Jump to content

Search the Community

Showing results for tags 'blacklisted'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 15 results

  1. Dear Malwarebytes Team, So couple of days ago I bought this domain called "entebook.com" to write book reviews and summaries. As I'm setting up my site, today I noticed that Malwarebytes is blocking my website in the browser saying it has light traffic and malware activities. This simply can't be true, I just bought it and I'm still setting and designing it up. Please help and try to remove it from the block list, please. Thanks in advanced. Kind regards, Kevin.
  2. this is the second time this has happened to me. It works and then whoosh it takes away my license key and says i'm using a free version, i didn't do that, I can't enter my license key because it says blacklisted. my license is suppose to be a lifetime license. I need help please. Need ssupport ticket, site taking me in circles, don't know proper place to go to get support ticket
  3. Recently I was alerted that my Lifetime license, which was purchased from Amazon Digital Services, Inc., is Blacklisted. support ticket: 2695584
  4. Same thing happened to me after an update. System rebooted and the license was gone. Went to the website, deactivated, and then tried to reactivate. Said blacklisted. Even though my account said lifetime sub. Not sure what's going on.
  5. I turned on my PC about 30 minutes ago and a Malwarebytes update showed up. After the update I noticed it was asking if I want to start the Pro trail. (This is happened before where Malwarebytes made me reenter my License after an update, it was quite annoying but good thing I saved my info and it was painless.) But this time I got a message telling me my license key was blacklisted and I should contact Malwarebytes support. I bought several of these Lifetime License keys (I just looked it up) from Newegg back in 2013 during a sale. I have attached my proof of purchase from Newegg. Please help, thanks..
  6. I've been a loyal customer of Malwarebytes for well over ten years. I've gotten other people to buy as I think it is a superior product. And last night I had my License Key become blacklisted. WHY???? I did start a ticket, but who know how long that will take and in the meantime, my computer has no live malware protection....and I am not happy. I appreciate any help or advice you could give me.
  7. Add me to this list. I purchased a 3-pack of MBAM lifetime licenses 5 or 6 years ago, and they were always honored whem MBAM changed to Malwarebytes 3. I also have a Lifetime licence for XP, granted when I was a beta tester for the original MBAM way back when. So I have 4 lifetime licences. After so many years, I do not have original receipts. When I was prompted on my Windows 7 Home system to upgrade to MB3 version 3.8.3 (for "free"), I accepted and installed. It appears I inadvertantly installed the "free" trial version, and have lost my lifetime licence. Attempts to enter my old lifetime licence and ID tell me I have exhausted my attempts. This is unacceptable to me. As a moderator in several security forums, I always promoted MBAM and MB3, based on my experiences. Honor your lifetime licence, Malwarebytes.
  8. Please help me get my website back in safe browings list www.allofmyinterest.com the web folder is empty, why am I getting this error still
  9. Hello, I'm a partner of efun.top and read your clarification about bulk blacklist of all .top websites in your post: I hope you could add https://www.efun.top/ and all the subdomains like https://it.efun.top/ as trusted website, since many customers are unable to browse the website and they give a really bad image, over loose money for every customer that have your good antimalware. Please consider my request, since I loose money for everyone who have malwarebytes and don't want to send a newsletter clarifiyng that the problem is malwarebytes... you could loose customers. Hope to have both benefits.
  10. I posted about this earlier today, but was unable to respond to the reply since the post was locked, so I will try again. The domain safe-browsing.com is a domain owned by Wombat Security Technologies. Our customers licesnse our PhishGuru tool (https://www.wombatsecurity.com/about/news/wombat-security-technologies-unveils-phishguru-30-and-wins-pc-magazines-editors-choice) so they can send their employees emails that look like phish in order to test If the employee will fall for it or report it. If the employee clicks on the link then they are taken to a teachable moment explaining the dangers of phishing and then the company's Security Awareness team follows up with more in depth training if need be to help the employee spot phish in the future. I can see why someone who is not familiar with our products would think this is a domain used for real phishing attacks. I went through this exhaustively with your team six months ago which is why I assumed this would not be so hard. I really need this unblocked and would love to know which Wombat customer reported this domain and I can reach out to their CISO and have them contact you directly if need be. I would be more than happy to work with Steven or any other team member if I had a way to communicate with him. As I mentioned earlier, in the past I worked with Corporate Support (since we are a customers) but was told I need to come to this forum to get this resolved.
  11. Mike Pikkov told me to make a post in order to get my domain unblocked. The domain is question is safe-browsing.com *.safe-browsing.com and *.*.safe-browsing.com. Our customers are being negatively affected because of this false positive so please let me know what I can do to get this addressed as soon as possible. In the past, Malwarebytes Customer Support has been very helpful, but this time has been quite a struggle and I have not had a great experience. ----------------------------------------------------------------------------- FEB 09, 2016 | 07:50AM PST Mike replied: Hi Michelle, >So you want me to post my issue to this forum? Yes, please. >Why in this past was Ron S able to get us un-flagged? As we un-flag domains on case-to-case basis (I have reviewed your older support tickets) I guess Research Team did not find any reasons for domains to be blocked. >Also, why did you think that the domain was associated with Google? I’m sorry I was just transferring their message. I would recommend forwarding this question to them directly. Let me know if their reply is delayed and I will follow up with them. Kind regards, Mike Pikkov | Customer Success Malwarebytes | www.malwarebytes.org -----------------------------------------------------------------------------
  12. When I opened up my malewarebytes program I noticed that it said it wasn't in "Premium". So I went to the activation page and entered my code in and this is what I got. I kept on trying to enter my code but I kept getting this error. Hopefully someone can help me ASAP. Thanks.
