• MalwareBytes Blocking haveibeenpwned?

    Home » Forums » AskWoody support » Productivity software by function » Non-MS Apps/programs » MalwareBytes Blocking haveibeenpwned?

    Author
    Topic
    GeoffB
    AskWoody Plus
    February 25, 2024 at 9:07 pm #2642109

    I use Malwarebytes with Browser Guard on my laptop.  I often check the haveibeenpwned site to check whether my email has been pwned.  Today, Malwarebytes blocked the site as it detected possible malware, namely challenges.cloudflare.com

    I’ve never had a problem with either Malwarebytes or haveibeenpwned  before, so I’m unsure whether this is a legitimate detection by Malwarebytes or if the Browser Guard is showing a false positive.

    Has anyone had a similar experience with Malwarebytes and Cloudflare?

     

    Appreciate any help on this.

    GeoffB

     

    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • Alex5723
      AskWoody Plus
      February 25, 2024 at 11:32 pm #2642132

      haveibeenpwned is clean on virustotal

      challenges.cloudflare.com : Try disabling your ad-blocker.

      Reply | Quote
    • lmacri
      AskWoody Plus
      February 26, 2024 at 4:50 pm #2642429
      GeoffB wrote:

      Today, Malwarebytes blocked the site as it detected possible malware, namely challenges.cloudflare.com … I’m unsure whether this is a legitimate detection by Malwarebytes or if the Browser Guard is showing a false positive.

      Hi GeoffB:

      What is your Windows operating system, do you use Malwarebytes Free or Premium, and what is your default browser?

      I have Malwarebytes Premium v4.6.9 running in real-time protection mode (with the setting at Security | Windows Security Center | Always Register Malwarebytes in the Windows Security Center turned OFF so it doesn’t interfere with my Microsoft Defender real-time protection), my Firefox and MS Edge browsers both have the uBlock Origin v1.56.0 and Malwarebytes Browser Guard v2.6.17 browser extensions installed, and I am able to use the official HIBP site at https://haveibeenpwned.com/ in both browsers without any issues. Is this the exact URL you are using to browse to the HIBP site?

      If you use Firefox as your default browser go to Tools | Settings | Privacy and Security | DNS Over HTTPS, and if your DNS provider is set to Cloudflare then temporarily switch to a different DNS provider (e.g., NextDNS) and see if that solves your problem. Note that Firefox uses Cloudflare as the default DNS resolver if you live in the US – I reside in Canada so my default DNS resolver is CIRA (Canadian Internet Registration Authority) Canadian Shield.

      If MS Edge is your default browser see Brink’s ElevenForums tuorial Enable or Disable Secure DNS over HTTPS (DoH) in Microsoft Edge for instructions on how to change your DNS provider.

      If temporarily changing the DNS provider in your default browser doesn’t help and you are sure it is your Malwarebytes Broweser Guard extension that is blocking https://haveibeenpwned.com/ you can file a possible false positive report for web blocking at https://forums.malwarebytes.com/forum/123-website-blocking/ (see the posting instructions at Please read before posting a possible FP) and one of the Malwarebytes employees will investigate.
      ————
      Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.4046 * Firefox v123.0.0 * MS Edge v122.0.2365.52 * Microsoft Defender v4.18.23110.3-1.1.24010.10 * Malwarebytes Premium v4.6.9.314-1.0.2276 * Macrium Reflect Free v8.0.7783

      Reply | Quote
      • GeoffB
        AskWoody Plus
        February 26, 2024 at 7:51 pm #2642476

        Imacri:  My Windows operating system is Win10H22 home and I use Malwarebytes Premium Version 4.6.8.311(updated on 25/02/2024) and not registered in the Windows Security Centre so that it doesn’t interfere with Windows Defender: not sure about the version of the Malwarebytes Browser Guard.  My default browser is Google Chrome (x64).

        The problem persists, so I think it may be a false positive.

         

        GeoffB

         

         

        Reply | Quote
        • lmacri
          AskWoody Plus
          February 26, 2024 at 11:55 pm #2642490

          Hi GeoffB:

          If you have not received the latest Malwarebytes Premium v4.6.9.314 with Component Package 1.0.2276 (released 23-Feb-2024 – see the release notes at https://forums.malwarebytes.com/topic/301315-malwarebytes-46/?do=findComment&comment=1619296) you can go to Settings (gear icon) | General | Application Updates and click the Check for Updates button to start the update.

          I don’t have Chrome installed on my computer but I assume it’s similar to the MS Edge (Chromium) browser that’s bundled with Win 10. Open your Chrome browser, enter chrome://extensions in the address bar, and then click the Details link for your Malwarebytes Browser Guard extension (see the image below from my MS Edge browser). If your browser extensions are updating automatically then that Details section should show that you have Malwarebytes Browser Guard v2.6.22 (rel. 19-Feb-2024) that is the current version being offered in the Chrome Web Store at https://chromewebstore.google.com/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee.

          MS-Edge-v122-Installed-Extensions-Details-Find-Version-Number-26-Feb-2024

          As Alex5723 suggested in post # 2642132, turn OFF your Malwarebytes Browser Guard extension in Chrome (see the image above) and then close and re-open Chrome.  If you can browse to the HIBP site at https://haveibeenpwned.com while your Malwarebytes Browser Guard extension is disabled this confirms this browser extension is the cause of your problem, and you should file a Web Blocking False Positives report at https://forums.malwarebytes.com/forum/123-website-blocking/ as suggested in post # 2642429. ***

          If you still cannot browse to the HIBP site while that extension is disabled then your Malwarebytes Browser Guard extension is not the direct cause of your problem and you should run further tests (e.g., disable Web Protection in your Malwarebytes Premium dashboard, change the DNS provider in your Chrome browser, etc.).

          If the DNS provider in your Chrome browser is set to Cloudflare and you want to temporarily change it to another provider (e.g., NextDNS) to conduct further tests then see the 05-Jan-2023 MiniTool article How to Change DNS Server in Google Chrome on Computer and Mobile.
          ————–
          Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.4046 * Firefox v123.0.0 * MS Edge v122.0.2365.52 * Microsoft Defender v4.18.23110.3-1.1.24010.10 * Malwarebytes Premium v4.6.9.314-1.0.2276 * Macrium Reflect Free v8.0.7783

          Reply | Quote
    • Alex5723
      AskWoody Plus
      February 27, 2024 at 12:10 am #2642525

      Your problem isn’t with haveibeenpwned but with cloudflare hosting servers which check if you are human.
      Add Cloudflare to exception list in your ad-block/A/V.

      Example :

      Reply | Quote
    • GeoffB
      AskWoody Plus
      February 27, 2024 at 12:59 am #2642538

      Imacri & Alex:  updated Malwarebytes to Version 4.6.9.314 with Component 1.0.2276 and the Browser Guard is  version 2.6.22.  I can access haveibeenpwned.com with no problems.

       

      Thanks for your help on this.

      regards

      GeoffB

       

       

      3 users thanked author for this post.
      opti1, lmacri, Alex5723
      Reply | Quote
    Viewing 3 reply threads
    Reply To: MalwareBytes Blocking haveibeenpwned?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.