psears

successfully blocked access to a potentially malicious website

7 posts in this topic

Hi, I have been rolling out a group of registered version MalwareBytes installs. Several of the machines are popping up messages stating "successfully blocked access to a potentially malicious website" with an IP address. This is while no web browsers are running. I have not had any success in finding out what is trying to go out from these machines. Here is a list of IPs that have been blocked so far. They all seem to be in China.

59.53.92.229

61.147.120.209

117.135.131.16

121.8.251.5

121.9.221.159

122.224.54.76

205.209.161.102

208.73.210.28

210.51.180.222

217.23.9.158

222.189.238.166

222.76.211.62

222.76.212.202

I added Zone Alarm to one computer in hopes the firewall logs would show a process trying to get out to one of these IPs but MB has not logged an attempt since the addition of the extra firewall.

Please advise!

thanks

Share this post


Link to post
Share on other sites

Hello psears and :)

If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

Thanks :)

Share this post


Link to post
Share on other sites
Hello psears and B)

If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

Thanks :lol:

I'm just a regular licensed user that has the same pop-up of a blocked site: 94.75.229.139 Is there a way to find out what this is? Is it something I should try to get rid of?

Share this post


Link to post
Share on other sites

Hello SailorRipley and Welcome to malwarebytes.org

What does this notification mean?

This notification means quite simply, that an IP address has been blocked. It does NOT necessarily mean you are infected, it simply means a program on your computer (e.g. your browser, IM program, P2P program etc), tried accessing a malicious IP address. If this notice was presented when you were not actually doing anything on the machine, then I suggest having your computer looked at.

I got an alert and I wasn't even surfing, how's does that happen?

There are many applications on your system which have access to the Net and any of these can trigger an IP alert with no browser open. Most common offenders are P2P applications and IM clients, usually an ad will trigger an alert. An advanced or premium firewall will be able to give you a list of programs which can access the Net.

Read more of the facts HERE

NOTE: If you have any of these programs installed, suggest uninstalling them and then run a Quick scan with Mbam.

Please post back if you have any problems. Thanks

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or HERE

Share this post


Link to post
Share on other sites

Hi Sailor - (Always wanted to say that) -

Please fully read the FAQ , Section G as listed by Wide Glide first -

Please post back if you have further questions or problems -

Thank you -

Share this post


Link to post
Share on other sites
I'm just a regular licensed user that has the same pop-up of a blocked site: 94.75.229.139 Is there a way to find out what this is? Is it something I should try to get rid of?

If that's true why would you be 'rolling out a group of Malwarebytes' installs'? That type of language is not used by 'regular' users.

Share this post


Link to post
Share on other sites

User is being assisted by Corporate Support. I will close this post now.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.