Every five minutes or so for over a month Malwarebytes has given me the pop-up message; "Anti-Malware IP Protection: Infection Detected," and giving me an IP number (I've received a few different IPs.) I've run both quick and full scans, and I update daily. I thought that this might be a temporary issue with the software that would get fixed in an update but it's been going on for a while now. Anyone know what's wrong? The constant pop-up is worrisome and annoying. I'm pretty sure it didn't do this for the first few months I had it.
Full Version: Constant IP Pop-Up
Hello and Welcome to Malwarebytes.
You're correct this is a new feature designed to help protect you from sites that could potentially infect you.
Please post the log that should be located here: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
and we'll take a look and see if it's a False Positive or if your system is in fact in contact with a bad site.
If you're running P2P sharing software then I can guarantee you that your often in contact with bad sites due to the nature of how that type of software operates.
You can ignore it, you can temporarily disable it before you run your P2P software
But go ahead and post your log and we'll be able to assist you better.
Thank you.
You're correct this is a new feature designed to help protect you from sites that could potentially infect you.
Please post the log that should be located here: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
and we'll take a look and see if it's a False Positive or if your system is in fact in contact with a bad site.
If you're running P2P sharing software then I can guarantee you that your often in contact with bad sites due to the nature of how that type of software operates.
You can ignore it, you can temporarily disable it before you run your P2P software
But go ahead and post your log and we'll be able to assist you better.
Thank you.
If you look here there is an explanation of what the IP Protection is and how it works: http://www.malwarebytes.org/forums/index.php?showtopic=21076
Ok I have the same issue, as I am sure everyone else does since 1.40 went live. Constant IP warnings. However scans are clean and MBAM is updated daily. Here is today's log thru 8pm or so. Always seems to be the same or similar IP's.........so what's it telling me.................
00:11:59 Greg IP-BLOCK 121.12.110.188
00:55:18 Greg IP-BLOCK 125.65.112.161
01:14:15 Greg IP-BLOCK 121.15.245.215
02:09:38 Greg IP-BLOCK 125.65.112.161
02:42:11 Greg IP-BLOCK 218.6.15.146
03:23:59 Greg IP-BLOCK 125.65.112.161
03:35:16 Greg IP-BLOCK 125.65.112.217
04:38:22 Greg IP-BLOCK 125.65.112.161
05:04:14 Greg IP-BLOCK 208.64.123.133
05:52:46 Greg IP-BLOCK 125.65.112.161
05:57:04 Greg IP-BLOCK 121.15.245.215
07:07:39 Greg IP-BLOCK 125.65.112.161
08:17:56 Greg IP-BLOCK 125.65.112.217
08:17:56 Greg IP-BLOCK 125.65.112.217
08:20:54 Greg IP-BLOCK 121.15.245.215
08:22:06 Greg IP-BLOCK 125.65.112.161
09:05:33 Greg IP-BLOCK 218.6.15.146
09:36:46 Greg IP-BLOCK 125.65.112.161
10:21:06 Greg IP-BLOCK 222.73.68.25
10:51:15 Greg IP-BLOCK 125.65.112.161
11:52:55 Greg IP-BLOCK 121.15.245.215
11:52:57 Greg IP-BLOCK 121.15.245.215
12:19:50 Greg IP-BLOCK 125.65.112.161
12:21:11 Greg IP-BLOCK 125.65.112.161
12:43:48 Greg IP-BLOCK 125.65.112.217
13:06:02 Greg IP-BLOCK 121.15.245.215
13:06:04 Greg IP-BLOCK 121.15.245.215
