Malwarebytes Anti-Malware Malicious Website Blocking
I downloaded MBAM and have been running it. Several times it blocked a malicious webstie...I think I have had Utorrent running when it crashes but am not sure if this is always true
(IP Protection) is part of the Protection Module
in the Premium (Pro) version and works after it is enabled. When attempting to go to a potential malicious website, Malwarebytes will block the attempt and provide an alert. An outgoing IP alert
indicates that a process on your system tried to access a malicious IP and was prevented from loading content onto your system. A browser is not required to be running for an alert to occur...just an active Internet connection with processes running. IP alerts are also triggered by banner ads appearing on websites since in some case these ads are malicious. Notification that an outgoing IP address has been blocked does not
necessarily mean the computer is infected. Some legitimate programs on your computer (i.e. iTunes, Instant Messenger client, SKYPE, P2P software, web browsers) have access to the Internet and that action can trigger an IP alert if it tried to access a malicious IP address. No action is required unless you're also experiencing malware symptoms or there are multiple IPs. Your firewall should be able to give you a list of such programs so you can confirm if they are legitimate.
IP Protection is also designed to block incoming connections
it determines to be malicious. Botnets
and Zombie computers
scour the net, randomly scanning a block of IP addresses, searching for vulnerable ports
- commonly probed ports
and make repeated attempts to access them. Hackers use "port scanning
", a popular reconnaissance technique, to search for vulnerable computers with open ports using IP addresses or a group of random IP address ranges so they can break in and install malicious programs. Malwarebytes is doing its job by blocking this kind of traffic and alerting you about these intrusion attempts.
As noted above, if you are using peer-to-peer (P2P) file sharing
programs (i.e. Limewire, eMule, Kontiki, BitTorrent, uTorrent, BitLord, BitLord, BearShare, Azureus/Vuze, Skype, etc) or an Instant messaging
(IM) client, they can trigger Malicious Website Blocking alerts. Why?
P2P programs are a security risk which can make your system susceptible to a smörgåsbord of malware infections
and remote attacks. Malwarebytes IP Protection will block access to some of the peers a P2P client attempts connection to because they are classified or detected as malicious.