Malware Bytes "Exploit Attempt Blocked"

Reply

  #1  
Old 12-25-14, 09:16 AM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
Malware Bytes "Exploit Attempt Blocked"

Every so often I keep getting this warning and my browser will shutdown. I can usually just re-start the browser and everything will be fine. Then without warning it will pop back up and again shutdown the browser. I looked at the options for Malware Bytes can't seem to find a way to turn off this . Is anybody familiar with this. I'm reluctant to uninstall the program. This has just started happening since the latest update.


Name:  2014-12-25 12_03_16-Program Manager.png
Views: 989
Size:  41.7 KB

Name:  2014-12-25 12_15_04-Malwarebytes Anti-Malware (Free) 2.0.4.1028.jpg
Views: 954
Size:  38.7 KB
 
Sponsored Links
  #2  
Old 12-25-14, 09:26 AM
PJmax's Avatar
Group Moderator
Join Date: Oct 2012
Location: Northern NJ - USA
Posts: 56,394
Received 748 Votes on 703 Posts
That's pretty strange. I'm using the paid version and have never seen that before.

There is discussion of that in the malwarebytes tech forum.
 
  #3  
Old 12-25-14, 10:30 AM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
Thanks, PJ. I'll check it out later.
 
  #4  
Old 12-27-14, 08:47 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
You don't want to turn off the alert or uninstall the program. The reason that you have the program is to block the attacks. You want to find out what site is causing the alert & block the site completely.

https://helpdesk.malwarebytes.org/hc...-Anti-Exploit-

That site explains how to find the log file & send it to Malwarebytes. Personally, I would read the file myself & take it from there.
 
  #5  
Old 12-28-14, 04:07 AM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
Yes, I found out that it was an actual program separate from the usual Malware Bytes program. And yes I did uninstall it. It's much too intrusive.
 
  #6  
Old 12-28-14, 06:38 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
Since you uninstalled it, the blocked exploit will now be allowed to enter you computer. I really don't understand the reasoning behind that.
 
  #7  
Old 12-28-14, 07:11 AM
M
Member
Join Date: Dec 2014
Posts: 140
Received 0 Votes on 0 Posts
I understand removing it! I recently had a different "service" piggyback its way into my computer when I was searching Firefox. It kept threatening me with "errors" it claimed it had found in my system and wanting me to download it for my protection. It too had a name similar to a legitimate service, and its warnings were incessant and flashy and in my way. Even after I uninstalled it I had to repeat for parts it left behind in my computer. It was really abusive!
 
  #8  
Old 12-28-14, 08:47 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
marynurse, there are programs that get into one's machine & give fake alerts, in an attempt to convince the owner, to download some garbage. In Norm's case, I trust malwarebytes. That's why I would have at least, searched the logs to determine exactly who was attempting to compromise my machine.

Now his machine is wide opened, if malwarebytes were correct. Don't forget that an exploit is used to steal personal info such as online banking passwords. It's not just a virus that causes damage. A good exploit could be in & out with no warning, taking the info with it.
 
  #9  
Old 12-28-14, 09:13 AM
Gunguy45's Avatar
Super Moderator
Join Date: Dec 2007
Location: USA
Posts: 21,119
Received 3 Votes on 3 Posts
I had an issue a couple of years ago. Had to download a program from another PC then boot with no internet on mine. It was only a redirect thing...but a real PITA.

I have malwarebytes and several others that I run regularly, and have had no problems since. Wife and step-son only run MSE and they haven't had any issues, but they don't search and surf as much as I do.
 
  #10  
Old 12-28-14, 10:40 AM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
As Gunguy says I also have several other protections. It would be OK if it didn't shut down the browser each time.
 
  #11  
Old 12-28-14, 10:46 AM
Shadeladie's Avatar
Super Moderator
Join Date: Jan 2005
Location: PA - USA
Posts: 4,473
Received 90 Votes on 70 Posts
Is this happening in Firefox? Check out post #5 here: https://forums.malwarebytes.org/inde...shing-firefox/
Maybe that'll help?
 
  #12  
Old 12-28-14, 03:55 PM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
The other protections didn't see the exploit. You uninstalled the program that saw it because you didn't like the message but that was the purpose of the program.
 
  #13  
Old 12-28-14, 05:43 PM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
I'm using the latest version of FF. It's on automatic update.

If a malware program continues to shut down my browser every few minutes then that's no better than the exploit that might be invading my system. However, as I stated earlier I have several other protections. And besides previous to having this exploit detector, I never had problems before. Always a clean and secure system. I think I'm getting false positives. Most likely a conflict with other programs or a bug in the program. At any rate I never had it before and I don't think I need it now. Besides about the only sensitive info that can be taken from my system would be e-mail addresses at best.
 
  #14  
Old 12-28-14, 05:56 PM
M
Member
Join Date: Dec 2014
Posts: 140
Received 0 Votes on 0 Posts
You have to look closely - this warning originated from "Malwarebytes Anti-Exploits", not "Malwarebytes Antimalware". I used to get fooled and greatly concerned by such doomsday warnings till I learned to look for very small differences in titles. Now, if an offer is so aggressive and so obnoxious, I automatically start looking for such tattletale clues. And I won't do business with anyone who has to be that sneaky to get business. Fuggeddabout it!
 
