Jump to content

MBAM 3.2.2 Premium trial blocking IP in my local area network


Pernaman

Recommended Posts

Sorry about long description, but I want to give all the info I can for someone who coud help me with this.

Yesterday evening I noticed MBAM premium trial version (installed automatically with newest version update) giving few similar notifications of "Malicious website blocked", but all the report showed was an IP address being blocked instead of a webpage (and all I had open when these notifications first began to spam was Youtube. The IP address was similar to the IP of my PC and our Samsung television that has an internet connection, minus the last number (my PC IP ends with .100, but the blocked IP endded with .102, which Avast showed me when I did WLAN scan. So the blocked IP apparently belonged to my local area network. My father had a theory that my PC was somehow picking up one of our home media devices trying to connect to our router's signal, since in the past (before having MBAM premium trial) there was at some point a new device in my "This computer" folder with my main disk drives that had device info in it matching with our set-up box, and this device has later remoed itself from the folder it seems. I did MBAM and Avast scans on the same evening these notifications started to appear and scans came out clean. However, today soon after turned on my PC, the same notifications began to spam even more continuing on to do so for every few hours, and by the evening my MBAM premium has came up with 190 alert reports for the IP address. Also, unlike yesterday evening, some reports showed the file trying to apparently connect to the IP MBAM blocked being System32\scvhost.exe file, and it had different number in "Port" portion. I imported one sample of both reports as textfiles (attaching them to the post).

After I mentioned the incident to people on MBAM subreddit, one folk told me the issue could be adware/browser exploit trying to reroute my browser and encouraged me to do scan with Adwcleaner. I went and downloaded the software from toolslib.net (where I got directed from offical malwarebytes.com) and ran a scan, and it didn't find anything form my machine. I also checked browser exctentions for both Firefox and Chrome (though I barely use the latter, but just to be sure) without noticing anything abnormal. However, what the person on reddit told me made me rather worried, so I decided to see if someone here could help me out, and I ran Farbar scan (though when I started it I went and clicked "Scan" while the software was checking for updates. It seemingly completed the scan normally, but I wonder if it messed anything up), I've inserted the logs below.

I haven't recieved MBAM notifications in few hours now. However, my MBAM Premium trial is about to expire (the software says it ends "today" but I'm not sure about the exact time) so obviously I'll stop getting these notifications after that. But nonetheless I want to see if there is indeed something nasty in my system like the person on reddit said or if it's some sort of false positive launched by some WLAN device in our household like my dad theorized.

Addition.txt

FRST.txt

mbamreport.txt

mbamreport2.txt

Link to post
Share on other sites

  • 2 months later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.