td47
Honorary Members-
Posts
64 -
Joined
-
Last visited
Reputation
6 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
OK, thanks for that observation. I see that VT has an API, where expert users, (and I assume also AV vendors), can query their database to gather details on new threats, or to check on a threat status. I am just wondering if it can work the other way around, i.e. can vendors (such as MalwareBytes), use VT for updating the internal threat database of the product?
-
I did do an update check after you posted, and my MWB did indeed go from 4.6.8.311 to 4.6.9.314, with a small update to the defs I think. We will have to see how it goes, as the news services items seem to use lots of different CLOUDFRONT services, and I guess it is difficult to white-list all of the variations. However, I did read on the VirusTotal technical pages, that they try to avoid flagging large entities with multi-domain multi-tenant service offerings, such as Amazon AWS, Google, and Microsoft Azure, and CloudFlare, just to name the top 4. Perhaps they need to clean this up, if big vendors like yourselves are pulling data into your definitions.
-
Apologies for mixing up the old and new post, I had both open in 2 tabs on the same Firefox browser, and the posts looked the same. I forgot to scroll up! Regards, Embarrassed in OZ!! 🤫
-
Thanks for doing that. Do you have a link, I can't seem to find the new topic?
-
OK, thanks for the advice, will do.
-
Hello, I also have the same issue with a false positive for a different AWS CLOUDFRONT service, at server-18-64-50-125.mel52.r.cloudfront.net (IP address 18.64.50.125). Can this one also be whitelisted please? In this case it is being used by the Microsoft News APP (msedgewebview2 API). I suspect MWB might be blocking these because of unreliable VIRUSTOTAL entries? -Website Data- Category: Malware Domain: server-18-64-50-125.mel52.r.cloudfront.net IP Address: 18.64.50.125 Port: 443 Type: Outbound File: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe
-
Hello, the email received today from MWB, subject "What Gen Z really cares about when it comes to privacy" gets an MWB premium block from a Cloudfont link. Log attached, please advise if a false positive or not. CLOUDFRONT_BLOCKED_FROM_MWB_EMAIL.txt
-
[ RESOLVED ] System Tray Icon Missing
td47 replied to Hsjafo's topic in Malwarebytes for Windows Support Forum
In reply to @exile360 your excellent advice came up in a Google search, where the system tray icon was missing, on my Windows 11 desktop PC that has been running fine for over 6 months. I had forgotten that the Fast Startup is on by default, and my older Windows 10 desktop PC rarely has that MWB Icon issue, as it was already off. After turning off the Fast Startup and rebooting, it is all fine again. As the new Windows 11 PC is a new, and very fast machine, with a Sabrent Rocket Q4 NVME boot drive, I did not notice any different in booting. -
The ALIEXPRESS site needs the following unblocked to be able to read messages: ae.mmstat.com Ticking that in the page UI fixes the issue.
-
Hello @Porthos many thanks for the quick and useful reply. I had forgotten about all those useful options in that exploit protection area. All working fine now.
-
I opened a word document for an item return. I noticed it was in "English US" so I looked at the Language options within WORD. I noticed that the 3 languages (English Australian, English UK, and English US were all installed, but the English UK was NOT enabled. I clicked the "NOT ENABLED" link, to activate that, and MWB blocked it as an "exploit" although this ONLY appears to be a dialogue between the Control Panel Settings program, and WORD or Keyboard settings. Please check out this probable false positive. I am using MWB version 4.5.19.229. WORD_LANGUAGE_CHANGE_BLOCKED.txt
-
Many thanks for the quick responses and quick fix from the MWB/BG devs, admins and staff. Much appreciated.
-
I am NOT, it is the Amazon Prime Video service itself!! I cannot control that!!
-
Here is a screen shot of what I get here. Location: Australia, TZ AEST (Melbourne), using a JP server. Version of BG is 2.5.2, are you using a Beta version?
-
OK, sorry, it looks like it is NOT HTTPS. Try just using "fls-fe.amazon.co.jp" on its own, you will get a block, and when you unblock, you DO get a response, but as it is NOT called from a known Amazon source with appropriate parameters, you get an "unknown error". I have attached the BG log for you to see. BG-Logs_v2.5.2_2022-08-22_104648.txt