  13. I could use some help. I believe I have a trojan in the family of Zbot/Zeus on either my computer or Android phone (or both). I connect to the internet at home via wifi hotspot with my Android phone. I had a suspicion something was wrong and ran all the normal anti-virus/malware software which came up with a couple issues. After this I attempted to start an account with this forum and was denied access with the following: "Sorry, you don't have permission for that! [#1001] You are not allowed to visit this community." This looked suspicious so I checked to see if my IP was blacklisted. As I have a dynamic IP I checked the range in which my phone normally uses, 3 of the 5 were blacklisted with cbl.abuseat.org. The majority of reports showed: “This was detected by observing this IP attempting to make contact to a Zeus Command and Control server, with contents unique to Zeus C&C command protocols.” I then switched my PC off and left my phone on, checking the current IP. The same activity was reported later that evening by cbl.abuseat.org for my IP with only my phone on (full report follows). It should also be noted that three other IPs in the range ending 10-15 also showed activity around the same time (so not all my phone). From the report on cbl.abuseat.org it sounds like wiping the infected device is the best option for ensuring protection in future. I would like to know what others think. Is there a way to tell which device is infected? Maybe through logs on the phone and firewall on the computer? Is there anyway to know if my external hard drive is compromised (with my backupdata)? Any help is greatly appreciated. Example log from cbl.abuseat.org (with my IP address removed): CBL Lookup Utility: http://cbl.abuseat.org/lookup.cgi?ip=XX.XX.XX.12&.pubmit=Lookup IP Address XX.XX.XX.12 is listed in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet. It was last detected at 2013-07-25 11:00 GMT (+/- 30 minutes), approximately 3 hours ago. It has been relisted following a previous removal at 2012-05-04 10:38 GMT (447 days, 3 hours, 19 minutes ago) This IP is infected with, or is NATting for a machine infected with Win32/Zbot (Microsoft). This was detected by observing this IP attempting to make contact to a Zeus Command and Control server, with contents unique to Zeus C&C command protocols. Zbot is known by other names: Wsnpoem (Symantec) and most commonly as Zeus. Zbot/Zeus is a banking trojan, and specializes in stealing personal information (passwords, account information, etc) from interactions with banking sites through the use of "formgrabs". This was detected by a TCP/IP connection from XX.XX.XX.12 on port 16172 going to IP address (the sinkhole) on port 80. The botnet command and control domain for this connection was "zadejola.com". Behind a NAT, you should be able to find the infected machine by looking for attempted connections to IP address or host name zadejola.com on any port with a network sniffer such as wireshark. Equivalently, you can examine your DNS server or proxy server logs to references to or zadejola.com. See Advanced Techniques for more detail on how to use wireshark - ignore the references to port 25/SMTP traffic - the identifying activity is NOT on port 25. This detection corresponds to a connection at 2013-07-25 10:56:24 (GMT - this timestamp is believed accurate to within one second). These infections are rated as a "severe threat" by Microsoft. It is a trojan downloader, and can download and execute ANY software on the infected computer. You will need to find and eradicate the infection before delisting the IP address. We strongly recommend that you DO NOT simply firewall off connections to the sinkhole IP addresses given above. Those IP addresses are of sinkholes operated by malware researchers. In other words, it's a "sensor" (only) run by "the good guys". The bot "thinks" its a command and control server run by the spambot operators but it isn't. It DOES NOT actually download anything, and is not a threat. If you firewall the sinkhole addresses, your IPs will remain infected, and they will STILL be delivering your users/customers personal information, including banking information to the criminal bot operators. If you do choose to firewall these IPs, PLEASE instrument your firewall to tell you which internal machine is connecting to them so that you can identify the infected machine yourself and fix it. We are enhancing the instructions on how to find these infections, and more information will be given here as it becomes available. Virtually all detections made by the CBL are of infections that do NOT leave any "tracks" for you to find in your mail server logs. This is even more important for the viruses described here - these detections are made on network-level detections of malicious behaviour and may NOT involve malicious email being sent. This means: if you have port 25 blocking enabled, do not take this as indication that your port 25 blocking isn't working. The links above may help you find this infection. You can also consult Advanced Techniques for other options and alternatives. NOTE: the Advanced Techniques link focuses on finding port 25(SMTP) traffic. With "sinkhole malware" detections such as this listing, we aren't detecting port 25 traffic, we're detecting traffic on other ports. Therefore, when reading Advanced Techniques, you will need to consider all ports, not just SMTP. Pay very close attention: Most of these trojans have extremely poor detection rates in current Anti-Virus software. For example, Ponmocup is only detected by 3 out of 49 AV tools queried at Virus Total. Thus: having your anti-virus software doesn't find anything doesn't prove that you're not infected. While we regret having to say this, downloaders will generally download many different malicious payloads. Even if an Anti-Virus product finds and removes the direct threat, they will not have detected or removed the other malicious payloads. For that reason, we recommend recloning the machine - meaning: reformatting the disks on the infected machine, and re-installing all software from known-good sources.
  14. Hi guys. Some months ago we changed host and our forum's new IP is Unfortunately i realized that you have blacklisted our IP for a reason. Some of our users, reported that malwarebytes is blocking our forum. - We NEVER caused any problems in the past 3 years we are running this forum... - We NEVER spammed with any possible way... - We NEVER had any malware content in our forum... So i suppose the previous forum/blog who was using our current IP, is responsible for this blacklist. Please check this out and remove our IP from your back list. Thanks in advance for your time
  15. Hi. IP : domain : francepointspermis.fr MBAM blocking my website. My site is hosted by OVH, I opened a ticket with them too thanks for help
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.