13:47:32 Greg IP-BLOCK 125.65.112.161
14:00:06 Greg MESSAGE IP Protection stopped
14:00:10 Greg MESSAGE Database updated successfully
14:00:10 Greg MESSAGE IP Protection started successfully
15:00:41 Greg IP-BLOCK 125.65.112.161
15:07:07 Greg IP-BLOCK 218.6.15.146
15:32:41 Greg IP-BLOCK 121.15.245.215
16:13:52 Greg IP-BLOCK 125.65.112.161
17:14:24 Greg IP-BLOCK 125.65.112.217
17:14:24 Greg IP-BLOCK 125.65.112.217
17:18:16 Greg IP-BLOCK 218.6.15.138
17:27:03 Greg IP-BLOCK 125.65.112.161
17:42:03 Greg IP-BLOCK 219.150.171.69
17:42:06 Greg IP-BLOCK 219.150.171.69
17:58:34 Greg IP-BLOCK 121.15.245.215
18:40:15 Greg IP-BLOCK 125.65.112.161
19:11:41 Greg IP-BLOCK 121.15.245.215
19:11:45 Greg IP-BLOCK 121.15.245.215
19:53:28 Greg IP-BLOCK 125.65.112.161
00:11:59 Greg IP-BLOCK 121.12.110.188
00:55:18 Greg IP-BLOCK 125.65.112.161
01:14:15 Greg IP-BLOCK 121.15.245.215
02:09:38 Greg IP-BLOCK 125.65.112.161
02:42:11 Greg IP-BLOCK 218.6.15.146
03:23:59 Greg IP-BLOCK 125.65.112.161
03:35:16 Greg IP-BLOCK 125.65.112.217
04:38:22 Greg IP-BLOCK 125.65.112.161
05:04:14 Greg IP-BLOCK 208.64.123.133
05:52:46 Greg IP-BLOCK 125.65.112.161
05:57:04 Greg IP-BLOCK 121.15.245.215
07:07:39 Greg IP-BLOCK 125.65.112.161
08:17:56 Greg IP-BLOCK 125.65.112.217
08:17:56 Greg IP-BLOCK 125.65.112.217
08:20:54 Greg IP-BLOCK 121.15.245.215
08:22:06 Greg IP-BLOCK 125.65.112.161
09:05:33 Greg IP-BLOCK 218.6.15.146
09:36:46 Greg IP-BLOCK 125.65.112.161
10:21:06 Greg IP-BLOCK 222.73.68.25
10:51:15 Greg IP-BLOCK 125.65.112.161
11:52:55 Greg IP-BLOCK 121.15.245.215
11:52:57 Greg IP-BLOCK 121.15.245.215
12:19:50 Greg IP-BLOCK 125.65.112.161
12:21:11 Greg IP-BLOCK 125.65.112.161
12:43:48 Greg IP-BLOCK 125.65.112.217
13:06:02 Greg IP-BLOCK 121.15.245.215
13:06:04 Greg IP-BLOCK 121.15.245.215
13:47:32 Greg IP-BLOCK 125.65.112.161
14:00:06 Greg MESSAGE IP Protection stopped
14:00:10 Greg MESSAGE Database updated successfully
14:00:10 Greg MESSAGE IP Protection started successfully
15:00:41 Greg IP-BLOCK 125.65.112.161
15:07:07 Greg IP-BLOCK 218.6.15.146
15:32:41 Greg IP-BLOCK 121.15.245.215
16:13:52 Greg IP-BLOCK 125.65.112.161
17:14:24 Greg IP-BLOCK 125.65.112.217
17:14:24 Greg IP-BLOCK 125.65.112.217
17:18:16 Greg IP-BLOCK 218.6.15.138
17:27:03 Greg IP-BLOCK 125.65.112.161
17:42:03 Greg IP-BLOCK 219.150.171.69
17:42:06 Greg IP-BLOCK 219.150.171.69
17:58:34 Greg IP-BLOCK 121.15.245.215
18:40:15 Greg IP-BLOCK 125.65.112.161
19:11:41 Greg IP-BLOCK 121.15.245.215
19:11:45 Greg IP-BLOCK 121.15.245.215
19:53:28 Greg IP-BLOCK 125.65.112.161
I've asked Steve to pop in and take a look at your logs.
121.12-15.*, 125.65.111-112.* and 208.64.120-127.* are blocked due to malicious activity (and in the case of the latter, their refusal to deal with abuse on their range).
219.150.171.69 and 218.6.15.146 however, are not in the IPBL, so it's likely this is caused by the bug that has been fixed for 1.41.
If you are not running P2P software and are seeing these, I'd advise looking at your firewall logs in order to determine what is accessing these ranges, and why.
219.150.171.69 and 218.6.15.146 however, are not in the IPBL, so it's likely this is caused by the bug that has been fixed for 1.41.
If you are not running P2P software and are seeing these, I'd advise looking at your firewall logs in order to determine what is accessing these ranges, and why.
