-
Posts
868 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by John A
-
Thanks for that info, MattsComputers. I was interested in the new MSE feature "protection from network based attacks" and whether that conflicted at all with MBAM IP blocking.
-
Has anyone tested Malware Bytes real time protection together with the new MSE 2.0?
-
Constant blocking of Skype IP 193.169.40.7
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
Hi Sharmin From the response from Skype Support in the above link, my guess is that what you are seeing is either a Supernode or a Relay Node. Skype depends on decentralising its traffic to achieve its voice & video quality. As Skype Support says "Skype is a peer-to-peer (P2P) application. Peer-to-peer makes it possible for multiple computers running the same P2P software to communicate and participate in traffic routing, processing and other bandwidth intensive tasks that are usually performed by a central server" So it is likely to access anywhere in the world to achieve this, and it also explains why some Skype users see different IP blocks to others. But Skype point out that actual Skype communications between users are encrypted. They also say "Our security model also prevents anyone with a supernode or relay node from interfering with, or capturing any part of, a Skype communication, even if they can collect or sniff network data packets. It also makes it very difficult for anybody to eavesdrop on content by installing an internet computer in the theoretical path of Skype traffic" I had a period when I was tracking IP blocks where Skype kept trying to hit a particular IP address but stopped after a couple of weeks and then a different one happened. You will probably find that your Skype will move on from 193.169.40.7 eventually, and you may get no further blocks, or you may get blocks to some other IP address. All that is part of the package when you install P2P software. In Skypes' case, MBAM IP Blocking has revealed some of its workings normally hidden under the bonnet .... -
Constant blocking of Skype IP 193.169.40.7
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
Hello Shamrin Did you see the response from Skype Support re this here? I only have Skype running now when I am actually using it. I suggest that you don't worry about it - it is highly unlikely to affect the functionality of Skype if these are blocked by MBAM, and Skype itself seems quite secure. You could turn off the tooltip balloons and just check the logs periodically for non-Skype blocks -
Your friend is using Windows Media player, so it would be normal for music file icons to become "music notes" Re the .INK file - do you mean .LNK file? If so, you may have sent a Windows Link file instead of a music file. Get your friend to right click on the .LNK file and choose Properties then see what it says in "Target" - it may be a reference to a file on your hard disk, so you can then have a look at what it was.
-
IP Block on Outgoing
John A replied to whatmeworry?'s topic in Malwarebytes for Windows Support Forum
No worries. I became interested in this issue when Skype caused IP blocks on my computers. In XP, MBAM can't name the process causing the blocked IP address because XP can't provide the information. One of the experts will have to explain the difference between IP blocking and a firewall, all I know is that they are different functions and that IP blocking does not replace a firewall. IP blocking in MAM operates on all internet operations, not just browsers -
IP Block on Outgoing
John A replied to whatmeworry?'s topic in Malwarebytes for Windows Support Forum
Hello Whatmeworry See explanantion of IP Blocking Section G here MBAM 1.5 will tell you the name of the process attempting to access the IP address but only on Windows 7 or Vista - not XP - see this thread for an explanation. So it is a bit difficult to ascertain the source in XP. If you were surfing at the time then it may have been your browser that was accessing that IP. It can also occur with Skype and similar programs even when you are not using them (provided they are running). If it happens when you are accessing a site that you think is safe you should report the block as a possible false positive here. But it can also occur if you have malware, so if you are not sure what may have caused it you should do scans with your AV and MBAM MBAM IP blocking works differently to a firewall, so the fact that your firewall didn't complain is not surprising. -
67.212.74.82 Constantly Flagged as Blocked
John A replied to imjohn's topic in Malwarebytes for Windows Support Forum
You need to ask Google why Chrome might be accessing that IP address - and they should be able to at least give you some clues. Is Chome actually loaded when you get the IP block - Chrome loads something at startup, I recall, maybe it is that? I also got a Canadian IP block from Thunderbird - InterWeb at Montreal 76.76.106.186. I am fairly sure it happened when I accidently clicked on a spam email -
Malwarebytes (Pro) Only ?
John A replied to future's topic in Malwarebytes for Windows Support Forum
... also Microsoft Security Essentials . -
67.212.74.82 Constantly Flagged as Blocked
John A replied to imjohn's topic in Malwarebytes for Windows Support Forum
Knowing that it is Google Chrome that is accessing the site, and tat it doesn't happen on your computer with internet accesses from other programs, I suggest that you ask Google Support for an answer. I had a similar issue with Skype and they explained it - see this thread. -
Hi Lork Suggest you look at the explanation here. Post back if you have any more questions.
