Jump to content

asrl4.pardisdns.com -- 85.17.184.37


Recommended Posts

Hello

i running win 7 64Bit

yesterday and todays i recive a messages that say Malwarebyte blocked an outgoing thread that is potentially is malware

this is today log:

08:19:55 xxx MESSAGE Protection started successfully

08:19:59 xxx MESSAGE IP Protection started successfully

11:45:55 xxx MESSAGE Protection started successfully

11:45:59 xxx MESSAGE IP Protection started successfully

14:31:36 xxx MESSAGE Scheduled update executed successfully

14:32:34 xxx MESSAGE IP Protection stopped

14:32:36 xxx MESSAGE Database updated successfully

14:32:37 xxx MESSAGE IP Protection started successfully

16:27:08 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2190, Process: firefox.exe)

16:27:08 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2191, Process: firefox.exe)

17:04:31 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2910, Process: firefox.exe)

and this is yesterday log:

06:21:03 xxx MESSAGE Protection started successfully

06:21:08 xxx MESSAGE IP Protection started successfully

06:33:07 xxx MESSAGE IP Protection stopped

06:33:13 xxx MESSAGE Database updated successfully

06:33:14 xxx MESSAGE IP Protection started successfully

10:50:19 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 15072, Process: firefox.exe)

10:50:19 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 15073, Process: firefox.exe)

14:05:59 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 17150, Process: firefox.exe)

14:05:59 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 17151, Process: firefox.exe)

14:44:00 xxx ERROR Scheduled update failed: Incomplete transfer failed with error code 0

22:22:02 xxx MESSAGE Protection started successfully

22:22:06 xxx MESSAGE IP Protection started successfully

23:32:41 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1687, Process: firefox.exe)

23:32:41 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1688, Process: firefox.exe)

23:32:41 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1689, Process: firefox.exe)

i searched for that IP and i found this information :

IP: 85.17.184.37

Decimal: 1427224613

Hostname: asrl4.pardisdns.com

ISP: LeaseWeb B.V.

Organization: LeaseWeb

Services: None detected

Type: Unknown

Assignment: Static IP

Geolocation Information

Country: Netherlands nl flag

State/Region: Noord-Holland

City: Amsterdam

Latitude: 52.35

Longitude: 4.9167

i using malwarebyte 1.51.2.1300 free version (downloaded from malwarebytes.org directly)

installed firefox8.0 directly from mozilla ..

what is this? and how i must do ? please guide me ... :(

Link to post
Share on other sites

Hello and welcome to MBAM, afceaglee:

IP blocking can occur as a result of certain legitimate programs such as Skype and other, P2P programs.

It can also happen when MBAM is doing its job by preventing bad content from websites from infecting your computer.

But it can also be the result of infection on your system, especially if the IP blocks are "outgoing", and if they occur when no browsers are open.

Please have a look at the FAQ - Section G for information about the IP blocking module. It contains instructions for configuring MBAM to ignore an individual IP address, if you wish to do so.

  • Alternatively, if, after reading the FAQ Section, you think these IP blocks may be false positives, then please read this sticky and then please start a new thread here.
  • Finally, if you think, after reading that article, that you might be infected, based on the IP blocks or other abnormal computer behavior, then:
    1. First, please go to THIS PAGE, print out, read and carefully follow as many instructions as you can, skipping any you are unable to complete.
    2. Then, please describe your computer's symptoms as best you can and post the requested MBAM and DDS logs by starting a NEW thread at the Malware Removal-HJT forum . An authorized, trained, malware expert will assist you in checking and (if needed) cleaning your system.

Thanks, daledoc1

PS: Please use the zMn2t.jpg button instead of other ones when you reply here and at the other forums, so that it will be easier to read. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.