-site.html
  3. Greetings, For issues related to licensing your best option is to contact Malwarebytes Support directly via the options found on this page. You may also find the information in this support article to be of some use if you need to contact the company in charge of billing for your account. I hope that this gets resolved quickly for you and please let us know if there is anything else we might assist you with. Thanks
  4. Yes, unfortunately you won't always get notified immediately when a new program version is available. This is because those update are rolled out gradually to users rather than all at once. This is done to prevent hammering the update servers too hard with large numbers of large downloads simultaneously. Clicking the button forces the update so that you don't have to wait. I'm glad things seem to be going well now, but definitely let us know if the issue returns. Thanks
  5. Greetings, Apologies that no one has assisted you yet. I'll do my best to help. I did notice a couple of things in your logs that may be helpful so we'll start there to see if one or both resolves the issue. To start with, I notice that you are running Avast. Previous versions of Avast are known to have compatibility issues with Malwarebytes (and Windows itself, actually, as some users have reported the same problems with Avast when they do not use Malwarebytes/have never had it installed). To try to resolve it please update Avast to the latest version using one of the methods described in this post. Once that is done, restart your system and see if things have improved. Next, if you haven't already, please install the latest version of Malwarebytes, version 3.6.1, either by opening Malwarebytes and navigating to Settings>Application and clicking on the Install Application Updates button and allowing it to download and install the new version or by downloading and installing it directly from here. Once installed, restart your system once more to verify that the new components are loaded into memory and test to see if the issues still persist or not. Please let us know how it goes. Thanks
  6. Greetings, That is correct. Toolslib was actually the original host for ADWCleaner even before Malwarebytes acquired it and it is still being hosted there to this day. The download page for ADWCleaner on Toolslib can be found here and they even host Malwarebytes itself here along with many other security tools and system utilities.
  7. You're very welcome, and if there's anything else we can help with just let us know
  8. Thanks for the update. Good luck, I hope all goes well and that the issue is corrected in the new version, but if it isn't please let us know and we'll do all we can to diagnose and resolve the issue.
  9. Excellent, I'm glad the issue is resolved If you have any other problems or questions or if this issue returns please let us know and we'll do our best to help. Thanks
  10. OK, good, so at least you've isolated which module is causing the issue. The delay is probably because of the time it takes Malwarebytes to fully unload that module from memory since it has a driver and databases loaded into memory while it is running. That info should help the staff to figure out exactly why this is happening and hopefully get it fixed. I noticed in your logs that it indicates that the Malwarebytes shell extension which allows you to right-click on a file or folder and select Scan with Malwarebytes isn't installed/registered correctly. I'm sure that's not related to this issue, but it does mean that something may have gone wrong with your installation so I would first suggest trying to reinstall the software to see if that fixes the issues. A clean install would be a good idea just to give it the best chance of working correctly: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here I also saw in your logs that you only excluded those processes from the Web Protection component, so it may help to exclude the entire C:\Program Files (x86)\Ipswitch from Malware Protection to see if that works. To do so, open Malwarebytes and follow the instructions in this support article under the Exclude a File or Folder section and click the Select Folder... button leaving the first/default option Exclude from detection as malware, ransomware or potentially unwanted item selected so that it is completely excluded from detection. Once that's done, try running the program again to see if it is able to launch with Malware Protection enabled.
