Advice Request Malwarebytes not blocking IP address

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

boredog

Level 9
Thread author
Verified
Jul 5, 2016
416
This mourning I got 6 blocks from Malwarebytes for the same IP.
I then looked at my firewall and it showed an established connection outgoing. Unfortunately I didn't take a screen shot of the firewall connection but killed the connection.
What I am wondering is if Malwarebytes logged the connection as being blocked, why did my firewall show it established. I am including a screen shot and the MB log file info.

Malwarebytes
www.malwarebytes.com
-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 10:11 AM
Log File: 07c33340-cbb2-11e7-a19e-00ffd3199732.json
Administrator: Yes
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3282
License: Premium
-System Information-
OS: Windows 10 (Build 17035.1000)
CPU: x64
File System: NTFS
User: System
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
-Website Data-
Domain: tn.symcd.com
IP Address: 23.60.139.27
Port: [51701]
Type: Outbound
File: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(end)
ScreenHunter_82 Nov. 17 10.31.jpg
 
D

Deleted member 65228

Since Microsoft Edge was the cause according to the logs, were you browsing at the time of the block alerts?
 

boredog

Level 9
Thread author
Verified
Jul 5, 2016
416
When I check tn.symcd.com on VT Malwarebytes URL checker gives an all clean and so that still doesn't explain why the installed Malwarebytes said it blocked that URL.
 
D

Deleted member 65228

Microsoft Edge was making an outbound connection to the IP address being flagged by Malwarebytes.

Code:
File: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Presumably you were browsing at the time of the alert notifications, otherwise another program was making the outbound connection whilst using Microsoft Edge to do it. Regarding VirusTotal, the engines on the service are not identical to those in the actual end-user products.

There could be many explanations, it is hard to point the finger at any without more details.
 

boredog

Level 9
Thread author
Verified
Jul 5, 2016
416
Microsoft Edge was making an outbound connection to the IP address being flagged by Malwarebytes.

Code:
File: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Presumably you were browsing at the time of the alert notifications, otherwise another program was making the outbound connection whilst using Microsoft Edge to do it. Regarding VirusTotal, the engines on the service are not identical to those in the actual end-user products.

There could be many explanations, it is hard to point the finger at any without more details.

I think was accessing the that site from e-mail for some reason.
 

eonline

Level 21
Verified
Well-known
Nov 15, 2017
1,064
Not sure what you mean.

Malwarebytes said it blocked the connection but Tinywall said I was connected. Not sure what Edge has to do with that. I use CCleaner to clear all that.

Reset Edge.Greetings friend.
 

boredog

Level 9
Thread author
Verified
Jul 5, 2016
416
And how does that problem continue? Greetings friend.

Well, last night my computer updated to the newest insider build 17040 and now Edge does not work at all. Won't open any pages and the update cleared all my favorites and killed Ublock. grrrrrr .Edge has never always opened pages in the past builds and have reported it but now they really did a number on Edge.
 

boredog

Level 9
Thread author
Verified
Jul 5, 2016
416
I did the reset you posted and rebooted and all is well again.

Thanks
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top