I was just browsing a website which i know is 100% safe and out of the blue I get a message from my firewall saying it has blocked a website.
What site were you browsing and how do you know it is safe? Sites are hacked all the time.
As for the IP blocked;
Much is noted here;
http://www.robtex.co...x?q=94.23.4.164 More info incl blocklists;
http://www.robtex.co...4.23.4.164.htmlWOT;
http://www.mywot.com...ard/94.23.4.164SiteAdvisor;
http://www.siteadvis...tes/94.23.4.164Proxomitron Log;
Note; No page view was allowed.
+++GET 764+++
GET / HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mikey/0.02 [fu] (Win67; X; SK)
Accept-Encoding: gzip, deflate
If-Modified-Since: Mon, 09 Nov 2009 08:38:30 GMT
If-None-Match: "55f17-1fb-477ec1e3acd80"-gzip
Host: 94.23.4.164
Pragma: no-cache
Connection: keep-alive
Browser reload detected...+++RESP 764+++
HTTP/1.1 200 OK
Date: Wed, 23 Jun 2010 02:33:39 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch
Last-Modified: Mon, 09 Nov 2009 08:38:30 GMT
ETag: "55f17-1fb-477ec1e3acd80"-gzip
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 326
Content-Type: text/html
BlockList 764: in AdKeys, line 14
Match 764: Banner Blaster (limit text)
Match 764: Kill pop-up windows
Match 764: Suppress all JavaScript errors
Match 764: Stop browser window resizing
<end> 764: Restore pop-ups after a page loads
+++CLOSE 764+++
BlockList 765: in Bypass, line 19
Browser reload detected...Fiddler Source Capture;
http://voiceofthepub...94.23.4.164.txt iframe;
http://voiceofthepub...64fling_com.txtI've scanned my computer several times and it's clean
BTW IMO a reactionary scanner that depends on definitions can NOT and NEVER will be able to tell whether your sys is 'clean' or not.
Edited by mikey, 22 June 2010 - 09:22 PM.
MalwareSite.JPG 17.29KB
24 downloads
