Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM Pop ups and performance issues


  • Please log in to reply
11 replies to this topic

#1 RDUB4Q

RDUB4Q

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 01 March 2011 - 10:28 AM

Random MBAM website blocking pop ups(on trusted sites) and general sluggish web browsing(slow loading pages, back button stops working randomly, misc other events). Started about a week ago.

NIS scan run, nothing found
MBAM scan run, nothing found
SuperAntiMalware scan run, nothing found

Windows XP Pro ver 2002, SP3.
Internet Explorer version 8.0
Java6 Update 20

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:55 AM

Posted 01 March 2011 - 11:06 AM

What does the MBAM Pop up say?

#3 RDUB4Q

RDUB4Q
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 01 March 2011 - 11:25 AM

Forgive me at this time as I don't have the exact message. I will post later after it happens again.

It does state that MBAM has blocked access to this website, lists an IP address(I believe) and also lists a Type as outgoing.


Update

---------------------------Pop up Message---------------------

Malwarebytes has blocked access to a potentially dangerous website.
IP address: *********
Type: Outgoing

Edited by RDUB4Q, 01 March 2011 - 11:48 AM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:55 AM

Posted 01 March 2011 - 11:55 AM

Please do not hide the IP addresses. You are not helping me or yourself out.

#5 RDUB4Q

RDUB4Q
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 01 March 2011 - 12:07 PM

I wasn't on that computer when the pop up happened. They were able to get the text of the message from them before the pop up went away. They were able to make it happen again. 174.36.243.14 was the IP in the pop up. These messages are random and don't happen for periods of time.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,961 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 AM

Posted 01 March 2011 - 12:08 PM

IP Protection (malicious website blocking) is part of the Protection Module and works after it is enabled. When attempting to go to a malicious website, Malwarebytes will block the attempt and provide an alert. Some programs on your computer have access to the Internet and that action can also trigger an IP alert. These events are stored in the "protection-log". Your firewall should be able to give you a list of such programs so you can confirm if they are legitimate. IP Protection is also designed to block incoming connections it determines to be malicious.

Information that explains IP Protection feature can be found in the Malwarebytes Anti-Malware IP Protection FAQs.

What does IP Protection do?
IP Protection provides an additional layer of security for your computer, by preventing access to known malicious IP addresses and IP ranges...

What does this notification mean?
This notification means quite simply, that an IP address has been blocked. It does NOT necessarily mean you are infected, it simply means a program on your computer (e.g. your browser, IM program, P2P program etc), tried accessing a malicious IP address...

Other FAQs about IP Protection
How does it do this?
How does it inform you?
I got an alert and I wasn't even surfing, how's that happen?
I received a notification on a safe site, why?
How do I disable this?
I got an alert for an IP or website I think is safe, how can I report it?
Does the IP Protection replace my firewall?
Where do I find the IP Protection logs?
How can I add an IP so it won't be detected and can access a site I need to?[/b]


If you are using peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, Kontiki, BitTorrent, uTorrent, BitLord, BitLord, BearShare, Azureus/Vuze, etc) or an (IM) client, be aware they can trigger alerts. Why? Because these kind of programs are a security risk which can make your system susceptible to a smörgåsbord of malware infections and remote attacks for several reasons to include pop-up ads and malicious Flash ads that can lead to rogue sites where the IP address has been blocked. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Even your Browser is susceptible to ads so just surfing the net or going to unsafe sites may trigger alerts in order to protect you.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 RDUB4Q

RDUB4Q
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 01 March 2011 - 12:21 PM

My concern with the pop ups comes from a previous issue from last summer(link below)that I received sucessful assistance from Bleeping Computer. These pop ups were one of the symptoms. I have the paid version of MBAM and appreciate the protection that they give. Since the scans don't show anything I guess can I assume that it is working correctly. I am just having an issue with the recent increased random pop ups at trusted sites when they weren't happening less than a week ago.

http://www.bleepingcomputer.com/forums/topic325150.html/page__p__1805159__fromsearch__1#entry1805159

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:55 AM

Posted 01 March 2011 - 12:28 PM

I would post again in the Malware Removal section. It seems that you never did follow up with the last thing in your post about tidserv.

#9 RDUB4Q

RDUB4Q
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 01 March 2011 - 12:59 PM

I will move this over there. Thanks for your insight.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,961 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 AM

Posted 01 March 2011 - 01:41 PM

Let us know when you have done that so we can close this thread to avoid confusion.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 RDUB4Q

RDUB4Q
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 01 March 2011 - 01:49 PM

Will do. I'm going through the Preparation Guide. It looks like that will take a while.

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,961 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 AM

Posted 01 March 2011 - 01:57 PM

If you cannot complete a step, then skip it and continue[/b] with the next.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users