karimoo

Windows Media Player and MBAM..

75 posts in this topic

Need something to start with - Still using my Win 7 L/top (have been since this started) -

I will need to unplug it and risk my XP now -

Share this post


Link to post
Share on other sites

Garybear,

You wouldn't get an IP block when not connected to the internet; nothing can go in or out when you are NOT connected to the internet. :(

Share this post


Link to post
Share on other sites

Hi mountaintree

I hear what your saying but if I had a infection on my PC, wouldn't malwarebytes try to stop it from getting out even if I'm not connected to the net. I don't know ??? I think Malwarebytes needs to up grade and tell us if the blocked IP is coming in or going out. I guess I just assumed until now it only blocked incoming, and never worried about out going. If I had a nastie on my PC, I would want MBAM to stop it going out.

Garybear

Share this post


Link to post
Share on other sites

Hey Garybear,

I am not on staff or anything like that so I can't speak for Malwarebytes staff, admins, or moderators, but my guess is that they probably don't know at this time if it is coming in or out. MY GUESS (and this is ONLY a guess and MY OPINION ONLY) is that it's incoming, so probably nothing to be worried about.

I'm sure that someone will be looking into this soon.

I am going to test this out on my system and see what happens for me as soon as I have a chance. I doubt that that'll be tonight, though.

If you are NOT connected to the internet, nothing can "call in" or "call out", so to speak.

If you try to update Malwarebytes or your antivirus, for example, when you are not connected to the internet, it will not work.

If you have a data-stealing Trojan on your machine, for example, you will be advised to immediately disconnect from the internet. This is because when you are NOT connected to the internet, nothing can "call home" to your machine.

You'll be happy to know that Malwarebytes blocks both incoming and outgoing IP addresses :(

Share this post


Link to post
Share on other sites

The big question is "Whats causing WMP to trigger this?" "And how long has this been waiting to effect everyone"? That's the scary part. One thing I'm not going to do is turn off my IP blocker, or allow this IP on my PC. I think someone said they done that. Dumb.

Garybear!

Share this post


Link to post
Share on other sites

I agree, the IP blocker should NOT be turned off, it most certainly should be left on.

Share this post


Link to post
Share on other sites

Hi mountaintree!

Glad to hear Mbam blocks both ways. I don't know much about these things, and I'm always learning. Thanks for your post. If this is incoming, what is the purpose? Is it trying to infect our PC's?? If I allow it, what happens? Where is it coming from? Who's trying to shake hands with my PC? Is this like malware or spies or Virus? I have a lot of questions.

Garybear

Share this post


Link to post
Share on other sites

Garybear,

You're welcome :(

It is great to know that Mbam blocks both ways, I agree :)

Basically with incoming, the IP's that are blocked are malicious IP addresses that would otherwise most likely infect your computer. (Either something malicious from the IP or website itself or from an advertisement that is on a malicious IP address/range that is malcious itself, even if the rest of the website is fine).

Please check out this link for information on the IP Protection Module :):

http://forums.malwarebytes.org/index.php?s...mp;#entry162100

I am not sure of all the answers to your questions; though. I'm sure someone will be able to jump in here and explain better than I.

Share this post


Link to post
Share on other sites
I think someone said they done that. Dumb.Garybear!

Please be very careful, when you make these comments, the person who did this is way ahead of us in terms of knowledge, even Experts praise him

Share this post


Link to post
Share on other sites
I hope this will help. I just disconnected from the internet. I don't get the IP block while I'm not connected. I can confirm this. It only happens while connected to the internet.

Garybear

This action proves that MBAM is only blocking while it is getting an incoming/infection alert - The IP concerned -

It has not installed on the system or you would get the constant notices like described in Section G of the FAQ , as with P2P (or similar) popup blocking -

There is an issue here that is involved with some common ?? download/application via Media Player -

EDIT -

If the IP is being blocked and WMP is still playing music etc it seems safe to use - Unless it shuts WMP down - Then do not try to open til the experts solve the issue -

Share this post


Link to post
Share on other sites

I was able to get onto my computer real quick tonight.

