Question

Locked

Question

By santeewelding ·
One, who is familiar enough with the innards of MBAM to tell me, two, when I get this increasingly common message of late:

Malwarebytes' Anti-Malware

Successfully blocked access to a potentially malicious website: XXX.XX.XX.XX

The several I have checked bring up references with Chinese characters. None are what I would get into bed and eat crackers with.

I'm running the paid version of MBAM. I have also cruised their site and FAQ to an extent. I don't see immediately an answer to my third question:

Is MBAM blocking access from without, or access to these sites from within my system (W7)? Like, something calling home?

This conversation is currently closed to new comments.

13 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Pull up a command prompt window.

by boxfiddler Moderator In reply to Question

At the prompt, type ipconfig/ all

Compare the IP addresses displayed with the IP addresses reported by MBAM. If any of the IP addresses reported by MBAM are displayed in the command results, it's internal.

:)

Collapse -

Light

by santeewelding In reply to Pull up a command prompt ...

Your 150th genuine candle.

Collapse -

Adjustment

by santeewelding In reply to Pull up a command prompt ...

It's, ipconfig(space)/all.

Lot's of hex, and Teredo Tunneling Psuedo-Interface (that's Martian, right?)

Thank you. No one-to-one correspondences found. Probably outside to inside.

Collapse -

Oops.

by boxfiddler Moderator In reply to Adjustment

You're right. space /all. Remember, goofy...

Collapse -

Martian

by seanferd In reply to Adjustment

Yep. IPv6, on the TTPI and hex strings.

Collapse -

Update

by santeewelding In reply to Question

Tom Mercado, Apr 03 22:44 (PDT):

Hello and welcome to the Malwarebytes consumer helpdesk. Thank you for choosing Malwarebytes' Anti-Malware as your malware security solution, my name is Tom Mercado and I'll be assisting you today.

The IP alert indicates that an malicious IP was prevented from loading onto your system. No action is required unless you're also experiencing malware symptoms.

Please see the link below which contains our FAQ's(including reporting false\positives and adding IPs) on this feature for more information:
http://www.malwarebytes.org/forums/index.php?showtopic=21076&st=0#entry107310

santeewelding, Apr 03 20:18 (PDT):

http://techrepublic.com.com/5208-1009-0.html?forumID=101&threadID=328657&tag=results;CR54

Collapse -

so your question was answered ? seems to be with the FAQ

by CG IT In reply to Update
Collapse -

Not exactly quite

by santeewelding In reply to so your question was answ ...

Helpful, yes; but, I wish there were an analysis and reporting function included so I didn't have to drill down into it myself to find out.

Collapse -

Sadly there are none which is lacking on a lot of consumer stuff

by CG IT In reply to Not exactly quite

while consumers are pretty smart, much of what applications like malwarebytes report to the users doesn't really say what just happened in language the user understands other than threats found and remove, no threats found.

Collapse -

Would this help?

by seanferd In reply to Not exactly quite

Most sites load content from many domains. Some domain loaded by a site you visited is recognized as "bad" by MBAM. Could be as simple as a link a user posted into the page, though. Or, could be a malicious script injected into the site which called the offending IP address/ domain.

Back to Web Development Forum
13 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums