monbonita96 1 Posted August 23, 2018 Share Posted August 23, 2018 Dear all, Checking my ESET renew receipt in my inbox, MALWAREBYTES block the page due to phishing, I think the image is the one, that MALWAREBYTES is detecting as phishing Could it be a False Positive? From: comprobantes.astropay@eset-la.com MALWAREBYTES LOG Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/22/18 Protection Event Time: 3:12 PM Log File: abaf51b2-a647-11e8-bb7e-6cf049562b12.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.391 Update Package Version: 1.0.6459 License: Premium -System Information- OS: Windows 10 (Build 17134.228) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Phishing Domain: f.cl.ly IP Address: 52.216.230.123 Port: [50384] Type: Outbound File: C:\Program Files\Mozilla Firefox\firefox.exe (end) Best Regards Link to comment Share on other sites More sharing options...
novice 20 Posted August 24, 2018 Share Posted August 24, 2018 Malwarebytes is well known for FP generated by its Web Protection ( I disabled mine) so I would say is a false positive. Link to comment Share on other sites More sharing options...
TomFace 539 Posted August 24, 2018 Share Posted August 24, 2018 (edited) I would open a ticket with MBAM support and have them verify it is indeed a FP. As far as running MBAM Prem with ESET at the same time, in my experience, they will clash. Ever since MBAM went to v3, MBAM and ESET do not play well together. Best regards. Edited August 24, 2018 by TomFace Link to comment Share on other sites More sharing options...
galaxy 11 Posted August 24, 2018 Share Posted August 24, 2018 MBAM uninstalled because there were only problems Link to comment Share on other sites More sharing options...
ram1220 3 Posted August 24, 2018 Share Posted August 24, 2018 I also turned off the paid version of MB. Too many problems. I only use it as an on demand scanner now. Link to comment Share on other sites More sharing options...
novice 20 Posted August 25, 2018 Share Posted August 25, 2018 9 hours ago, ram1220 said: I also turned off the paid version of MB. Too many problems. I only use it as an on demand scanner now. MBAM has grown in complexity since v1.75 (when was a simply "second layer" to any antivirus) and cannot be used with a sophisticated antivirus like ESET. Malwarebytes recently acquired Windows Firewall Control from Binisoft and has everything to be a fully flagged antivirus (even though they say MBAM is still compatible with any antivirus) I run MBAM and MSE without issues. Link to comment Share on other sites More sharing options...
ram1220 3 Posted August 25, 2018 Share Posted August 25, 2018 I don't trust MSE. I'll keep using Eset and only run MB as an on demand scanner. To each his own I guess. Link to comment Share on other sites More sharing options...
jadinolf 131 Posted August 27, 2018 Share Posted August 27, 2018 I have ESET on my 5 computers and I have no intention of ever changing. There- I said it. ? Link to comment Share on other sites More sharing options...
AdvancedSetup 0 Posted August 29, 2018 Share Posted August 29, 2018 Hello monbonita96, the IP is not blocked. That is a shared IP provided by Amazon S3 for multiple sites. The link we block is for the following site as it is spreading malicious files. I don't believe it is/was part of the letter from ESET it could be due to some advertisement that is crossed linked maybe. It would take more analysis to see if we're able to verify the actual source as it could also be offline now. These type of Ads change rapidly to avoid take-down notices, etc. f.cl.ly Example of files they're spreading HXXp://f.cl.ly/items/291u0Y0G2c381O3H2O22/DSC_0024.exe Thank you Forum Manager, Malwarebytes Link to comment Share on other sites More sharing options...
Recommended Posts