The reason that I posted this in the privacy problems section is because it appears to be a privacy problem. I recently bought a premium version of Malwarebytes. After installing it I got a pop-up telling me that a malicious website has been blocked. IP: 198.138.219.228 - (which is NTT America) Port: 54205 Type: outbound Process: C:\Windows\System32\svchost.exe With the Malicious Website Protection enabled I cannot even connect to the internet. I have to disable it to even update malwarebytes. I don't understand why NTT America is creating an outbound connection from my computer that MB sees as malicious. I also have a portable version of Windows 7 in a TC container. When I installed a trial version of MB on the virtual machine, I got the same warning. I had Shadow Defender enabled so I restarted and connected my VPN and then installed MB again. There was no warning. So I guess this means that the outbound connection is only on my real computer. Does anyone have any idea what is going on here?
I think I just figured it out. I have been using Panda free antivirus and evidently they use NTT America. I uninstalled Panda and no more warning. But I wonder why it looks malicious to Malwarebytes? I guess I need to find another free antivirus.
Well, Panda does send your stuff to its servers for scanning, I believe. Maybe there's something in the other-anti-virus-software subforum on that.
Hi caspian, Have you tried including your Panda AV in the exclusions list within the Malwarebytes program? With my own AV, I have it included in the Malwarebytes exclusions list, and likewise, MBAM is in my AV's exclusion list. (i.e. MBAM > SETTINGS > MALWARE EXCLUSIONS) Mirimir's suggestion is correct, as there are some "help topics" at the MBAM Forums which address the issue of conflicts between MBAM and various other programs. Hope this may help.
Hello caspian: A casual check of IP = 198.138.219.228 shows it unresponsive to browser connection attempts and a few pings. Oddly though a blocking notice from MBAM's Malicious Website Module was not experienced. Would you please double-check your MBAM's History > Application Logs > Protection Log for the time in question? Thank you. @kls490: A Malware Exclusion entry is very seldom required with the latest MBAM Premium releases, and even then only when on-access scans slow a system. Thank you.
I just scanned that IP address with Zulu and its score was 5/100 - benign. Only thing noted was a few parked/suspended domains associated with it. One problem with MBAM Pro is that if it detects a problem with anything, it will block the IP. In this case, it appears to be blocking a server in the backbone.
No, I decided to try something different. ZoneAlarm offered me their security suite for $9 so I uninstalled Panda. I had thought about excluding it but I felt uncomfortable with the fact that Malwarebytes saw it as a malicious site. I've used MBAM before and had websites blocked. But it never blocked my entire connection to the internet like that, so I got a little creeped out.
I don't see anything for the 4th. It just shows the 5th and the 6th. I do use Shadow Defender but is not enabled when I first turn on my computer. I bought MBAM on the 4th and that's when I uninstalled Panda and installed ZA. I'm confused as to why there are no logs for the 4th. Maybe I should add both Panda and MBAM on my VM and see what happens.
Blocking a server in the backbone? I bet someone reported it. My entire internet connection was blocked. Maybe I should have been more patient and just emailed MBAM but it seemed pretty suspicious. No problems with Zonealarm security suite so far ($9). It does slow some things down a little but I guess I can live with that. Thanks for the feed back.