Jump to content

Recommended Posts

Every time I go to the web I get a bubble from my Malwarebyte icon in the system tray with the following message:-

"Malwarebytes Anti-Malware has successfully blocked access to malicious IP: 208.94.233.132."

My question is, can I trace this IP, and what would be the best advise for this problem? I am aware that I can turn off the protection by right clicking the icon, but this is not recommended. Your help would be appreciated.

Thank you

Nos

Link to post
Share on other sites

you can find information on the new IP Protection feature HERE if that does not answer your question or need clarification stop by and let us know.

Thank you Firefox for your help. I read that information, but it did not answer the question of "what is this site and should I ignore it". Is it wise to ignore this IP and is there a way of identifying the IP?

Nos

Link to post
Share on other sites

Hi Nos -

Is this the type of result you were looking for -

www.Xhammster.com - Xhammster

A very noted pornography site is one of the sites listed at this IP - Many other sites are listed here, some good and some bad, but this would be one reason the IP was blocked -

Result from Squid Analysis Report Generator (SARG) -

I found this in http://www.giveawayoftheday.com/swf-quicker-4-7-holiday/. it looks like some kind of tracking script because it points to this site - http://link.informer.com

Also this from a report on the site by Fanboy's Adblock List - Both are from the IP you submitted -

Hope it helped - :)

EDIT - There are some good sites using this IP so it is up to you if you block or allow it -

Link to post
Share on other sites

Hi Nos -

Is this the type of result you were looking for -

www.Xhammster.com - Xhammster

A very noted pornography site is one of the sites listed at this IP - Many other sites are listed here, some good and some bad, but this would be one reason the IP was blocked -

Result from Squid Analysis Report Generator (SARG) -

I found this in http://www.giveawayoftheday.com/swf-quicker-4-7-holiday/. it looks like some kind of tracking script because it points to this site - http://link.informer.com

Also this from a report on the site by Fanboy's Adblock List - Both are from the IP you submitted -

Hope it helped - :)

Thanks Noknojon for the info, what would you advise I do to get rid of the bubble?

Regards

Nos

Link to post
Share on other sites

Hi Nos -

Just read and follow the information in the link below from our FAQ section

http://www.malwarebytes.org/forums/index.p...st&p=162100

It describes the IP blocking features and whether or not, plus how, you should allow sites -

Good Luck - :)

Many thanks again Noknojon,

I thought the site in question was WZ Communications, I have never heared of it before or had any reason to go to it.( At least to my knowledge.) Anyway I have hit the ignore button which is easier than the registry switching that is a little outside my computer competence. I have burst the bubble and all is going well.

Regards from Nos in Tassie

Link to post
Share on other sites

Hi Nos -

The site you mention may very well use that IP - I only picked a few of the bad ones I saw from doing a reverse IP check -

There are several good sites there (including news outlets) but if you pick an Internet hosting Provider that also hosts several well known bad sites then they must deal with it - We only block IP's and not individual sites - I hope this is helpful -

Thank You for calling back - :)

EDIT - Please hit the Fast Reply or Add Reply Tabs -

Link to post
Share on other sites

  • Root Admin

Registry Switches for Controlling IP-Blocking

Create the indicated registry value (labeled as key | value) with the indicated data and reboot to enforce the policies below. All of the values are of type DWORD

In order to create a registry value, open the Registry Editor (Click on Start -> Run -> and type in REGEDIT.EXE)

Browse to the key listed, and then right-click in the right-hand panel and choose New -> DWORD and create one of the listed keys and set the value as shown.


    x86 32 Bit Key: HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware
    x64 64 Bit Key: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
  1. silentipmode
    Description: With a DWORD value of 1, the protection module will block and log IPs silently.
  2. startipdisabled
    Description: With a DWORD value of 1, IP blocking will start disabled on reboot, although it can be enabled subsequently.
  3. disableipblocking
    Description: With a DWORD value of 1, IP blocking will be permanently disabled (cannot be toggled).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.