  11. Yes, that's correct, or at the very least the successful execution of an exploit, which is also something that Malwarebytes does very well at protecting against (in fact, the Exploit Protection in Malwarebytes 3 is pretty much its most proactive feature, as it doesn't rely on any signatures/databases and operates strictly on application behavior to guard against illegal operations and malicious scripting). Web blocks are quite common, especially since many sites may share the same IP address, and since Malwarebytes blocks connections both ways (incoming and outgoing), it prevents your system from connecting to any site in its block list so you don't have to worry about anything malicious that might be hosted on those sites getting onto your system as long as Web Protection is active. Also, if it were a case of browser hijacking such as with a malicious browser extension or plugin, you'd see web blocks pretty much every time you use your browser and it would typically be the same address(es) being blocked all the time. You'd definitely know if that was the case because it would be way more than 3 alerts and wouldn't happen just the one time. In fact, that's one way that Web Protection functions as a great indicator of malware or PUPs slipping through. If you start seeing a lot of frequent web blocks to the same IPs/domains, then it's a good indication that something may have gotten onto your system and if that ever does happen, you can return here to the forums and our malware removal specialists will help you to check your PC and get it cleaned up if anything did get through (not likely, but of course it is always a possibility no matter how much protection you use and how good it is). The only exceptions would be if you frequently run any Peer-to-Peer applications such as a Bittorrent client that connect to many remote servers, as such apps tend to connect to some IP addresses which may be on malware friendly hosting providers which Malwarebytes blocks due to the high frequency of malicious content being hosted on their networks, but in that case you'd see the process indicated in the web block notifications from Malwarebytes so you'd know that was the culprit.
  12. Greetings, While both ADWCleaner and Malwarebytes both target PUPs (Potentially Unwanted Programs) as well as some of the same PUMs (Potentially Unwanted Modifications) (i.e. changes to system settings which are possibly made by malware), each program does still detect some things that the other does not. While the last I heard they do still plan to eventually integrate all of the detections/signatures used by ADWCleaner into Malwarebytes, that has not happened yet so ADWCleaner does still detect some items that Malwarebytes does not, though not nearly as many as it once did as Malwarebytes has adopted a more aggressive policy with regards to classifying and detecting items as PUP in recent years, so if you download unknown software/installers etc. frequently which may contain PUPs then it is still a good idea to scan with ADWCleaner occasionally to make sure you didn't accidentally install any PUPs that Malwarebytes may have missed. Please let us know if you have any additional questions or issues and we'll do our best to answer them and assist you. Thanks
  13. Please try disabling the individual protection components of Malwarebytes one at a time to see if any one component is causing the issue. You may do this by right-clicking on the Malwarebytes tray icon and clicking on the name of the protection component then clicking Yes to the User Account Control prompt. After disabling each one, try launching the program again to see if it now works and it doesn't, re-enable the component and then try disabling the next one and let us know if disabling any one component fixed the issue. If that does not resolve it, then try disabling self-protection which can be found in the main Malwarebytes window under Settings>Protection in the Startup Options section near the bottom of the tab and is called Enable self-protection module. Please let us know if you tested this and if disabling any individual component worked to allow the program to run as that should give the team a good place to start looking to find the root cause of the problem. Thanks
  14. Yep, I've seen similar behavior with Google image search results; it usually occurs when I click on an image to expand the info. I guess when displaying the larger thumbnail, it's actually a live image from the site hosting the image, not the cached copy stored on Google's servers, so that's most likely the reason for the block. Yes, it's typical for 3 log entries to be created for each web block and it's been this way pretty much since the beginning when Web Protection was first implemented in Malwarebytes Anti-Malware 1.x so that's expected behavior since the count goes based on the entries in the protection logs. It's not so much a bug as just the way that the system works, and likely has something to do with how Windows automatically attempts to reconnect to a failed connection more than anything else, so when Malwarebytes blocks something, Windows probably retries it a couple of times to attempt to resolve the address/connection. If that's true, then technically speaking, Malwarebytes is actually blocking 3 connection attempts to the website/server, so it is technically accurate even if you only attempted to browse to the page/load content from the page just once. The Developers may be able to clarify further, but based on my somewhat limited knowledge of the network stack and the inner workings of Malwarebytes and Windows, I'm pretty sure this is what's going on and why it shows up this way.
