Jump to content
ksiemb

ANSWERED Outgoing MBAM Warning

Recommended Posts

Just recently MBAM identifies and blocks site outgoing due to Trojan. I get this message in Chrome & Edge. It happens when trying to connect to the Washington Post crosswords.

It is identified in Chrome and is: Cdn1.amuselabs.com, in Google program file (X64). But when I do a MBAM Scan, it finds nothing. I uninstalled Chrome, reinstalled, but get the same thing.  Site blocked due to a trojan.       https://www.washingtonpost.com/crossword-puzzles/daily/?utm_term=.26dee4cc948f            

image.thumb.png.f9bb61b5c62781b41bcb541c10e79174.png

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes 3 Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Get Started!"
  6. Click the Advanced tab on the left column
    0. UI.png
  7. Click the Gather Logs button
    17. Advanced.png
  8. A progress bar will appear and the program will proceed with getting logs from your computer
    19. System Repair Progress.png
  9. Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
  10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:
     notify me.jpeg  

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

mb_attach.jpg.220985d559e943927cbe3c078b
 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

 

Share this post


Link to post
Share on other sites

Greetings,

I just checked, and the video embedded in the center of the page is what's being blocked.  It is likely that the site it is being hosted on is also known for being used by a family of Trojans, which is why Malwarebytes blocks it.  The reason issues like this occur is due to the fact that a single server/IP address can be leased by the hosting provider that owns it to multiple websites/customers, meaning the video embedded in that page may be perfectly safe, some other content also hosted on the same server is not safe, so Malwarebytes blocks it.

That said, you may also report this as a possible false positive if you would like the Malwarebytes Research team to re-check the website to verify that the malicious content is still present and that the block is still necessary, as it is possible that the bad guys have moved on to different servers as they often do (usually because security vendors like Malwarebytes have been blocking them).  If you wish to report it for review by the Research team, please review the information in this topic as well as this topic and then create a new topic to report the site in the Website Blocking false positives area by clicking here and a member of the Malwarebytes Research team will review the site and respond with their verdict on the current status of the website being blocked, and will unblock it if it turns out that the site is now safe and the malicious content is no longer present.

I hope this helps clear things up, and if there is anything else we might assist you with please let us know.

Thanks

Share this post


Link to post
Share on other sites

This was a FP and the block has been removed. Please update Malwarebytes and you should no longer have an issue on the site

Thank you

Ron

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.