Jump to content

Web protection not blocking a site that it should be

Buddel
 Share

Recommended Posts

Buddel

Buddel

Posted
Posted (edited)

Web protection is functioning by visiting iptest.malwarebytes.com. As expected, MBAM blocks the page. However, I can go to  hxxp://www.raxco.com/  without any problems at all.

 

Edited by exile360
Disabled active potentially malicious URL
Link to post
Share on other sites
  • Replies 76
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Buddel

Buddel

Posted
  • Author
Posted (edited)

- latest version of MBAM Premium (3.1.2.1733), latest database

- OS: Windows 10 Home Premium 32-bit

- Firefox 53.0.3

PS: Just tried to reach hxxp://www.raxco.com/  via MS Edge - same result. MBAM does not block it.

Edited by exile360
Disabled active potentially malicious URL
Link to post
Share on other sites
exile360

exile360

Posted
Posted

I've split this of to its own topic since this isn't about the unblock request in the other thread and is related to Malwarebytes protection not functioning properly.

Now, as for the issue, yes it seems that it is not functioning normally for you.  Please check the Exclusions tab under Settings first to see if any websites or IP addresses are listed.  If there are none, then please try the following:

** Download MB-Clean Here **

  1. Download the latest version of MB-Clean by clicking the link above
  2. Close all open applications
  3. Double-click and run mb-clean.exe 
  4. A prompt with an option to clean up the system will appear:
    • Yes - will proceed with backing up the license key (Malwarebytes 3.x only) and initiating the cleanup process
    • No - will exit the utility
  5. Once the cleanup process is completed, a prompt will appear:
    • Yes – will proceed and post reboot you will be prompted to continue with the downloading, installation and activation of latest version of Malwarebytes 3.x
    • No – will exit the utility and you will not be prompted (post reboot) to download, reinstall and re-activate (not recommended)
      • We recommend rebooting immediately. Additionally, stopping at this step is not recommended and will most likely not resolve your issue(s).
  6. Upon reboot, a prompt will appear:
    • Yes - will download, install and activate the latest version of Malwarebytes 3.x
    • No - will exit the utility and the cleanup process is complete
      • Choose this option if you do not want to download, install and activate the latest version of Malwarebytes 3.x
    • A log file ("mb-clean-results.txt") will be on your desktop 

Once that's done, try visiting the website again to verify that it is now blocked properly.  If it is not, then we'll proceed to check a few more things (like proxy settings, HOSTS file, DNS servers/VPN etc.) which might be causing web protection to be bypassed.

Link to post
Share on other sites
Buddel

Buddel

Posted
  • Author
Posted (edited)

Once the cleanup process is completed, a prompt will appear:

Yes – will proceed and post reboot you will be prompted to continue with the downloading, installation and activation of latest version of Malwarebytes 3.x

No such prompt here. MB-Clean removed MBAM. That's all it did. No prompt, nothing. And yes, I did reboot. Seems like not even the removal tool is working for me.

 

PS: Removal log uploaded.

 

 

mb-clean-results.txt

Edited by Buddel
Link to post
Share on other sites
Buddel

Buddel

Posted
  • Author
Posted (edited)

I'm back. I installed the latest version and activated my key. Unfortunately, nothing has changed:

- MBAM blocks iptest.malwarebytes.com

- MBAM does NOT block hxxp://www.raxco.com/

Edit: The results for Firefox and MS Edge are identical.

Edited by Buddel
Link to post
Share on other sites
nikhils

nikhils

Posted
Posted

Lets get some debug logs in this case:

1. Open the MB 3 UI and go to Settings/Application tab.

2. Turn On the "Collect enhanced event log data for support"

3. Once the enhanced logging is enabled navigate to both : iptest.malwarebytes.com and hxxp://www.raxco.com

4. Once you do that please follow the post below and run MB-Check and FRST tool.

We would need 3 logs FRST.txt, Addition.txt and MB-CheckResults.zip (Which would have the debug MBAMSERVICE logs)

Thank you

Link to post
Share on other sites
dcollins

dcollins

Posted
Posted (edited)

I missed this before, but it does look like you have a proxy set in Firefox configuration. Can you remove these settings 

FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> ftp", "115.124.85.18"
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> ftp_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> gopher", "115.124.85.18"
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> gopher_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> http", "115.124.85.18"
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> http_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> socks", "115.124.85.18"
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> socks_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> ssl", "115.124.85.18"
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> ssl_port", 8080
FF NetworkProxy: Mozilla\Firefox\Profiles\v0z4z5rv.default -> type", 0

You also have parts of OpenVPN installed. If you aren't using a VPN, can you try uninstalling this. 

R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48056 2016-06-07] (The OpenVPN Project)

 

Edited by dcollins
Link to post
Share on other sites
Buddel

Buddel

Posted
  • Author
Posted
3 minutes ago, dcollins said:

I missed this before, but it does look like you have a proxy set in Firefox configuration. Can you remove these settings

Not sure how to remove these settings. However, I don't think that removing these settings will fix the problem. I also used Microsoft Edge browser to go to hxxp://www.raxco.com/ and Malwarebytes did NOT block it. So the problem to be fixed is not browser-related.

 

5 minutes ago, dcollins said:

You also have parts of OpenVPN installed. If you aren't using a VPN, can you try uninstalling this.

This is part of Kaspersky Internet Security (bundled software). OpenVPN is not enabled here. Only if you enable it can you use it. So this is not the reason why Web Protection doesn't work here. Even if I disable Kaspersky (an OpenVPN), Malwarebytes Web Protection does NOT work.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.