Jump to content

Website blocked (CSGO Server?)


Recommended Posts

Am I infected? I was browsing (didn't actually join a server) and a little while after refreshing I saw this pop up (a few times in a row)

It happened twice actually, 10 minutes away from each other. It happens when I refresh the server list, I think it happens AFTER it finishes loading all the servers, or at least after the refresh button changes from "Stop Refresh" to "Refresh All"

I looked up the IP address and it looks like it's a CSGO server.

I don't know if I have a virus or not, but this is really worrying me.

download (3).png

Link to post
Share on other sites

  • Staff

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes 3 Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download Malwarebytes Support Tool
  • Once the file is downloaded, open your Downloads folder/location of the downloaded file
  • Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  • Place a checkmark next to Accept License Agreement and click Next
  • You will be presented with a page stating, "Welcome to the Malwarebytes Support Tool!"
  • Click the Advanced Options link

    welcome mbst.png
     
  • Click the Gather Logs button

    gatherlogs.png
     
  • A progress bar will appear and the program will proceed to gather troubleshooting information from your computer
  • Upon completion, click OK
  • A file named mbst-grab-results.zip will be saved to your Desktop
  • Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:

     notify me.jpeg  


    Click "Reveal Hidden Contents" below for details on how to attach a file:
     
    Spoiler

    To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

    mb_attach.jpg.220985d559e943927cbe3c078b
     

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Link to post
Share on other sites

  • Staff

Greetings and welcome,

This isn't anything to worry about.  Online games such as this connect to a wide variety of servers when looking for available game servers, and since many servers will host several separate websites (all of which will have the same IP address since each server has a single IP), it frequently occurs that a server being used to host a game is also being used by others to host some other content, which sometimes might be malicious such as a site hosting malware of some kind.  This means that if you were to visit the domain (the actual URL/website) where the malicious content is hosted in your web browser, there would be a risk of becoming infected, but connecting to the game content (which is actually a separate site basically, just on the same physical server/IP) is perfectly harmless.  I bet that when the list is refreshed, the game's networking protocol is probably pinging the various servers to discover info such as the speed/distance in relation to your system/location (the ping/speed) as well as how many players are online, the rules for the specific server, the map(s) being played, any particular mods in use on the server etc. (stuff you might want to know before joining/deciding on a server, and stuff the game needs to know to determine if it's OK to connect to it for your current setup) and that's where this connection attempt is coming from.  It works this way because individuals and different organizations are allowed to host their own game servers so that the game is essentially a Peer-to-Peer (or P2P as it's also known) client/application.

So to sum up, it's nothing to worry about and is not a sign of infection on your system.  If you would prefer not to have those servers blocked for your game (while still remaining protected from that IP/server in other apps such as your web browser(s)) you may exclude the game's process in Malwarebytes by navigating to Settings>Exclusions and clicking Add Exclusion then selecting Exclude an Application that Connects to the Internet then click Next then click the Browse... button and navigate to the folder where the game is installed and locate the process that Malwarebytes blocked and double-click on it then click OK and you should then see it in your Exclusions list in Malwarebytes and connections to/from that particular process will no longer be blocked but all other processes which are not in your Exclusions list will still be fully protected from all blacklisted websites.

More information about Peer-to-Peer clients, such as many online games, Bittorrent/filesharing clients/software, some instant messaging services such as Skype and others, and what to do when Malwarebytes blocks them may be found here.

Please let us know if there is anything else we might assist you with.

Thanks :) 

Link to post
Share on other sites

  • 1 year later...
  • Staff

Likely because the same IP has been known to be used for Trojan activity (it is a classification of websites applied by the Research team whenever a site/server is observed being used for hosting Trojans or when used in other Trojan activity such as data harvesting and command & control).  The free version of Malwarebytes doesn't have Web Protection, only on-demand scanning so it would not block anything.  In this case, since the source of the connections was a peer-to-peer application, specifically the game connecting to servers being used to host the game it should be perfectly harmless.  It is frequently the case that an IP address is shared by multiple websites which can include someone hosting a game and someone else who might be hosting malware, however the malicious content has no way of reaching your system since the game is actually running from a separate space on the server/IP.

With all of that said, if you do suspect that your system is actually infected with malware you should read and follow the instructions in this topic and then create a new topic in our malware removal area by clicking here and one of our malware removal specialists will assist you in checking and cleaning your system of any threats.

Link to post
Share on other sites

  • 1 year later...
On 1/29/2020 at 2:09 PM, exile360 said:

Likely because the same IP has been known to be used for Trojan activity (it is a classification of websites applied by the Research team whenever a site/server is observed being used for hosting Trojans or when used in other Trojan activity such as data harvesting and command & control).  The free version of Malwarebytes doesn't have Web Protection, only on-demand scanning so it would not block anything.  In this case, since the source of the connections was a peer-to-peer application, specifically the game connecting to servers being used to host the game it should be perfectly harmless.  It is frequently the case that an IP address is shared by multiple websites which can include someone hosting a game and someone else who might be hosting malware, however the malicious content has no way of reaching your system since the game is actually running from a separate space on the server/IP.

With all of that said, if you do suspect that your system is actually infected with malware you should read and follow the instructions in this topic and then create a new topic in our malware removal area by clicking here and one of our malware removal specialists will assist you in checking and cleaning your system of any threats.

Hello, I know this is an old thread, sorry to disturb. I made a post about a similar issue, do you think the same applies to me and there is nothing to worry about? :)

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.