Jump to content

malicious attack?


Recommended Posts

get the message telling me MBAM has blocked a malicios site ending in avastsv host or something like that?

The connection was reset

The connection to the server was reset while the page was loading.

is this MBAM or Avast

I put MBAM in accepted in my firewall but keeps popping up

Link to post
Share on other sites

Hello and welcome, gettheman:

This KB topic explains why MBAM IP blocking module appears to be blocking your AV: Why is Malwarebytes Anti-Malware blocking my antivirus?

More general info about the IP blocking module is here: What does it mean when I get an IP alert about blocking a 'malicious' site?

If you need help setting up the mutual exclusions between MBAM and your AV, please post back and let us know. Someone will guide you through the process.

If you are experiencing a lot of outgoing IP blocks, especially when no browsers are open, or any other suspicious behavior suggestive of possible infection, please follow the steps in the above topic to have one of our experts look into it further.

HTH,

daledoc1

Link to post
Share on other sites

I just get the messages when I visit various sites along with the server not found issue

Id someone could guide me thru how to rectify it I would be grateful

is it Avast thats causing it then>?

thanks

The best way to figure out the issue is by reading the topic Available Assistance for Possibly Infected Computers

Please read Dale's first link on the explanation that your antivirus is not being blocked.

This occurs because many antivirus software will intercept all inbound and outbound traffic to and from your PC. This behavior makes Windows believe that, regardless of the process accessing the internet, that the communication is being established by your antivirus’ process, thus Malwarebytes Anti-Malware will believe the same.

This is a Windows feature and unfortunately there is no way for Malwarebytes' to determine the actual program initiating the connection.

Link to post
Share on other sites

The best way to figure out the issue is by reading the topic Available Assistance for Possibly Infected Computers

Please read Dale's first link on the explanation that your antivirus is not being blocked.

This is a Windows feature and unfortunately there is no way for Malwarebytes' to determine the actual program initiating the connection.

so I need to ditch avast? Its about to run out anyway, the strange thing is up until about a month ago it was fine.

Link to post
Share on other sites

  • Root Admin

No - you don't need to ditch avast.

Malwarebytes Anti-Malware is a complementary solution to a fully installed Anti-Virus application and is not an Anti-Virus product.

Please see the following link for an explanation from one of our forum Experts.

http://forums.malwarebytes.org/index.php?showtopic=98097&view=findpost&p=487311

Link to post
Share on other sites

If MalwareBytes blocks it, and then you get server not found, that would be because the content just got blocked, yes. If I google something and follow a link that goes to a site that ends up being blocked because it's a pirate warez site or something, the content doesn't appear because it has been blocked. I notice the little popups sometimes because of ads, certainly, and in those cases it is just the ad being blocked while the rest of the page seems to work and display just fine. I am ok with both results; something potentially nasty was blocked before any potential harm could be presented to my computer. This is exactly the reason every member of my family has a paid copy of MalwareBytes running on their computers; it sure saves me a lot of "Better call Brian!" tech support calls and messy malware cleanup efforts. :-)

Link to post
Share on other sites

Hi, again, gettheman: :)

Please refer to the info in this earlier reply.

The KB topics include information about the significance of the IP blocks.

Yes, it could be that MBAM is just doing its job of blocking bad content on a browser page (such as ads).

But the experts would need more info to know for sure.

Hello and welcome, gettheman:

This KB topic explains why MBAM IP blocking module appears to be blocking your AV: Why is Malwarebytes Anti-Malware blocking my antivirus?

More general info about the IP blocking module is here: What does it mean when I get an IP alert about blocking a 'malicious' site?

<snip>

If you are experiencing a lot of outgoing IP blocks, especially when no browsers are open, or any other suspicious behavior suggestive of possible infection, please follow the steps in the above topic to have one of our experts look into it further.

HTH,

daledoc1

After reading those topics, if you are concerned that the IP blocks might be indicative of an infection, please follow DSK's advice to have one of the trained malware experts guide you through a check of your system.

The best way to figure out the issue is by reading the topic Available Assistance for Possibly Infected Computers

Thanks!

daledoc1

Link to post
Share on other sites

Hi, gettheman: :)

Yes, if you are getting the IP blocks on a web page, it could simply indicate that MBAM is doing its job of blocking bad content, such as ads, on that particular web page.

The experts would need a bit more info in order to say for sure.

If the web page (actually the IP on which it is hosted) is blocked, so that you cannot connect to the web page itself, then you could submit the requested information to the engineers over in the false positives section of the forum.

They will need both the URL and the IP of the site in question.

The engineers will determine if it's a false positive IP block.

And, as previously suggested, if the IP blocks or other computer behavior suggest that you might be infected, please follow the advice here: Available Assistance For Possibly Infected Computers. A qualified helper will guide you through checking and, if needed, cleaning your computer.

I know this IP-blocking stuff can be a bit confusing. I'm sorry if I'm not explaining it clearly. :(

HTH,

daledoc1

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.