  #15  
Old 12-28-14, 06:15 PM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
Marynurse, you nail it!
 
  #16  
Old 12-28-14, 06:40 PM
M
Member
Join Date: Dec 2014
Posts: 140
Received 0 Votes on 0 Posts
I meant to say - that first warning is back in #1
 
  #17  
Old 12-28-14, 06:56 PM
M
Member
Join Date: Dec 2014
Posts: 140
Received 0 Votes on 0 Posts
Thumbs up

Shadeladie - I just checked your link - glad to learn the association. I couldn't imagine Firefox would have helped with it willingly! And Firefox was so squirrelly I never did get it downloaded and haven't had time since, but I will after this.
 
  #18  
Old 12-28-14, 07:46 PM
H
Member
Join Date: Jan 2011
Location: United States
Posts: 2,446
Received 0 Votes on 0 Posts
I don't know about Malwarebytes and how it can affect a browser as I haven't used it in a long time. However I once had the Comodo Dragon browser and it would block websites I knew were safe to go to. So I know that some internet security software can and does cause problems and even has false positives. There are websites out there that can tell you if a website has been compromised so that is always a good test to check internet security software. I now no longer use the Comodo Browser and had a hard time completely removing what it did to my other browsers.
 
  #19  
Old 12-28-14, 07:49 PM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
If malwarebytes anti exploit is fake & not truly a malwarebytes program, why is there a help page, on their site about it?
 
  #20  
Old 12-28-14, 07:56 PM
M
Member
Join Date: Dec 2014
Posts: 140
Received 0 Votes on 0 Posts
I don't know, Pulpo. Did you install the anti-exploit version? What's been your experience with it? If it's authentic, I wonder why it keeps crashing Firefox.
 
  #21  
Old 12-28-14, 08:09 PM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
I didn't start the thread. It's Norm's thread. I know what you are saying about fake alerts but his didn't strike me as fake, especially since malwarebytes has a help page, on anti exploit. I posted it in post #4. If it's crashing Firefox, I would like to know what web page was loaded each time that it crashed. If it's the same site every time, it certainly could be an XSS attack. We never went the far, in the diagnosis. I run no script in Firefox which warns me about such scripts.
 
  #22  
Old 12-28-14, 08:17 PM
H
Member
Join Date: Jan 2011
Location: United States
Posts: 2,446
Received 0 Votes on 0 Posts
In my opinion No Script is actually better about warning you of exploits than other browser add ons but even it can have some problems as it will block banking websites but at least you can allow things with it. So nothing really is ever perfect but No Script is at least close in how it works.
 
  #23  
Old 12-29-14, 03:47 AM
Norm201's Avatar
Member
Thread Starter
Join Date: Sep 2013
Location: United States
Posts: 8,412
Received 169 Votes on 154 Posts
I didn't start the thread. It's Norm's thread. If it's crashing Firefox, I would like to know what web page was loaded each time that it crashed. If it's the same site every time, it certainly could be an XSS attack. We never went the far, in the diagnosis. I run no script in Firefox which warns me about such scripts.
Norm here. It crashed FF at random. This site and other sites. I would re-start the browser and it would pick up where it left off. Then maybe a few minutes later it might crash again. I'm not familiar with No Script. Maybe I should try it and see what happens.

The point being is I've have had no ill effects with or without this program running, which makes me think it's giving me false positives. And it was happening way too often on sites that I regularly visit.
 
  #24  
Old 12-29-14, 07:01 AM
M
Member
Join Date: Dec 2014
Posts: 140
Received 0 Votes on 0 Posts
Pulpo - My reference to Firefox follows the link in #11. This is very interesting and I just wondered if you also had experience to share. There's quite a variety of defensive programs mentioned throughout the thread and me, I'm always curious - didn't aim to put you on the spot at all, at all.
 
  #25  
Old 12-29-14, 08:52 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,986
Received 0 Votes on 0 Posts
I didn't feel that anyone put me on the spot. I have full confidence in my computing skills. I did a little more research & others have had a similar problem between anti exploit & Firefox. It seems to have been with Firefox 32. The latest version is 34.0. Norm, what version of Firefox are you using?

The most important thing that should be taken from this thread is what's called the "payload". The "payload" is the final effect that is produced by whatever malware is run. Malware is just a general term. While an "exploit" is still malware, the payload may not be seen immediately.

Norm, you used the term "ill effects" in place of the word "payload" & that you haven't seen any. The "payload" or "ill effects" of a virus are seen immediately when the computer doesn't run well.

***However, the "payload" of a well placed "Trojan Horse" or another "exploit" isn't seen until you open your bank account & some or all of your money is gone.***

That's just one example of a "payload" from a "Trojan Horse". The alert that you received said that an "exploit" was blocked. It was the word "exploit" that made me take the alert more seriously & that's why I suggested that you look at the log files.
 
Reply
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: