Jump to content

Recommended Posts

please help me I am tring to figure this out.... I'm a tech that is running a computer with new installed windows 7 ultimate on an SSD and when I open chrome i get something from malwarebytes saying 198.105.244.114 Malicious Website is being blocked port 50924 c:\program files (x86) \google\chrome\application\chrome.exe

Link to post
Share on other sites

Hello and :welcome: :
 
Information about IP blocks here: What does it mean when I get an alert that Malwarebytes Anti-Malware has blocked a malicious site?
 
From ip-lookup.net:

NetRange: 198.105.240.0lookup-s.gif - 198.105.255.255lookup-s.gif
CIDR: 198.105.240.0lookup-s.gif/20
NetName: SEARCHGUIDE
NetHandle: NET-198-105-240-0-1
Parent: NET198 (NET-198-0-0-0-0)
NetType: Direct Assignment
OriginAS:
Organization: Search Guide Inc (SG-63)
RegDate: 2012-07-10
Updated: 2012-07-10
Ref: http://whois.arin.net/rest/net/NET-198-105-240-0-1


OrgName: Search Guide Inc
OrgId: SG-63
Address: 1942 Broadway
Address: Suite 319
City: Boulder
StateProv: CO
PostalCode: 80302
Country: US
RegDate: 2012-06-26
Updated: 2012-06-26
Comment: Standard NOC hours are 7am to 6pm EST
Ref: http://whois.arin.net/rest/org/SG-63

 
If you think that the block might be a False Positive, please start with the advice HERE and then please post the requested info in a new post in the website FP section HERE.
 
OTOH, if you think you might be infected, then I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested, preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue.

Thanks,

Link to post
Share on other sites

I ahve done a little more digging into this and found out that the ip is directed to frontier But i use none of there software only there modem that is connected through lan to my router thats a belkin just really confused ..... I dont think its a false positive but is strange .....

 

 

By the way I'm A+, Net+, CCNA, MCSE+ certified

Running win7 ult 64 bit 6.1 build 7601

dual CPU AMD FX 8 core 8310 so 16 cores 3.40ghz x 16

64gb ram G.Skill 4x16

SSD sata3 250gb 860mb transfer rate

SSD ocz vertex5 120gb 700mb transfer rate

2TB between 3 drives

BRAY Burner

ONboard 1gb 760g

Link to post
Share on other sites

Hi:

 

Per our MBAM Malware Intelligence Analyst , in your other thread:

https://forums.malwarebytes.org/index.php?/topic/173092-198105244114/#entry991074
 

It's not an F/P I'm afraid. The IP belongs to a DNS hijacker.

Please first switch your DNS settings as per;

https://forums.malwarebytes.org/index.php?/topic/172652-read-me-seeing-9224214021-blocks-read-me-please/

Then continue in your other thread, to have your machine checked (whilst you mentioned it's a clean install, the IP only shows up for non-resolving or otherwise mis-typed hostnames, meaning either there's a rogue extension present or something trying to load a previously existing hostname)


It's certainly up to you, but I suggest that you might want to please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
It explains the options for free, expert help >>AND<< the suggested, preliminary steps to expedite the process.
A malware analyst will assist you with looking into your issue in the special forum area reserved for such work.

 

Thanks again,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.