Jump to content

malwarebytes blocking same ips


Recommended Posts

im just posting this because my malwarebytes keeps on blocking the same ips over and over again from the same files and the are

 

 
Detection, 16/07/2014 8:28:27 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 16/07/2014 8:28:27 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 16/07/2014 8:28:32 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 16/07/2014 8:28:32 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 16/07/2014 8:28:36 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 16/07/2014 8:28:37 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 16/07/2014 8:28:42 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 16/07/2014 8:28:42 PM, SYSTEM, SEBS-PC, Protection, Malicious Website Protection, IP, 193.138.238.201, 7129, Inbound, C:\Windows\System32\svchost.exe, 
 
if any smart people who know why this is happening please help also when ever i call one of my friends on Skype and the message pops up ip was blocked some times it crashes my internet is can help thanks :D
Link to post
Share on other sites

Hi:

 

That is normal, because Skype behaves like a P2P.

See here: Why does Malwarebytes Anti-Malware block Skype?

 

The safest way to deal with that is to add the Skype process to Web Exclusions, as explained in the User Guide here:

 

Add Process to Web Exclusions

Clicking the Add Process button allows you to exclude a process which would otherwise be blocked from accessing an internet address. Please note that this option is only functional on Windows Vista Service Pack 2, Windows 7, and Windows 8.x. This is typically of value to users who need to access filesharing and/or peer-to-peer applications. On occasion, IP addresses used by these applications may be blacklisted, so that Malwarebytes Website Protection blocks access to the website as a whole. Excluding the IP address makes the user more vulnerable, as would exclusion of the domain (if the website uses a domain name). Excluding the process — providing that the process is not an internet browser — would allow the P2P application to function without increasing risk.

https://www.malwarebytes.org/support/guides/mbam/

 

I hope this helps,

Link to post
Share on other sites

I would actually recommend not adding Skype to Web Exclusions simply because Skype displays third party ads which have been known from time to time to link to malvertisements (malicious advertisements hosting malware such as exploits and/or drive-by downloads or scams) so it should be treated with the same level of caution as your internet browser (which should also never be added to Web Exclusions). If you have all ads in Skype disabled or blocked through some other means such as having a premium Skype account or by using an ad-blocking HOSTS file then you should be able to safely add Skype to your Web Exclusions in Malwarebytes Anti-Malware, but otherwise I would recommend not doing so.

Link to post
Share on other sites

..Skype displays third party ads which have been known from time to time to link to malvertisements (malicious advertisements hosting malware such as exploits and/or drive-by downloads or scams) ...

Come to think out it...

There have been posts about that .  One thread's initiator blamed Microsoft and Skype.

Link to post
Share on other sites

Come to think out it...

There have been posts about that .  One thread's initiator blamed Microsoft and Skype.

Yep, just as with Google and any other ad hosting services, it's entirely possible for the ads displayed in Skype to be hijacked by the bad guys so any application that displays web-based/hosted third party ads should be treated as an internet browser and be secured as much as possible with regards to security applications and being cautious about what you click.
Link to post
Share on other sites

Hello All:

 

At this point, is it best if the user quits/exits Skype when not in use. The downside being the user misses incoming call opportunities. Or can another technique be crafted? The user will soon tire seeing the incoming block notices.

Link to post
Share on other sites

Yeah, for now that's probably the only viable option (assuming it is actually viable and the user doesn't need to have Skype running in order to receive calls). Eventually we will be implementing greater control over notifications so that the user would be able to do things such as disable all block notifications from Malicious Website Protection (though it would still continue to actively protect them and log the blocks in their protection logs) or even disable the notifications for blocks from specific websites and/or applications so that whenever Skype is blocked, they don't have to see the notification but they remain fully protected.

It may be a while, but such changes are on our list of improvements we want to make to the UI and the user experience.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.