Jump to content
ElvenQueen

Constantly Successfully blocked access to a potentially malicious website.

Recommended Posts

Ok, so I was watching YouTube when all of a sudden I was constantly getting pop ups saying. Successfully blocked access to potential malicious website. It’s always a different IP address. I can’t access any websites as well I can’t update Malwarebytes. So I  disconnected from the internet. I fan a quick scan and nothing. I’m currently doing a full scan. But I need help to fix this. Hope someone can help. Thank you for your time and have a nice day. P.s I’m using the Internet on my phone to post this. 

Share this post


Link to post
Share on other sites

We are having the same problem with our servers. The IP's being blocked are local IP's on our network and random services. dns.exe, svchost.exe, sccomm.exe, etc. It started this morning. If I kill mbamservice then the server cpu goes to 100% and can't do anything.

Share this post


Link to post
Share on other sites

Hi All,

There are similar threads going in another forum.  There was a bad signatures file posted this morning around 7:45am PT.

If you can update your settings either locally or Server side to turn off this setting:

Start malicious website blocking when protection module starts

And then make sure you update your signatures.  It appears of you can get onto version .12 for today the combination of that settings change and the new signatures will stop those alerts from popping up.

Sounds like they're still working on a longer term fix to allow re-enabling that setting once they've fully resolved it but this should get your machine back to usable status.

Share this post


Link to post
Share on other sites

Malwarebytes Endpoint Security (on-premises)

First step to get the update is to disable the real-time protection. To do this in the Management console:

  1. Open up the policy the clients are on and go to the protection tab.
  2. From here, disable the ‘enable protection module’ option.
  3. Once this is done click OK. When your clients check in they will get this new policy update.
  4. Once real-time is protection is disabled and your clients can communicate, highlight the endpoints on the client screen and click the update database button at the top.
  5. After the update is applied, a reboot of the machine may be required.

Note: If your client cannot resolve internal addressing, then re-installing the agent manually on the machine will need to be done. The client will not be able to reach out to the server for a policy update and will never be able to turn off the real-time protection.

To learn more about what happened, please go here: 

If the above doesn’t resolve the issue, please reach out to support at corporate-support@malwarebytes.com

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.