Jump to content

Blocked web site Type: outgoing, Port


Recommended Posts

We have been receiving numerous website blocking alerts from lot of users everyday eg. “8/17/2016 12:12:52 PM    CUEVAS-M-W71              10.160.250.102 Blocked web site             Type: outgoing, Port: 63305, Process: chrome.exe      80.67.3.119”

 

We have made all possible to troubleshooting to make sure machines are clean , even after reimaging the machines we are getting such alerts.

Few Questions,

Are these from Antimalware feature of MBAM or Antiexploit feature ?

 

How does the Antiexploit work behind the scenes ?

 

Why so many alerts even the public IP for which the alerts are seem to be safe and not black listed anywhere ?

 

Reference please use the Case#: 00019974

Link to post
Share on other sites

I was going through the FAQs and got to know that Malicious website blocking feature is responsible for this protection and these alerts. I understand that "Malwarebytes Anti-Malware intercepts the packet communications, to determine whether or not the IP address is known for malicious activity, and if so, blocks the communication".

 

Does this mean every packet from every process going from my PC to internet is intercepted by Malwarebytes first to check for malicious IP ?

 

Also do we have any website or portal from MBAM to check if certain IP is listed as malicious in Malware bytes database ?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.