-
Hello Pooh Your dial-up provider would not be filtering all malware - but they may be filtering some email messages that are spam or that contain malware. If your system is clean, and you are careful where you go on the internet, and you don't install downloaded software that is not trustworthy, then it is quite normal for your Avast and MalwareBytes to not find any malware. As for Avast finding malware and removing it silently, you could check the Avast settings - I think that it has a Silent Mode that can be switched on/off. But be assured that you should still have your Avast and Malwarebytes monitoring your system.
-
Update Error 12007,0, WinHttpSendRequest
John A replied to sPiDeRpIg's topic in Malwarebytes for Windows Support Forum
There is a thread here that might be helpful - although the suggested fix requires registry changes -
Malwarebytes' Anti-Malware 1.50 Public Beta Now Available
John A replied to Swandog46's topic in Malwarebytes News
When the final is released, can it be installed over the Beta, or should Beta be removed first? -
These occurrences should appear in your "protection-log ..." files.
-
Is Skype running? See this thread
-
I get this error with 1.5B when I first turn the computer on, after that MBAM seems quite happy. 06:17:54 (null) MESSAGE Scheduled update executed successfully 06:17:57 (null) ERROR Scheduled scan failed: GetUserToken failed with error code 0 06:18:14 John Marg MESSAGE Protection started successfully 06:18:18 John Marg MESSAGE IP Protection started successfully 06:19:04 John Marg MESSAGE IP Protection stopped 06:19:06 John Marg MESSAGE Database updated successfully 06:19:07 John Marg MESSAGE IP Protection started successfully 06:26:08 John Marg MESSAGE Scheduled update executed successfully 06:26:12 John Marg MESSAGE Scheduled scan executed successfully 06:27:09 John Marg MESSAGE IP Protection stopped 06:27:11 John Marg MESSAGE Database updated successfully 06:27:11 John Marg MESSAGE IP Protection started successfully The problem occurs between Windows startup and Login (which requires a password). In my MBAM Scheduler I have two scheduled tasks: 1. Quick Scan, Daily, with a tick against "Perform scheduled scan silently from system account" 2. Update, hourly, run Flash Scan after update (but there is no option to run this flash scan silently) It looks like updates before I log in OK then the initial Fash Scan fails. I suggest that in the Update settings in the Scheduler, you add a tick box - "Perform Flash scan silently from system account" ?
-
Blocked IPs - Who's phoning home?
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
Well again there was a rapid response from Skype Support about the suspect IP addresses caught by MBAM. Below is what they said. Interesting how it works. It seems that blocking these IPs is highly unlikely to cause any performance issues with Skype. "We understand the inconvenience that might cause and we appreciate your patience and understanding.Skype is a peer-to-peer (P2P) application. Peer-to-peer makes it possible for multiple computers running the same P2P software to communicate and participate in traffic routing, processing and other bandwidth intensive tasks that are usually performed by a central server. P2P allows sharing files containing audio, video, data and real-time data. Skype has no single -
Blocked IPs - Who's phoning home?
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
I have had two "as-promised within 12 hours" responses from Skype support on other matters recently - I thought their service was good. I might try this one on them and see what happens. -
Blocked IPs - Who's phoning home?
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
Using MBAM ,5 Beta, which identifies the process involved, it caught Skype red handed 08:59:59 John Marg IP-BLOCK 222.68.159.215 (Type: outgoing, Port: 42255, Process: skype.exe) The next question is - should we take this issue up with Skype? -
Blocked IPs - Who's phoning home?
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
It will be interesting to see if you come to the same conclusion as me. -
Blocked IPs - Who's phoning home?
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
When Skype is running, my lated ip blocks are: 222.68.159.215 Beijing China, China Telecom 121.13.9.119 Beijing China, China Telecom 62.45.227.30 Netherlands -
Blocked IPs - Who's phoning home?
John A replied to shamrin's topic in Malwarebytes for Windows Support Forum
Yes it seems very odd to me too. I am interested in how do disable Supernode and maintain Skype functionality? There is a relevant discussion here http://forum.skype.com/index.php?showtopic=32639