BFeely

I'll re-run the scan; I thought the scan results were attached inside the .zip file.

This file is from the .NET Framework 1.0 Service Pack 3. Included in the .zip is the ngen program from that version of .NET Framework and a log showing the file and registry values also detected. ngen.zip

Is NSIS often used to pack malware, thus unsigned NSIS installers tend to trip up the scanner?

Incorrectly detected as Malware.AI.3469410884 nsis-3.01-setup.exe.zip

Was my minidump of any use?

Here's the minidump from when Windows Setup crashed in the final stage. mwac.dmp

Just wanted to mention I got the same crash. I'll send a Windows minidump if my next attempt to install the Insider build fails again.

Do you have a local city tax too?

Possible false positive, or outdated block. If it has to do with the "Sonic Gather Battle" malicious "DRM" I do believe they have removed any related files.

VirusTotal says your engine doesn't detect anything; have you manually analyzed the file in question, and is it in fact malicious enough to block the entire domain?

Is there an edit button on this forum? Another blocked URL is: ftp://archives.gamers.org

The following /idgames mirrors cannot be accessed when Malwarebytes is active: https://www.quaddicted.com http://youfailit.net http://www.gamers.org

Somehow it didn't attack the newer version installers like 3.06.1 which I currently use for development.

nsis-3.0-setup.exe - SHA256 F7395CFC1B54444D17B507B8F62E6AE6C7807ABD2A6D3CE779EEED13087BCEC6 got detected as Malware.AI.297312164 on my Malwarebytes. nsis-3.0-setup.zip

Is the host trying to force these files on visitors or are they part of a historical archive?

How come cd.textfiles.com is blocked for a Trojan? They are a somewhat legitimate archival website; perhaps contact their webmaster if something is detected, in order to put up an advisory if appropriate?

Does this mean you have ceased all partnerships with WOT? If so, that is very unfortunate for both Malwarebytes and WOT users.

I have seen the following in the MyWOT forum: https://forum.mywot.com/posting.php?mode=reply&f=3&t=93256 Since it is also no longer available as a trusted source, will you be offering MyWOT an alternative source of domains to blacklist?

Still blocking outgoing IPv6 ping, running Controllers 1.0.896 Since this is only a minor inconvenience and I can ping when Web Protection is turned off I do not plan on downgrading at this time; I don't know the last build that let IPv6 ping pass through. TCP/IP still works fine over IPv6 even with Web Protection on.

Here are the attached logs: mbst-grab-results.zip

When Web Protection is on (Malwarebytes 4.1.0, Windows 10 Insider Preview 19619 x64) I cannot ping to an IPv6 address. If I turn off Web Protection it works fine.

hpHosts was used in default installations of Pi-hole, a network-wide adblocker, specifically its "Ad servers" list. Lists have also been used by other third parties. Shutting this down and removing access to the data to me seems quite short-sighted.

It's unfortunate that you would delete a service that has been so useful for third party filters.

Now it appears hpHosts has been taken down and replaced by something called "Malwarebytes Browser Guard" and I can no longer look up site ratings.

The issue is getting worse; attempting to load a site report now gives a HTTP 500 error.