Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Substr

  • Rank
    New Member
  1. Thanks, I'll also send an email to the provided dhl.com email address just to get extra confirmation that the url is legitimate, would you want that forwarded on anywhere if I receive a reply?
  2. Hi, Thanks for the reply, but I'm quite certain the dhlexpress.fi domain is legitimate, even if it's not often used. You can see the base domain redirects to their own website at https://mydhl.express.dhl/fi/fi/home.html which is also the page you end up at if you visit https://www.dhl.com/fi-en/home.html and scroll down and click "DHL Express". Additionally, the reason I initially posted this was due to getting a confirmed real text message from DHL for me to enter customs information for an expected shipment, and the specific link they used was located at the huolinta.dhlexpress.fi
  3. Hi, I'm getting a "Website blocked due to reputation" page for the huolinta.dhlexpress.fi domain which is a Finnish-specific domain for the DHL courier company, is this a false positive?
  4. Can confirm that there's no longer any detections after the update.
  5. Yep all of my matches were rule 791016. Thanks, I'll keep an eye out for the update and test again.
  6. Can you define what "pup chrome notifications" means? Is that sites which have permission to send notifications under chrome://settings/content/notifications or something else entirely? I only have gmail and discord listed there, so it's really unclear what MWB is actually trying to warn me about.
  7. This morning MWB notified me of the exact same thing out of nowhere, PUP.Optional.PushNotifications in Chrome. Are we sure this isn't some kind of false positive, or has a recent update changed something about detection? Seems a bit of a coincidence that we both get that suddenly in the last 24 hours. Can someone explain what exactly that detection is about? Is it simply that you have enabled push notifications for some sites in chrome and now MBW is treating that as a PUP?
  8. One of the domains that Backblaze uses for their B2 storage product has started being blocked since yesterday. This seems to have been added by someone to https://hosts-file.net/default.asp?s=f002.backblazeb2.com I assume this was added because one person just hosted a malicious file from this domain, but this seems a false positive in blocking the entire subdomain, as B2 is their commercial cloud storage product and it breaks a lot of services for people if malwarebytes blocks it.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.