I think I may have Azureus or something but I don't use it too often. I do torrent things pretty frequently, so that may be it. Here's the log for today:
20:13:37 Ashley MESSAGE Protection started successfully
20:13:38 Ashley MESSAGE IP Protection started successfully
20:44:48 David MESSAGE Protection started successfully
20:44:48 David MESSAGE IP Protection started successfully
21:04:06 David IP-BLOCK 174.132.104.130
21:04:06 David IP-BLOCK 174.132.104.130
21:04:06 David IP-BLOCK 174.132.104.130
21:04:09 David IP-BLOCK 174.132.104.130
21:04:15 David IP-BLOCK 174.132.104.130
21:07:15 David IP-BLOCK 174.132.104.130
21:07:18 David IP-BLOCK 174.132.104.130
21:07:24 David IP-BLOCK 174.132.104.130
21:09:07 David IP-BLOCK 64.40.118.103
21:09:10 David IP-BLOCK 64.40.118.103
21:11:49 David IP-BLOCK 94.102.146.42
21:11:52 David IP-BLOCK 94.102.146.42
21:11:58 David IP-BLOCK 94.102.146.42
21:18:01 David MESSAGE Protection started successfully
21:18:01 David MESSAGE IP Protection started successfully
21:30:52 David MESSAGE Protection started successfully
21:30:52 David MESSAGE IP Protection started successfully
23:50:54 Ashley IP-BLOCK 64.40.118.103
23:50:57 Ashley IP-BLOCK 64.40.118.103
23:51:03 Ashley IP-BLOCK 64.40.118.103
23:51:35 Ashley IP-BLOCK 64.40.118.103
23:51:38 Ashley IP-BLOCK 64.40.118.103
23:51:44 Ashley IP-BLOCK 64.40.118.103
23:52:15 Ashley IP-BLOCK 64.40.118.103
23:52:17 Ashley IP-BLOCK 64.40.118.103
23:52:23 Ashley IP-BLOCK 64.40.118.103
23:53:34 Ashley IP-BLOCK 64.40.118.103
23:53:37 Ashley IP-BLOCK 64.40.118.103
23:53:43 Ashley IP-BLOCK 64.40.118.103
23:53:55 Ashley IP-BLOCK 64.40.118.103
23:53:58 Ashley IP-BLOCK 64.40.118.103
23:54:04 Ashley IP-BLOCK 64.40.118.103
23:54:15 Ashley IP-BLOCK 64.40.118.103
23:54:18 Ashley IP-BLOCK 64.40.118.103
23:55:55 Ashley IP-BLOCK 64.40.118.103
23:55:58 Ashley IP-BLOCK 64.40.118.103
23:56:04 Ashley IP-BLOCK 64.40.118.103
23:56:33 Ashley IP-BLOCK 64.40.118.103
23:56:36 Ashley IP-BLOCK 64.40.118.103
23:56:42 Ashley IP-BLOCK 64.40.118.103
23:56:54 Ashley IP-BLOCK 64.40.118.103
23:56:57 Ashley IP-BLOCK 64.40.118.103
23:57:03 Ashley IP-BLOCK 64.40.118.103
If there's an option to ignore it, as long as it's still doing what it's supposed to, please let me know. Sorry it took so long to reply to this thread.
