TechRepublic|Forums|Web Development

Web Development

Question

  • Creator
    Topic
  • April 3, 2010 at 8:01 pm #2219614

    Question

    Locked

    by santeewelding · about 14 years ago

    One, who is familiar enough with the innards of MBAM to tell me, two, when I get this increasingly common message of late:

    [b]Malwarebytes’ Anti-Malware[/b]

    [i]Successfully blocked access to a potentially malicious website: XXX.XX.XX.XX[/i]

    The several I have checked bring up references with Chinese characters. None are what I would get into bed and eat crackers with.

    I’m running the paid version of MBAM. I have also cruised their site and FAQ to an extent. I don’t see immediately an answer to my third question:

    Is MBAM blocking access from without, or access to these sites from within my system (W7)? Like, something calling home?

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Answers

  • Author
    Replies
    • April 3, 2010 at 8:01 pm #3037899

      Clarifications

      by santeewelding · about 14 years ago

      In reply to Question

      Clarifications

    • April 3, 2010 at 8:13 pm #3037898

      Pull up a command prompt window.

      by boxfiddler · about 14 years ago

      In reply to Question

      At the prompt, type ipconfig/ all

      Compare the IP addresses displayed with the IP addresses reported by MBAM. If any of the IP addresses reported by MBAM are displayed in the command results, it’s internal.

      🙂

    • April 4, 2010 at 9:02 am #3037851

      Update

      by santeewelding · about 14 years ago

      In reply to Question

      Tom Mercado, Apr 03 22:44 (PDT):

      Hello and welcome to the Malwarebytes consumer helpdesk. Thank you for choosing Malwarebytes’ Anti-Malware as your malware security solution, my name is Tom Mercado and I’ll be assisting you today.

      The IP alert indicates that an malicious IP was prevented from loading onto your system. No action is required unless you’re also experiencing malware symptoms.

      Please see the link below which contains our FAQ’s(including reporting false\positives and adding IPs) on this feature for more information:
      http://www.malwarebytes.org/forums/index.php?showtopic=21076&st=0#entry107310

      santeewelding, Apr 03 20:18 (PDT):

      http://techrepublic.com.com/5208-1009-0.html?forumID=101&threadID=328657&tag=results;CR54

      • April 4, 2010 at 11:14 am #3037844

        so your question was answered ? seems to be with the FAQ

        by cg it · about 14 years ago

        In reply to Update

        .

        • April 4, 2010 at 11:23 am #3037843

          Not exactly quite

          by santeewelding · about 14 years ago

          In reply to so your question was answered ? seems to be with the FAQ

          Helpful, yes; but, I wish there were an analysis and reporting function included so I didn’t have to drill down into it myself to find out.

        • April 4, 2010 at 11:47 am #3037842

          Sadly there are none which is lacking on a lot of consumer stuff

          by cg it · about 14 years ago

          In reply to Not exactly quite

          while consumers are pretty smart, much of what applications like malwarebytes report to the users doesn’t really say what just happened in language the user understands other than threats found and remove, no threats found.

        • April 4, 2010 at 7:46 pm #3037800

          Would this help?

          by seanferd · about 14 years ago

          In reply to Not exactly quite

          Most sites load content from many domains. Some domain loaded by a site you visited is recognized as “bad” by MBAM. Could be as simple as a link a user posted into the page, though. Or, could be a malicious script injected into the site which called the offending IP address/ domain.

        • April 4, 2010 at 8:11 pm #3037797

          Yes, indeedy

          by santeewelding · about 14 years ago

          In reply to Would this help?

          That does help.

          It’s what I meant by “drilling down”.

          I have most all these tactics in my ken, but, not necessarily at my fingertips. It’s why I’m here and throwing myself at the mercy of the community.

          Speaking of which, I’m just back from conversation with a close neighbor about how we come immediately to the aid of each other should the other seismic shoe fall.

          Our circumstances here are peculiar, contentious, and adversarial — yet, intertwined when it comes to disaster.

          I revealed to him that I have emergency medical oxygen, need be.

        • April 5, 2010 at 10:54 pm #3037572

          Ah, good.

          by seanferd · about 14 years ago

          In reply to Yes, indeedy

          I’m glad that helps a bit. I am also pleased to hear that you and your neighbor have a mutual assistance alliance for emergency purposes.

          Here’s hoping any further quakes stay in the 4.x range or lower.

          If you want for any further info on the thread topic, give us a shout. I’ve seen some rather large and well-known sites come up as malware domains in other protection systems, just because they had been hosting a bad link, or mentioned malware somehow, or had been temporarily injected with a malicious script. (Sometimes sites hacked to display a phishing page come up as malware in some systems as well.)

          Yeah, it would be handy if MBAM was more explicit about detection and determination of these things, from what I have gathered here.

  • Author
    Replies
Viewing 2 reply threads