asrl4.pardisdns.com -- 85.17.184.37

[afceaglee]

Hello

i running win 7 64Bit

yesterday and todays i recive a messages that say Malwarebyte blocked an outgoing thread that is potentially is malware

this is today log:

08:19:55 xxx MESSAGE Protection started successfully

08:19:59 xxx MESSAGE IP Protection started successfully

11:45:55 xxx MESSAGE Protection started successfully

11:45:59 xxx MESSAGE IP Protection started successfully

14:31:36 xxx MESSAGE Scheduled update executed successfully

14:32:34 xxx MESSAGE IP Protection stopped

14:32:36 xxx MESSAGE Database updated successfully

14:32:37 xxx MESSAGE IP Protection started successfully

16:27:08 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2190, Process: firefox.exe)

16:27:08 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2191, Process: firefox.exe)

17:04:31 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2910, Process: firefox.exe)

and this is yesterday log:

06:21:03 xxx MESSAGE Protection started successfully

06:21:08 xxx MESSAGE IP Protection started successfully

06:33:07 xxx MESSAGE IP Protection stopped

06:33:13 xxx MESSAGE Database updated successfully

06:33:14 xxx MESSAGE IP Protection started successfully

10:50:19 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 15072, Process: firefox.exe)

10:50:19 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 15073, Process: firefox.exe)

14:05:59 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 17150, Process: firefox.exe)

14:05:59 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 17151, Process: firefox.exe)

14:44:00 xxx ERROR Scheduled update failed: Incomplete transfer failed with error code 0

22:22:02 xxx MESSAGE Protection started successfully

22:22:06 xxx MESSAGE IP Protection started successfully

23:32:41 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1687, Process: firefox.exe)

23:32:41 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1688, Process: firefox.exe)

23:32:41 xxx IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1689, Process: firefox.exe)

i searched for that IP and i found this information :

IP: 85.17.184.37

Decimal: 1427224613

Hostname: asrl4.pardisdns.com

ISP: LeaseWeb B.V.

Organization: LeaseWeb

Services: None detected

Type: Unknown

Assignment: Static IP

Geolocation Information

Country: Netherlands nl flag

State/Region: Noord-Holland

City: Amsterdam

Latitude: 52.35

Longitude: 4.9167

i using malwarebyte 1.51.2.1300 free version (downloaded from malwarebytes.org directly)

installed firefox8.0 directly from mozilla ..

what is this? and how i must do ? please guide me ...

[daledoc1]

Hello and welcome to MBAM, afceaglee:

IP blocking can occur as a result of certain legitimate programs such as Skype and other, P2P programs.

It can also happen when MBAM is doing its job by preventing bad content from websites from infecting your computer.

But it can also be the result of infection on your system, especially if the IP blocks are "outgoing", and if they occur when no browsers are open.

Please have a look at the FAQ - Section G for information about the IP blocking module. It contains instructions for configuring MBAM to ignore an individual IP address, if you wish to do so.

• Alternatively, if, after reading the FAQ Section, you think these IP blocks may be false positives, then please read this sticky and then please start a new thread here.
  
• Finally, if you think, after reading that article, that you might be infected, based on the IP blocks or other abnormal computer behavior, then:
  1. First, please go to THIS PAGE, print out, read and carefully follow as many instructions as you can, skipping any you are unable to complete.
  2. Then, please describe your computer's symptoms as best you can and post the requested MBAM and DDS logs by starting a NEW thread at the Malware Removal-HJT forum . An authorized, trained, malware expert will assist you in checking and (if needed) cleaning your system.
  

Thanks, daledoc1

PS: Please use the button instead of other ones when you reply here and at the other forums, so that it will be easier to read.