AV just freshly updated prior to checking this, Mbam fully up to date prior to checking this.

I just opened WMP.

I got an IP block to this IP:

00:13:52 IP-BLOCK 213.174.154.144

00:13:55 IP-BLOCK 213.174.154.144

00:14:01 IP-BLOCK 213.174.154.144

I'm running XP. Again, I KNOW that my machine is not infected, so that is not a factor in the IP block for me.

VM player Version 11. Fully updated as far as I know. When I click check for updates, it tells me that setup is already running?? Which is weird...

Actually, two minutes later, I checked, and it told me that WMP is fully up to date, and that no updates are available at this time. So WMP is fully up to date.

I don't have time to check this out any further tonight, but just wanted to report back here :)

Share this post


Link to post
Share on other sites

Hi. This is what I get all the time. When I reported this on this forum, they wanted me to report this on Anti-Malware Forum. I was fairly sure that I had a clean PC, so I did not bother the malware team. I'm not liked by the Chinese for a good reason. It has to do with them and Malwarebytes. I can't go any further with that, but this is what I get all the time. I'm not worried. MBAM is doing what it's supposed to do; protect me from malicious IP addresses. I love MBAM.post-43884-1285479331_thumb.jpg

Share this post


Link to post
Share on other sites

I deleted my last post because we have found the issue. There is a banned IP that the Microsoft store is pulling a file from and that is being blocked. The file is nothing more than a harmless icon so there is no danger here.

Due to the massive number of WMP users this is going to quickly get out of hand so for now we will unblock this IP and contact Microsoft to get this resolved.

Share this post


Link to post
Share on other sites
I deleted my last post because we have found the issue. There is a banned IP that the Microsoft store is pulling a file from and that is being blocked. The file is nothing more than a harmless icon so there is no danger here.

Due to the massive number of WMP users this is going to quickly get out of hand so for now we will unblock this IP and contact Microsoft to get this resolved.

TY so much for the info and sure do appreciate your help.

Share this post


Link to post
Share on other sites

Hey Gary TY TY hun for all the info and the Reply one Thanks so much,Hey the info on IP Blocked has been turned over to a Tech Guy to see why we all are getting the IP Blocked.We just got to hang in there :-) Cricket

Share this post


Link to post
Share on other sites
Hey Gary TY TY hun for all the info and the Reply one Thanks so much,Hey the info on IP Blocked has been turned over to a Tech Guy to see why we all are getting the IP Blocked.We just got to hang in there :-) Cricket

It's ok to use the quote some times cricket. This is a good example.

You are very welcome, and I'm glad this had a good ending. Thank you for your input to this also my friend!

Garybear PS click on my two monkeys and watch the monkey on the right tail. It cracks me up.

Share this post


Link to post
Share on other sites

Thank you Nosirrah for the information and letting us know what was going on :)

Share this post


Link to post
Share on other sites
I deleted my last post because we have found the issue. There is a banned IP that the Microsoft store is pulling a file from and that is being blocked. The file is nothing more than a harmless icon so there is no danger here.

Due to the massive number of WMP users this is going to quickly get out of hand so for now we will unblock this IP and contact Microsoft to get this resolved.

I'm still getting the pop-up when I open WMP - is it still OK to start using WMP again?

Share this post


Link to post
Share on other sites

@Diana80

Maybe a silly question, but have you updated Malwarebytes to its most current definitions before trying WMP again?

Share this post


Link to post
Share on other sites

Before I updated MBAM DB4695 9/25/10, I open wmp and got the IP addy blocked and after updating MBAM DB4700 9/26/10

No More IP addy block so update MBAM and the problem will be resolved and Yes you can use your WMP. :)

Share this post


Link to post
Share on other sites
@Diana80

Maybe a silly question, but have you updated Malwarebytes to its most current definitions before trying WMP again?

LOL! That's what I forgot to do! I just updated it and when I open WMP it doesn't do it anymore. Thanks! :)

Share this post


Link to post
Share on other sites

Excellent! I'm glad that that resolved this for you :)

You're welcome :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.