I would list the IP's but I do not know if MBAM saves a log when it blocks IP's.
I do know they are all "Outgoing" and upon googling the IP addresses they are in France, Japan, Belgium, etc. All foreign countries.
Type: outgoing, Port: -----, Process: avastsvc.exe)
Is this something I should be concerned about?
I will gladly upload a log if someone could kindly let me know how.
Thanks for your time.
One more thing:
I have a 'service' running in the task manager which raised some suspicion.
"SamSs" is the name
PID 596
Description: Security Accounts Manager
Googling this came up with results claiming it was a Facebook virus, but with no other information.
I have run MBAM, SASS, Avast, and Spybot with clean results from all.
Blocking IP's located in foreign countries
Started by Optimist_Mind, Jan 15 2013 06:14 PM
1 reply to this topic
#2
daledoc1
-
- Spam Hunters
-
- 7,933 posts
Forum Deity
- Gender:Not Telling
Posted 15 January 2013 - 06:23 PM
Hello and welcome, Optimist_Mind: 
This KB article explains why MBAM appears to be blocking your antivirus: Why is Malwarebytes Anti-Malware blocking my antivirus?
More specifically, IP blocks can indicate a number of things:
They also contain instructions on how to determine what process might be trying to make the connections.
You may also research the IP in question at www.ip-lookup.net or a similar site.
On the other hand, if you think the IP blocks might be a false positive, then please read this sticky topic before starting a new topic in the False Positives forum.
Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following to begin the cleaning process: Available Assistance For Possibly Infected Computers.
Thanks!
daledoc1
This KB article explains why MBAM appears to be blocking your antivirus: Why is Malwarebytes Anti-Malware blocking my antivirus?
More specifically, IP blocks can indicate a number of things:
- They could indicate that MBAM is doing its job of blocking bad content on websites.
- They can also occur when running Skype and certain P2P programs, such as torrents.. For example, please see this help desk topic about Skype and this one about P2P.
- In some cases the blocks are a false positive.
- However, they can also be a sign of infection, especially if the blocks are outgoing and they occur when no browsers are open.
They also contain instructions on how to determine what process might be trying to make the connections.
You may also research the IP in question at www.ip-lookup.net or a similar site.
On the other hand, if you think the IP blocks might be a false positive, then please read this sticky topic before starting a new topic in the False Positives forum.
Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following to begin the cleaning process: Available Assistance For Possibly Infected Computers.
Thanks!
daledoc1
Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx 21.0; TB 17.0.6; Cable HSI; MBAM PRO 1.75.0.1300; KIS2013; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx 21.0; TB 17.0.6; Cable HSI; MBAM PRO 1.75.0.1300; KIS2013; SAS Free; CCleaner.
LT: Win7 Pro/32 SP1; Intel Core 2 Duo @2.8 GHz; 4 GB RAM; NVIDIA Quadro NVS 160M; IE 9; Fx 21.0; TB 17.0.6; WLAN; MBAM PRO 1.75.0.1300; KIS2013; SAS Free; CCleaner.
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx 21.0; TB 17.0.6; Cable HSI; MBAM PRO 1.75.0.1300; KIS2013; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx 21.0; TB 17.0.6; Cable HSI; MBAM PRO 1.75.0.1300; KIS2013; SAS Free; CCleaner.
LT: Win7 Pro/32 SP1; Intel Core 2 Duo @2.8 GHz; 4 GB RAM; NVIDIA Quadro NVS 160M; IE 9; Fx 21.0; TB 17.0.6; WLAN; MBAM PRO 1.75.0.1300; KIS2013; SAS Free; CCleaner.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
