Jump to content

Blocked Sites - Odd Hours Help


Recommended Posts

Hey Guys

 

Have a pc that so far has had a number of blocked site attemps at odd hours of the morning the last few days.

 

They are always incoming attempts on these 2 IPS

 

89.248.171.142

118.123.114.48

 

Both on PORT 3389

 

Are their any tools or sites that tells me what sites are running frm that IP and or further details as to why its on the malwarebytes blacklist?

The report from the manegement console is rather lacking.

 

Here is an Example of the multiple emails that have come through

 

Alert Time: 27/06/2015 5:14:54 AM
Server Hostname: #################
Server Domain/Workgroup: #############
Server IP: ####################
Notification Catalog: Client
Description:
Malware threat detected, see details below:

27/06/2015 5:12:56 AM    XXXX    <INTERNAL IP>    Blocked web site    Type: incoming, Port: 3389    89.248.171.142
27/06/2015 5:13:04 AM    XXXX   <INTERNAL IP>    Blocked web site    Type: incoming, Port: 3389    89.248.171.142
27/06/2015 5:13:12 AM    XXXX    <INTERNAL IP>    Blocked web site    Type: incoming, Port: 3389    89.248.171.142

Total count: 3.

--------------------------------------------
Comment: This email was generated by Malwarebytes Management Server. Please do not reply to this message.
 

 

 

Cheers

 

Link to post
Share on other sites

  • Staff

Hey Peteo,

 

Sites like virustotal may give you more of an incite as to why this is being blocked. However, it may not have the reason why we have it in our database. If you would like to know more about it, I can get more information about it. But I would like to create a e-mail ticket for this. There may also be an infection on the computer which I would like to verify with a diagnostic log. Is this something you would like to do?

 

Thank you,

 

Ron S

Link to post
Share on other sites

Hey Ron.

Sure lets create a ticket.
I have already run a scan on the PC and it turned up Clean, We had also run a antivirus scan without our trend micro office scan, also came out clean. Lets open the ticket so we can get some more details of whats going on here.

Cheers

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.