  15. You're welcome If there's anything else we can do for you please let us know. Thanks
  16. Excellent, I'm glad to hear it. If there's anything else we can help with please let us know. Thanks
  17. Greetings, Based on your description of events it sounds like what happened was that an image from the site in question attempted to load among the results so it was blocked by Malwarebytes via the Web Protection component. You shouldn't need to take any further action and nothing was able to actually reach your system from the blocked site that might be harmful so you should be just fine. If there is anything else we might assist you with please let us know. Thanks
  18. You can easily disable the premium trial in just a few clicks as shown in this support article. While my personal preference would be to continue to offer an option to opt-out of the trial during installation, I do understand why this option was removed; the simple fact of the matter is that the vast majority of users do not pay attention to the text and checkboxes/controls presented to them during installations of software so they will generally just click through the installation wizard to complete the installation process, meaning whatever the default is, that's what they're likely to go with (and Malwarebytes has likely collected telemetry data on user-selected options during install that support this hypothesis which may well be why the option was removed in the first place, though that is just speculation on my part).
  19. Ah, that makes sense. If it had something like its configuration files stored on the disk that wasn't restored while other copies were in memory while it was running and there's a clash between what the config files say and info in the registry and/or on disk on the local disk that was restored that could well have caused such corruption. Hopefully the reinstall resolves it, but definitely keep us posted. Thanks
  20. Greetings, You may try the instructions in this topic to run a special build of Malwarebytes Anti-Rootkit which may help with this. If that doesn't work or some of the issues persist, please try running ADWCleaner to see if it is able to eliminate the issues. If the system still remains infected then please read and follow the instructions found in this topic and then create a new thread in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking and cleaning the system of any remaining threats as soon as one becomes available. If there is anything else we might assist you with please let us know. Thanks
  21. That is odd. It sounds like perhaps either something else on your system is interacting with ObjectDock to cause this, or else perhaps there is some kind of corruption going on with some aspect of ObjectDock itself. I suppose the first thing to try would be to reinstall ObjectDock and then restarting your system to see if that alleviates the issue. Please give that a try first, and if unsuccessful, see if perhaps there is a new version of ObjectDock available and try installing that instead of your existing version to see if that fixes the problem. If the problem still persists then maybe running chkdsk /r from an administrative command prompt would help. To do so, click on START and type in cmd and then when you see cmd.exe listed at or near the top of the START menu, right-click on it and select Run as administrator and then click Yes if prompted by User Account Control. In the command prompt window that opens type the following and then press Enter and allow it to complete, allowing it to restart your system if prompted to do so to complete the repair process: chkdsk /r More information on using chkdsk can be found here.
  22. That's great news, if there is anything else we can assist you with please let us know and we'll do our best to help. Thanks
  23. Greetings, I just tested on my own system and I was able to successfully capture a full webpage (this post, actually) via the auto-scroll capture feature in FastStone Capture (latest available on their site) using the portable build with Web Protection active. I'm on Windows 7 x64 SP1, fully patched. It may help if you provide additional information about your environment, so please do the following: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Additionally, please let us know what version of FastStone Capture you're using (i.e. paid or free trial) and whether it is the normal installed version or the portable build. Thanks
  24. I read the page you linked, and as far as I can tell they are in compliance with California law (the most strict and all-encompassing of the states mentioned as far as I could tell). Here's an image of the purchase page for 2checkout/Avangate (the Cleverbridge purchase page should be quite similar if not virtually identical with the exception of the company-specific info of course): I circled all of the relevant info in red which I believe relates to the requirements stated in the article you linked. Company contact info for refunds, their policies, support etc. as well as a clear statement regarding the auto-renewal enrollment as well as an additional info tooltip icon which, when you hover your mouse over it, provides additional explanation/information and instructions on disabling it (you should be able to disable it via the My Account feature just as you can change your payment info) though someone from the staff may have to verify as I've not used the My Account feature myself and I've only got a lifetime license so I can't check how it handles subscriptions/auto-renewals etc. and I've just been going off of the info provided in the support article I linked to in my reply above.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.