Jump to content

Recommended Posts

Today a blue colored window, not in a browser, appeared for a major Windows 10 update. i looked legit so I ran it. After it finished several minutes later, Edge was on screen with info on the update. Then MalwareBytes blocked microsoftonline.com several times. Below is an example report. From a few searches, it seems to be legit. Why does Malwarebytes block it?

Thanks for you help..

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/10/17
Protection Event Time: 12:40 PM
Log File: 9f341f8a-ddd9-11e7-9e42-e0000010910e.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3458
License: Premium

-System Information-
OS: Windows 10 (Build 16299.98)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Unspecified
Domain: login.microsoftonline.com
IP Address: 65.52.193.138
Port: [50159]
Type: Outbound
File: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(end)

Link to post
Share on other sites

I'm also experiencing MB blocking login.microsoftonline.com as a malicious website.  I'm running version 3.3.1.2183, component package 1.0.262, update package 1.0.3458 on Win 10 Home (Fall Creators Update, latest patches).

For me, the blocking just appeared this afternoon ... not after a Windows Update or upgrade.

Link to post
Share on other sites

I have a similar issue.  Microsoft forced me to do an update yesterday.  Since then, a Malware Bytes alert has been popped up incessantly saying that login.microsoftonline.com is malicious. It references C:\WIndows\System32\backgroundTaskHost.exe

This annoying and disruptive alert pops up every 10 seconds and disappears a couple of seconds later and not sure what to do with it.

I am running windows 10 Home.

 

 

Link to post
Share on other sites

I have a similar problem when I try to log into outlook.office365.com.

When the url is triggered, it's redirected to login.microsoftonline.com and login.microsoftonline.com is blocked by Malwarebytes.

If I add login.microsoftonline.com to exclusions, my chrome browser says the connection is not private NET::ERR_CERT_AUTHORITY_INVALID

When I try to go from another computer that dosen't have Malwarebytes, I don't have that problem.

I'm using version 3.2.2.2018

Component package version: 1.0.3459

Update package version: 1.0.3459

Edited by OinkOink
Link to post
Share on other sites

MB is blocking all outbound connections to login.microsoftonline.com. This just started a few hours ago. Last Windows 10 update installed on 12/1/17. Is there a problem @ Microsoft or is this a false positive?

I want to whitelist it, however, if there is an actual problem I will wait until it is fixed at Microsoft.

UPDATE TO POST:

I did whitelist login.microsoftonline.com. Tried Chrome, Opera and Firefox and all show a secure connection with certificate expiration 5/7/18.

Edited by wbhudran3
Update to original post
Link to post
Share on other sites

2 hours ago, tim37 said:

Why does Malwarebytes block it?

 

1 hour ago, JAReidTX said:

the blocking just appeared this afternoon

 

25 minutes ago, LJWDC said:

This annoying and disruptive alert pops up every 10 seconds and disappears a couple of seconds later and not sure what to do with it.

 

20 minutes ago, wbhudran3 said:

MB is blocking all outbound connections to login.microsoftonline.com.

Every one please update the database.

 

 

database.png

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.