Curley

I am seeing this detection on a regular basis. I have used this site many times in the past three years and believe it to be reputable. This just started happening for me in the last week or so. Here is the log file for reference. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/20/23 Protection Event Time: 2:48 PM Log File: 5140cd5a-3fa3-11ee-93d3-e03f497a36db.json -Software Information- Version: 4.5.22.236 Components Version: 1.0.1915 Update Package Version: 1.0.74241 License: Premium -System Information- OS: Windows 10 (Build 19045.3208) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Hijack Domain: api-prod.ec.openstax.org IP Address: 18.220.110.155 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)

I checked the Penetration setting. It was off as you suggest it should be. Thanks!

I checked for Malwarebytes updates and a new one was offered with new Update and Component package versions. This seems to have fixed the issue in reported above. If things change I will report back.

I also see the following notification I also see the following notifications but there is nothing shown in the quarantine list.

Thanks for the suggestion. I will wait for a reply from the Malwarebytes teams before doing what you suggest.

I get the following detections when closing Office 365 applications like Excel and Word. This happens after loading either program, opening a blank document, making a few edit, then closing the program without saving the document. Here are the log files. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/26/20 Protection Event Time: 11:37 AM Log File: dace01a6-301e-11eb-909c-e03f497a36db.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1104 Update Package Version: 1.0.33462 License: Premium -System Information- OS: Windows 10 (Build 19041.630) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: Microsoft Office Excel Protection Layer: Application Behavior Protection Protection Technique: Exploit payload macro process blocked File Name: URL: (end) Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/26/20 Protection Event Time: 11:36 AM Log File: a9512aa4-301e-11eb-829b-e03f497a36db.json -Software Information- Version: 4.2.3.96 Components Version: 1.0.1104 Update Package Version: 1.0.33462 License: Premium -System Information- OS: Windows 10 (Build 19041.630) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: Microsoft Office Word Protection Layer: Application Behavior Protection Protection Technique: Exploit payload macro process blocked File Name: URL: (end)

Here is a screen shot:

I am suddenly seeing this site flagged as possibly infected with a Trojan. The site seems valid to me. I am using MB 4.2.3.98, component package 1.0.1104, update package 1.033216

After my computer was sleeping for a few days I received a malware warning shortly after wake-up and before I did anything else. Prior scans before sleeping were clear. Here is the information from the scan in question: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/4/20 Scan Time: 11:19 AM Log File: 1bb5fbd6-066e-11eb-aef1-e03f497a36db.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.1003 Update Package Version: 1.0.30786 License: Premium -System Information- OS: Windows 10 (Build 19041.508) CPU: x64 File System: NTFS User: -Scan Summary- Scan Type: Custom Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 1 Threats Detected: 1 Threats Quarantined: 0 Time Elapsed: 0 min, 13 sec -Scan Options- Memory: Disabled Startup: Disabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Malware.AI.4251881354, C:\PROGRAMDATA\WEBEX\WEBEX\1324\WELSDEC.DLL, No Action By User, 1000000, 0, 1.0.30786, 70E008F9BE16B670FD6E8F8A, dds, 00925525, E364FBE050C49D410754D80C9BD3E1BA, 58A58EDA1639736F501367C707323B8A87F4A1962244E97B836C9744C7BB5933 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)

I enabled WEB Protection after installing the MWB component 1.0.527 update on 1/21. I have experienced no freezes since. My system (Win 7 Professional, 64 bit) is running as smoothly as it was before this issue arose. Thanks for working through the issues as quickly as you did given the difficulty of dealing with an intermittent fault.

Thanks for the update and to learn that there appears to be a logical reason behind the erratic Win 7 system freezes . I'm sure your communication is greatly appreciated by all affected MWB customers.

Is there an estimated time for when the Win 7 freeze issue with the Web Protection feature will be resolved? How will the user community be be informed it is time to update again? I realize I should get a MWB notification in the application that an update is available but it would be nice to understand that this specific issue was identified and corrected. Combing through this forum is informative and helpful but it's also time consuming. In the meantime, I've disabled Web Protection with no hangs for about a day now. I also turned off Automatic Updates. System details are as follows: OS Name Microsoft Windows 7 Professional Version 6.1.7601 Service Pack 1 Build 7601 Other OS Description Not Available OS Manufacturer Microsoft Corporation System Name System Manufacturer System manufacturer System Model System Product Name System Type x64-based PC Processor Intel(R) Core(TM) i7-4930K CPU @ 3.40GHz, 3401 Mhz, 6 Core(s), 12 Logical Processor(s) BIOS Version/Date American Megatrends Inc. 0701, 1/7/2014 SMBIOS Version 2.7 Windows Directory C:\Windows System Directory C:\Windows\system32 Boot Device \Device\HarddiskVolume1 Locale United States Hardware Abstraction Layer Version = "6.1.7601.24308" User Name Time Zone Pacific Standard Time Installed Physical Memory (RAM) 32.0 GB Total Physical Memory 31.9 GB Available Physical Memory 27.4 GB Total Virtual Memory 63.9 GB Available Virtual Memory 59.3 GB Page File Space 31.9 GB Page File C:\pagefile.sys Thanks!

I absolutely agree, MB should be more open about issues like this. I pity the poor, new, unknowing customer who just installed MB suddenly have this problem. I was looking a possible hardware issues until I found it was a new MB update causing the problem.

I have experienced a Win 7 Professional system freezes this morning. It was a hard freeze as reported by many users; nothing worked other than a hard system reset. Upon reboot Windows had to check my system disk and fix some errors. Other than the original MB postings has there been any progress made on this serious problem? For the moment I have disabled Web Protection as suggested. I hope that stops the freezes until a corrective update is released.

I am having the same issue. Glad to see it is a general problem and not isolated to me. I also note that I can't log into my Malwarebytes account and if I go to the Malwarebytes website for support the Support part of the site is messed up. If I try to log on there, I get a message stating the site is in maintenance mode at the moment, try again later. Something is up for sure.

I updated the signatures a few minutes ago and have not seen the pop-up since doing so. They were coming up constantly every few minutes before I did that.

I'm have noticed in the last day or so that MB is blocking access to ipecho.net. The log follows: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 5/2/17 Protection Event Time: 2:18 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.6.1469 Components Version: 1.0.103 Update Package Version: 1.0.1853 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: ipecho.net IP Address: 5.12.153.81 Port: [64499] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) I've done some research on ipecho.net and cannot get a clear sense as to why it is being blocked.