Jump to content

Outbound block on 91.227.115.62


Recommended Posts

Hello:

Two different household laptops are receiving this same message. One has malwarebytes and avg av loaded. This one shows blocking avg. The other laptop has McAfee and Malwarebytes, this one shows Iexplorer.exe as the culprit. Below is the McAfee log.

I attempted a tracert to the ip address and it comes back with 'general error' (see below) presumably because Malwarebytes is blocking immediately. tracert on the internet shows the below.

Any idea what is causing this? Or how to get rid of this? Or, is this a false positive?

13:58:27 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 49570, Process: iexplore.exe)

13:58:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 49605, Process: iexplore.exe)

13:58:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 49606, Process: iexplore.exe)

14:23:58 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:23:58 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:24:06 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:24:06 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

14:25:10 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:10 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:10 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:11 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

14:37:57 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:38:05 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:38:05 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:38:05 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

91.227.115.62 is from Slovak Republic(SK) in region Eastern Europe

Link to post
Share on other sites

Hello:

Two different household laptops are receiving this same message. One has malwarebytes and avg av loaded. This one shows blocking avg. The other laptop has McAfee and Malwarebytes, this one shows Iexplorer.exe as the culprit. Below is the McAfee log.

I attempted a tracert to the ip address and it comes back with 'general error' (see below) presumably because Malwarebytes is blocking immediately. tracert on the internet shows the below.

Any idea what is causing this? Or how to get rid of this? Or, is this a false positive?

13:58:27 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 49570, Process: iexplore.exe)

13:58:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 49605, Process: iexplore.exe)

13:58:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 49606, Process: iexplore.exe)

14:23:58 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:23:58 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:24:06 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:24:06 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

14:25:10 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:10 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:10 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:11 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:25:43 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

14:37:57 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:38:05 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:38:05 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 137)

14:38:05 IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 8)

91.227.115.62 is from Slovak Republic(SK) in region Eastern Europe

I copied and pasted that ip into my browser/firefox and malwarebytes blocked it instantly!! This is what I got:

IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 62000, Process: avastsvc.exe)

IP-BLOCK 91.227.115.62 (Type: outgoing, Port: 62001, Process: avastsvc.exe)

One a side note my computer is NOT infected with anything!! So I would ASSume it most likely is a website that has malicious content on it.

Link to post
Share on other sites

Hello and welcome, philb:

IP blocking can occur as a result of certain legitimate programs such as Skype and other P2P programs.

It can also happen when MBAM is doing its job by preventing bad content from websites from infecting your computer.

But it can also be the result of infection on your system, especially if the IP blocks are "outgoing", and if they occur when no browsers are open.

Please have a look at the FAQ - Section G for information about the IP blocking module. It explains why MBAM appears to be blocking your antivirus program, as well as instructions for configuring MBAM to ignore an individual IP address, if you wish to do so.

  • Alternatively, if, after reading the FAQ Section, you think these IP blocks may be false positives, then please read this sticky and then please start a new thread here.
  • Finally, if you think, after reading that article, that you might be infected, based on the IP blocks or other abnormal computer behavior, then:
    1. First, please go to THIS PAGE, print out, read and carefully follow as many instructions as you can, skipping any you are unable to complete.
    2. Then, please describe your computer's symptoms as best you can and post the requested MBAM and DDS logs by starting a NEW thread at the Malware Removal-HJT forum . An authorized, trained, malware expert will assist you in checking and (if needed) cleaning your system.

Thanks, daledoc1

PS: Please use the zMn2t.jpg button instead of other ones when you reply here and at the other forums, so that it will be easier to read. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.