Jump to content

My Malwarebyte flags site, other PCs dont ???


Recommended Posts

Hi, hope someone out there can make sense of this and point me in the right direction.

I have the full paid up version of Malwarebytes - Version 1.50

I have recently started getting a message when I go to one of my own websites - the message tells me Malwarebytes has blocked access to suspect ip address.

The log is shown below

09:34:35 (null) MESSAGE Protection started successfully

09:35:44 Mick MESSAGE IP Protection started successfully

09:37:43 Mick IP-BLOCK 195.80.151.83 (Type: outgoing)

09:37:46 Mick IP-BLOCK 195.80.151.83 (Type: outgoing)

09:37:52 Mick IP-BLOCK 195.80.151.83 (Type: outgoing)

For the last few days this has been the exact same log, irrespective of how many times I go on the site in question.

The strange thing is a friend of mine also has Malwarebytes and he is not recieving any such message when he goes onto the same site?

Ive also gone on the site with my laptop (with Malwarebytes installed) and that doesnt flag either.

The site itself was flagged by Google and had a warning message on the Google page, I deleted some suspicious looking files on the site and requested a review by Google, this was done and the site found clear.

Ive also ran the site via Linkscanner and thats showing the site clear as well.

Im guessing the above suggests my actual PC is infected somehow and visiting this particular site kicks something into action?

I have done regular scans on my PC with Malwarebytes (and Microsoft Security Essentials), both flash and full and nothing has been found?

Any help in fathoming this out would be appreciated.

Mick

Link to post
Share on other sites

Do you know what MBAM database file was in use when you got this message? Was it the same database each time? I'm wondering simply because I almost never get any warnings of this kind, but yesterday I too got a warning that MBAM had blocked an outgoing attempt to reach a dangerous site (but not to the site you mention), and the protection log indicated that this happened three times, and the occurrences were spaced exactly the same number of seconds apart as yours. I'm wondering whether perhaps there was something peculiar about that particular database. In my case, it happened only one day, but I do update the database every day. There's probably another explanation, but....

Link to post
Share on other sites

Tom - please clean out PM mail box - it's been showing CAN'T DELIVER - MAILBOX FULL... or is that a PM BLOCK message? :)

~Steve

Link to post
Share on other sites

Hi, it was database version 5273, Ive now updated it to 5298 and again got the same warning message, and the same log

11:56:24 Mick MESSAGE IP Protection stopped

11:56:39 Mick MESSAGE Database updated successfully

11:56:44 Mick MESSAGE IP Protection started successfully

11:57:30 Mick IP-BLOCK 195.80.151.83 (Type: outgoing)

11:57:33 Mick IP-BLOCK 195.80.151.83 (Type: outgoing)

11:57:39 Mick IP-BLOCK 195.80.151.83 (Type: outgoing)

Again though my laptop is not being affected and another full sweep of my PC has shown no infections.

Im really at a loss as to what to do now, its driving me crazy knowing that theres something not right somewhere (looks likely to be my PC) but being unable to do anything about it !!

Link to post
Share on other sites

Bit of an update and would appreciate some thoughts as to whether I might have found a possible solution?

For a couple of days I had no alerts and I thought the problem had gone, then I got the following log;

09:46:51 (null) MESSAGE Protection started successfully

09:47:54 Mick MESSAGE IP Protection started successfully

10:03:05 Mick IP-BLOCK 60.195.249.47

10:03:06 Mick IP-BLOCK 60.195.249.47

10:03:08 Mick IP-BLOCK 60.195.249.47

10:03:09 Mick IP-BLOCK 60.195.249.47

10:03:14 Mick IP-BLOCK 60.195.249.47

10:03:15 Mick IP-BLOCK 60.195.249.47

10:03:26 Mick IP-BLOCK 60.195.249.47

10:48:39 Mick IP-BLOCK 60.195.249.47

10:48:41 Mick IP-BLOCK 60.195.249.47

10:48:42 Mick IP-BLOCK 60.195.249.47

10:48:44 Mick IP-BLOCK 60.195.249.47

10:48:44 Mick IP-BLOCK 60.195.249.47

10:48:48 Mick IP-BLOCK 60.195.249.47

Another couple of days followed with no alerts then this one;

10:01:40 (null) MESSAGE Protection started successfully

10:03:12 Mick MESSAGE IP Protection started successfully

23:48:22 Mick IP-BLOCK 91.204.48.52 (Type: outgoing)

23:48:25 Mick IP-BLOCK 91.204.48.52 (Type: outgoing)

23:48:30 Mick IP-BLOCK 91.204.48.52 (Type: outgoing)

Ive done nothing to the site, just visited it to see if I was getting the warnings every day and out of the last 5 days only the two instances above have come up.

What I have got on the site though is a block of Google ads that rotate, could it be that some of the sites on here are actually flagging the warnings off Malware ?

Id be interested if anyone has any thoughts as to whether this could be the reason as I cant find anything untoward on either the site itself or my PC.

Cheers

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.