Jump to content

Blocking possialby malicious IP's


Guest garybear

Recommended Posts

Guest garybear

Hello!!

Sense I'm PC illiterate and not smart enough to help members on FP, I thought I might start a topic here and those who know, can correct my false statements.

This is how I explain MBAM in noobie language.

MBAM has a feature that blocks malicious IP addresses; which is very cool because MBAM's Website Blocking feature helps keeps your PC from becoming infected; which to a noobie means MBAM not only finds infections after you have been infected and quarantines them; it also helps stops your PC from getting infected by blocking potential malicious Websites before they can infect you. Now that's very cool my friend.

Now then , what does it mean when MBAM blocks incoming malicious IP addresses? To a illiterate noobie, this means MBAM is blocking a malicious Website trying to find a open port on your PC to spam you or even worse take control of your PC for malicious purposes. If you have the tool tip enabled, when MBAM blocks a malicious Website, you will see a pop up in the lower right corner telling you MBAM blocked a malicious Website. The big boys who are a lot smarter than me tell me your router or firewall should block these. I have Avira AV=Online Armor and a Comtrend Router. They don't block these; (mostly Chinese) malicious IP's. In the past I have received as many as 700+ blocked IP's in 24 hours.

This is the way I stopped this my friends. I reported these to my ISP and Homeland Security. I haven't got one blocked Chinese IP in over a week and I doubt if I ever get another one. If I do I will report it to my ISP.

Now this talk about blocked out going malicious Websites. Once again to a illiterate noobie this means your PC is trying to connect to a website that MBAM thinks is a danger to your PC so MBAM blocks it.

What does this mean??

First you have to know what you are doing to cause this to happen. Are you trying to connect to a Website that may be a danger to your PC, or maybe this is just a false positive, Report it to MBAM and see what they have to say about that IP. If you think it's safe even after MBAM has told you it isn't safe, you can put it in the ignore list and it won't pop up again. I don't recommend that.

Next; You are connected to the internet but you aren't trying to go to a Website, but these malicious IP's keep poping up every few minutes. You got problems my friend and you need help from our malware fighters. They will work with you and solve that problem.

That's how this old illiterate noobie understands my MBAM.I'm sure if I have not explained this right, someone will post and let me know.

I hope I have helped someone. Feel free to correct or ask questions.

garybear

Link to post
Share on other sites

Guest garybear

Hello!!

I would like to add this!!

When you report a blocked IP; please explain when you are getting it== what kind (incoming or outgoing)== how many times your getting it.

Are you getting it all the time or just when you are trying to access the Web??

That will help the person responding to your post.

Link to post
Share on other sites

Guest garybear

Hello my good friend!!

I'm not sure how to answer your question. MBAM does block some Trojans I think???

I think your anti-virus would block a Trojan. I doubt if it would show up in MBAM log as a blocked malicious IP.

I have Avira AV- online Armor -and MBAM PRO. I feel like I'm very well protected.

I'll wait for the big boys to answer your question.

Thank you for your reply my friend!! PS I have only saw one Trojan try to attack my PC and Avira blocked it!! MBAM did not log it as a malicious IP.

Link to post
Share on other sites

Guest garybear
If the trojan downloader is not detected, but the IP address it tries to connect to is known to be malicious, then it should block it.

That sounds good to me my friend. That's how I understand MBAM's IP blocker????????????

Link to post
Share on other sites

Right on garybear..

Several years ago, while I was on vacation, a WORM started circulating on the web. My computers at home were off.

Later as we were ending the vacation, the news media said that the danger from the worm was now over.!

They said that if your computer had not been online during the period of "this date and that date" , you would not have the worm, and since the danger was now over, you needn't worry about getting it. This was B.S. !!

The following day after arriving home, I powered up one computer, and apparently immediately was infected by the worm.

After being on the computer for a short time, Zone Alarm alerted me that "Windows was wanting to make a trivial transfer."

Since I had never experienced that kind of message from ZA before, I simply denyed the request. After a little while, it did it again, and

a little later it shut off my computer.

From the news media, I knew this was one of the things the worm would do to an infected computer.

I powered up and searched for the fix but I had trouble getting it downloaded, since the worm was frequently turning off my lmachine, but I finally was successful in getting the repair program, and I got rid of the worm.

If a person's computer is going to an I.P. address without the user instructing it to go to the website, then it could be that the computer is being redirected by the website the user is trying to go to, or it could be being directed from a program inside the users computer.

If the latter occurs Zone Alarm or OnlineArmour would alert the user, and if the user thinks it was not malicious, he can tell ZA or OA to deny the request... and remember this decision.

Future attempts would be then blocked without the annoying pop up message, however, I would suggest getting help and fixing the problem.

wuzww :blink:

Link to post
Share on other sites

Hi Lelenina,...

You say you don't have the paid version of mbam...

Of all of the good free programs that are out there, many are great, but with mbam, I suggest you get the paid version.

It's only about $25.00, and if my memory is correct, Malwarebytes support person, Arthur Wilkinson told me it's it slightly cheaper to get it from MajorGeeks.com.

The paid version is SO MUCH BETTER than the free version, which is only a scanner.

The paid version actually STOPS attacks on your computer! ...and of course it runs, updates, and scans automatically in real time.

cheers..

wuzww :blink:

Link to post
Share on other sites

Guest garybear
Hi Lelenina,...

You say you don't have the paid version of mbam...

Of all of the good free programs that are out there, many are great, but with mbam, I suggest you get the paid version.

It's only about $25.00, and if my memory is correct, Malwarebytes support person, Arthur Wilkinson told me it's it slightly cheaper to get it from MajorGeeks.com.

The paid version is SO MUCH BETTER than the free version, which is only a scanner.

The paid version actually STOPS attacks on your computer! ...and of course it runs, updates, and scans automatically in real time.

cheers..

wuzww ;)

Just want to add. That's for a life time license You never have to pay again!!! :blink:

Link to post
Share on other sites

Guest garybear
It is one of the things I would put into consideration before I purchase it. For only $25, and also because I improve its detections, it definitely is a good purchase.

Marcin should give you a free license. If he don't email me and I'll buy you one friend!! :blink:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.