Jump to content


Photo

Malwarebytes Anti-Malware IP blocked 89.28.8.80 (Type: outgoing)

IP blocked 89.28.80

  • Please log in to reply
7 replies to this topic

#1 Jinx007

Jinx007

    New Member

  • Members
  • Pip
  • 20 posts

Posted 05 May 2012 - 07:46 PM

Hi,

For a week now I have had this message from my MBAM:

IP blocked 89.28.8.80 (Type: outgoing)

I have run Sophos Virus Removal Tool, Kaspersky Removal Tool, as well as Avira (free version) - all of them with the latest updates.
All the scans I do with the aboved mentioned softwares give me a clean bill of health even MBAM. Any idea as to what is giving me this message from MBAM?

If this helps:
Windows XP SP3

MBAM 1.61.0.1400 (Trial version 13 days remaining) with latest update - should I download the plain version instead?


Please let me know which logs you need. This is slowly but surely driving me crazy...

Thanks in advance,

Jinx007

#2 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,871 posts
  • Gender:Not Telling

Posted 05 May 2012 - 08:11 PM

Hello and welcome, jinx007:

IP blocks can indicate a number of things:
  • It could indicate that MBAM is doing its job of blocking bad content on websites.
  • They can also occur when running certain P2P and other programs, such as Skype -- For example, please see this recent post by forum Admin AdvancedSetup about IP blocks and Skype.
  • In some cases the blocks are a false positive.
  • However, they can also be a sign of infection, especially if the blocks are outgoing and they occur when no browsers are open.
--> There is more information about the IP blocking module in the FAQ - Section G.
It includes instructions on how to set MBAM to ignore a particular IP, if you wish to do so.
It also contains instructions on how to determine what process might be trying to make the connections.
And you may also research the IP in question at www.ip-lookup.net or a similar site.

On the other hand, if you think the IP blocks might be a false positive, then please read this article before starting a new topic in the False Positives forum.

Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following to begin the cleaning process.
  • Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  • If the infection has so crippled the computer that you cannot complete some or all of the steps, then just do the best you can and start a new topic as described below.
  • Then please start a new post in the Malware Removal forum.
  • When starting your new post, please note the following:
  • Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  • Please COPY/PASTE the requested logs into your post, rather than attaching them.
  • Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  • Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  • Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  • Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.
Please be patient - someone will assist you as soon as possible.

Thanks!

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#3 Jinx007

Jinx007

    New Member

  • Members
  • Pip
  • 20 posts

Posted 05 May 2012 - 08:21 PM

Surfed the forum and found Possible Update Issues http://forums.malwar...owtopic=103600.

Followed instruction regarding mbam clean exe. I had noticed that after I had updated to the latest version my trial went beyond 13 days and didn't much of it...

Redownloaded malwarebytes and re activated the trial version to see if I will get the same error message. Will report tomorrow.

Thanks Daledoc for the info I'll check the section G and FAQ, and if need be move over to the malware removal forum.

#4 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,871 posts
  • Gender:Not Telling

Posted 05 May 2012 - 08:29 PM

Redownloaded malwarebytes and re activated the trial version to see if I will get the same error message. Will report tomorrow.


OK, thanks for letting us know.

FWIW, this is NOT an "error" message - it is indicative of the IP blocking module of MBAM at work. :)
So reinstalling the program probably won't have any effect until you can exclude whether the block is being generated by some P2P process (such as skype or torrent software), by a "false positive", or by infection.

The information in that FAQ article will help you to determine which of these might be happening, and how to proceed in each case.

Let us know what you find out.

Cheers,

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#5 Jinx007

Jinx007

    New Member

  • Members
  • Pip
  • 20 posts

Posted 05 May 2012 - 08:58 PM

Hi daledoc1,

Yes of course, it's not an "error message" Wishful thinking ;) :) .
So far no mention of that IP yet from MBAM, ran Tcpview (the IP mentionned was not there) and posted dds logs in the removal malware section logs to see if anything comes up.

Thanks again,

Jinx007

#6 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,871 posts
  • Gender:Not Telling

Posted 05 May 2012 - 11:35 PM

and posted dds logs in the removal malware section logs to see if anything comes up.


OK, one of the malware experts will review them and advise how to proceed.
Please be patient and wait for assistance in that topic -- the malware removal section can be busy and it may be a 48 hours or so before someone can reply to your post.

They can also occur when running certain P2P and other programs, such as Skype -- For example, please see this recent post by forum Admin AdvancedSetup about IP blocks and Skype.


Are you running Skype?
If so, that could possibly be the explanation for the IP blocks you are seeing.
(Please read the post to which I provided the link.)
Having said that, if you're not sure if you could be infected, then it would be advisable to wait for an expert to reply to your post in the malware removal section, just to be sure.

Best regards,

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#7 Jinx007

Jinx007

    New Member

  • Members
  • Pip
  • 20 posts

Posted 06 May 2012 - 01:53 PM

Hello daledoc1,

I read that article yesterday but the odd thing is that the IP blocking message from MBAM was coming up when I wasn't running skype.
It's really weird that now, still going about usual routine on my computer, and MBAM's message concerning that IP no longer popping up....posted combofix log now in the other section and waiting for reply. Thanks for your help daledoc1.

#8 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,871 posts
  • Gender:Not Telling

Posted 06 May 2012 - 01:56 PM

Hi, jinx007:

Thanks for the update.

It looks as if you are working with Elise in the malware removal section.
She will get you all checked out and cleaned up. :)
So, please stick with that topic until she gives you the "all clear". :)

Best regards,

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users