Jump to content

successfully blocked access to a potentially malicious website


Recommended Posts

Hi, I have been rolling out a group of registered version MalwareBytes installs. Several of the machines are popping up messages stating "successfully blocked access to a potentially malicious website" with an IP address. This is while no web browsers are running. I have not had any success in finding out what is trying to go out from these machines. Here is a list of IPs that have been blocked so far. They all seem to be in China.

59.53.92.229

61.147.120.209

117.135.131.16

121.8.251.5

121.9.221.159

122.224.54.76

205.209.161.102

208.73.210.28

210.51.180.222

217.23.9.158

222.189.238.166

222.76.211.62

222.76.212.202

I added Zone Alarm to one computer in hopes the firewall logs would show a process trying to get out to one of these IPs but MB has not logged an attempt since the addition of the extra firewall.

Please advise!

thanks

Link to post
Share on other sites

Hello psears and B)

If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

Thanks :lol:

I'm just a regular licensed user that has the same pop-up of a blocked site: 94.75.229.139 Is there a way to find out what this is? Is it something I should try to get rid of?

Link to post
Share on other sites

Hello SailorRipley and Welcome to malwarebytes.org

What does this notification mean?

This notification means quite simply, that an IP address has been blocked. It does NOT necessarily mean you are infected, it simply means a program on your computer (e.g. your browser, IM program, P2P program etc), tried accessing a malicious IP address. If this notice was presented when you were not actually doing anything on the machine, then I suggest having your computer looked at.

I got an alert and I wasn't even surfing, how's does that happen?

There are many applications on your system which have access to the Net and any of these can trigger an IP alert with no browser open. Most common offenders are P2P applications and IM clients, usually an ad will trigger an alert. An advanced or premium firewall will be able to give you a list of programs which can access the Net.

Read more of the facts HERE

NOTE: If you have any of these programs installed, suggest uninstalling them and then run a Quick scan with Mbam.

Please post back if you have any problems. Thanks

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or HERE

Link to post
Share on other sites

  • Staff
I'm just a regular licensed user that has the same pop-up of a blocked site: 94.75.229.139 Is there a way to find out what this is? Is it something I should try to get rid of?

If that's true why would you be 'rolling out a group of Malwarebytes' installs'? That type of language is not used by 'regular' users.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.