Jump to content

Infection Pop-Up in System Tray


Recommended Posts

I have "infection detected" appearing in system tray icon for Malware Bytes Antimalware with different IP's each time.

I am doing a full scan but AMB has not detected any infection.

Is this a false positive or a bug in the detection ??

What should I be doing ?

Link to post
Share on other sites

  • Replies 102
  • Created
  • Last Reply

Top Posters In This Topic

Greetings.

To get you fixed up please follow the instructions here:

I'm infected - What do I do now?

And post your logs in a new topic here:

Malware Removal - HijackThis Logs

Please be sure not to install any software or use any removal or scanning tools exept those that you are

instructed to by the expert who will be assisting you as doing so can make their job much more difficult.

note: if for some reason you are unable to run some or any of the tools in the first link, then skip that step and move on to the next one.

If you can't even run HijackThis, then just post here: Malware Removal - HijackThis Logs describing your issues and an expert will reply with further instructions.

I hope I was helpful. Good luck and safe surfing. :)

Link to post
Share on other sites

  • Staff
I have "infection detected" appearing in system tray icon for Malware Bytes Antimalware with different IP's each time.

I am doing a full scan but AMB has not detected any infection.

Is this a false positive or a bug in the detection ??

What should I be doing ?

That is a new feature we've just implemented with v1.40. This feature will prevent you from accessing known sites which may be involved in malicious activities. There are occasionally instances where sites are incorrectly identified to be malicious. In these cases please inform us via the forums so we may investigate and adjust as requiredBy default IP blocking is enabled. If it is not, you can right-click the Malwarebytes Protection Module icon in the system tray and click the 'IP Protection' from the menu.

If you'd like to disable this feature, Right-click the Protection Module icon located in the system tray and UNcheck 'IP Protection'.

The alert does not mean you're infected, so no need to post logs into the HijackThis forum.

The alert is merely an indication that you were prevented from accessing that site.

Also, Malwarebytes does not recommend full scans to search for malware. Our quick scan is designed to find all the places malware loads in memory and hides from conventional scanners.

Hope that helps.

Link to post
Share on other sites

That is a new feature we've just implemented with v1.40. This feature will prevent you from accessing known sites which may be involved in malicious activities. There are occasionally instances where sites are incorrectly identified to be malicious. In these cases please inform us via the forums so we may investigate and adjust as requiredBy default IP blocking is enabled. If it is not, you can right-click the Malwarebytes Protection Module icon in the system tray and click the 'IP Protection' from the menu.

Tom, per your instructions, I am also receiving the "infection detected" pop-up from the system tray with the following IP address: 219.159.184.140

Link to post
Share on other sites

This IP belongs to a Chinese range and is not actually blocked. Can you try updating the database and checking again please?

I updated earlier this morning, and updated again per your instructions. I was frequently receiving the pop-up message with the IP address this morning, but I have not received it in the last couple of hours or so.

Link to post
Share on other sites

This pop-up warning even occurs when I am not even using the computer or visiting any web pages. I got up this morning and went to my computer and there was this pop-up warning of an infection and the IP address . The web browser wasn't even running.. This is becoming quite annoying and to say I am infected when I am not, is very misleading.

It is more of an annoyance than any benefit.

Sorry but it hasn't been implemented very well or thought out at all.

Link to post
Share on other sites

The only time it will occur when you aren't doing anything, is when something else on the system IS doing something, in which case I strongly advise you follow the instructions at;

http://www.malwarebytes.org/forums/index.php?showtopic=9573

Link to post
Share on other sites

The only time it will occur when you aren't doing anything, is when something else on the system IS doing something, in which case I strongly advise you follow the instructions at;

http://www.malwarebytes.org/forums/index.php?showtopic=9573

Now another IP address is showing up in the pop-up: 64.40.98.15

I ran a full scan with Malwarebytes Ant-Malware software earlier today and nothing was found. I have the updated definitions.

Any advice? Any need for concern?

Link to post
Share on other sites

  • Staff

Yes I have followed that. There is no infection detected with a quick scan.
To be clear on one thing, there is no 'infection' on the system. That wording leaves much to be desired. The alert merely indicates an IP was blocked, it was not accessed, nothing more. So users do not need to panic that they are infected.
Link to post
Share on other sites

To be clear on one thing, there is no 'infection' on the system. That wording leaves much to be desired. The alert merely indicates an IP was blocked, it was not accessed, nothing more. So users do not need to panic that they are infected.

Hopefully you be passing on this feedback to your development team that they need to look at the wording of these alerts.

Link to post
Share on other sites

Hi All - I am getting the same popup in the SysTray with MBAM 1.40.

Infection Detected: 88.214.226.34

and

Infection Detected: 88.214.203.109

Incidentally this only started occurring after updating Java to version 6 update 15, and while this was happening I opened Firefox which simultaneously updated itself to 3.0.13. The MBAM infection message popped up immediately after Firefox finally opened up with the Firefox updated tab and my home page (Google.com).

Having read the other posts in the forum, I went to update my definitions as my MBAM was only running Database Version 2551 from Aug 3rd. When I hit update, I got the an error message that MBAM was unable to update the database, with a request to inform the MalwareBytes support team of the error with the following:

Error code 732 (0,0) :)

Having written this post, I hit update again to see if anything had changed, and MBAM updated itself to Database Version: 2562.

The IP popup still occurred. However, now having closed the FireFox Updated tab, it only warns me about:

Infection Detected: 88.214.203.109

Should I just turn off this IP Protection function? :)

thanks,

Dylan

Link to post
Share on other sites

I have version 1.40 and updated to 2562. I receive this popup window in the traybar for IP 66.147.240.32. I visit this website several times a day and never had a problem but since yesterday I can't access it any longer.

How to proceed?

Joop.

Link to post
Share on other sites

With all the confusion and consternation this new IP feature is causing I would suggest we change the wording in the warning balloon to read..............I.P. Warning rather than the current Infection detected. That way there is a distinction between actually having an infection and being warned of a potential one.

Other than that an excellent addition to a product no one should be without!!

Thanx

Greg

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.