20:13:37 Ashley MESSAGE Protection started successfully
20:13:38 Ashley MESSAGE IP Protection started successfully
20:44:48 David MESSAGE Protection started successfully
20:44:48 David MESSAGE IP Protection started successfully
21:04:06 David IP-BLOCK 174.132.104.130
21:04:06 David IP-BLOCK 174.132.104.130
21:04:06 David IP-BLOCK 174.132.104.130
21:04:09 David IP-BLOCK 174.132.104.130
21:04:15 David IP-BLOCK 174.132.104.130
21:07:15 David IP-BLOCK 174.132.104.130
21:07:18 David IP-BLOCK 174.132.104.130
21:07:24 David IP-BLOCK 174.132.104.130
21:09:07 David IP-BLOCK 64.40.118.103
21:09:10 David IP-BLOCK 64.40.118.103
21:11:49 David IP-BLOCK 94.102.146.42
21:11:52 David IP-BLOCK 94.102.146.42
21:11:58 David IP-BLOCK 94.102.146.42
21:18:01 David MESSAGE Protection started successfully
21:18:01 David MESSAGE IP Protection started successfully
21:30:52 David MESSAGE Protection started successfully
21:30:52 David MESSAGE IP Protection started successfully
23:50:54 Ashley IP-BLOCK 64.40.118.103
23:50:57 Ashley IP-BLOCK 64.40.118.103
23:51:03 Ashley IP-BLOCK 64.40.118.103
23:51:35 Ashley IP-BLOCK 64.40.118.103
23:51:38 Ashley IP-BLOCK 64.40.118.103
23:51:44 Ashley IP-BLOCK 64.40.118.103
23:52:15 Ashley IP-BLOCK 64.40.118.103
23:52:17 Ashley IP-BLOCK 64.40.118.103
23:52:23 Ashley IP-BLOCK 64.40.118.103
23:53:34 Ashley IP-BLOCK 64.40.118.103
23:53:37 Ashley IP-BLOCK 64.40.118.103
23:53:43 Ashley IP-BLOCK 64.40.118.103
23:53:55 Ashley IP-BLOCK 64.40.118.103
23:53:58 Ashley IP-BLOCK 64.40.118.103
23:54:04 Ashley IP-BLOCK 64.40.118.103
23:54:15 Ashley IP-BLOCK 64.40.118.103
23:54:18 Ashley IP-BLOCK 64.40.118.103
23:55:55 Ashley IP-BLOCK 64.40.118.103
23:55:58 Ashley IP-BLOCK 64.40.118.103
23:56:04 Ashley IP-BLOCK 64.40.118.103
23:56:33 Ashley IP-BLOCK 64.40.118.103
23:56:36 Ashley IP-BLOCK 64.40.118.103
23:56:42 Ashley IP-BLOCK 64.40.118.103
23:56:54 Ashley IP-BLOCK 64.40.118.103
23:56:57 Ashley IP-BLOCK 64.40.118.103
23:57:03 Ashley IP-BLOCK 64.40.118.103
If there's an option to ignore it, as long as it's still doing what it's supposed to, please let me know. Sorry it took so long to reply to this thread.
QUOTE (Kuravid @ Sep 4 2009, 04:54 AM) 
If there's an option to ignore it, as long as it's still doing what it's supposed to, please let me know. Sorry it took so long to reply to this thread.
There's no option to "ignore it" in the current 1.40 version, only to turn the protection completely off. That is done by clicking on the icon in the system tray and unchecking IP Protection.. With torrenting and P2P programs, you are going to see some pop ups eventually because of how many people are seeding and/or leeching.
QUOTE (MysteryFCM @ Sep 3 2009, 08:52 PM)
121.12-15.*, 125.65.111-112.* and 208.64.120-127.* are blocked due to malicious activity (and in the case of the latter, their refusal to deal with abuse on their range).
219.150.171.69 and 218.6.15.146 however, are not in the IPBL, so it's likely this is caused by the bug that has been fixed for 1.41.
If you are not running P2P software and are seeing these, I'd advise looking at your firewall logs in order to determine what is accessing these ranges, and why.
219.150.171.69 and 218.6.15.146 however, are not in the IPBL, so it's likely this is caused by the bug that has been fixed for 1.41.
If you are not running P2P software and are seeing these, I'd advise looking at your firewall logs in order to determine what is accessing these ranges, and why.
Thanx for the response.
I do not run P2P software. The log tells me nothing as I am not a programmer and wouldn't even know which one to pick. These popups appear for no reason during activity such as reading the news on Yahoo or this forum.
MALWARE bytes should operate without giving its users extra things to do like it did before 1.40
these "blocked IP's" must be false positives as I don't run any peer/peer software and I get the exact same IP blocks. What's up with that. How is it possible for the same IP's to keep coming up on everyone's machine?.
a very "popular" one is 125.65.112.161 fix it please
a very "popular" one is 125.65.112.161 fix it please
Visiting the same type of sites perhaps?
The IP you referenced is on a range that's associated with exploits amongst other things, so it's not going to be removed;
http://hosts-file.net/?s=125.65.112.161
The IP you referenced is on a range that's associated with exploits amongst other things, so it's not going to be removed;
http://hosts-file.net/?s=125.65.112.161
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.