Jump to content

Blocking Outgoing IP Address...


Recommended Posts

Hi everyone,

 

I recently re-installed my OS and since installing Malwarebytes I get a message stating something like:

 

Blocked malicious website: 77.78.252.236. Type: Outgoing. Port: 50571. Process: pmb.exe.

 

This has been happening every few minutes. I've tried doing multiple system sweeps with both Malwarebytes and Microsoft Security Essentials. Nothing malicious is ever located and the problem keeps occuring. My internet also seems like it has been very slow since having the problem. I've been getting a 120-350 ping in most games. The only thing that seems to temporarily fix the problem is restarting my modem. I'm on a direct connection so this shouldn't be happening. I'm just assuming it has to do with the blocks, but of course, I could be completely wrong.

 

Here is my most recent quick sweet with the IP blocking log:

 

 
Database version: v2013.10.05.04
 
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Stormtrooper :: STORMTROOPER-PC [administrator]
 
Protection: Enabled
 
10/5/2013 10:17:53 AM
mbam-log-2013-10-05 (10-17-53).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217484
Time elapsed: 2 minute(s), 22 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
2013/10/04 20:03:03 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 50569, Process: pmb.exe)
2013/10/04 20:03:27 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 50819, Process: pmb.exe)
2013/10/04 20:05:35 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 52085, Process: pmb.exe)
2013/10/04 20:08:31 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:08:31 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:08:39 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:09:11 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:09:19 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:09:27 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:10:08 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 54901, Process: pmb.exe)
2013/10/04 20:12:00 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Starting protection
2013/10/04 20:12:00 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Protection started successfully
2013/10/04 20:12:00 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Starting IP protection
2013/10/04 20:12:04 -0700 STORMTROOPER-PC Stormtrooper MESSAGE IP Protection started successfully
2013/10/04 20:18:00 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 109.95.114.247 (Type: outgoing, Port: 49676, Process: pmb.exe)
2013/10/04 20:18:48 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 109.95.114.247 (Type: outgoing, Port: 50184, Process: chrome.exe)
2013/10/04 20:18:48 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 109.95.114.247 (Type: outgoing, Port: 50185, Process: chrome.exe)
2013/10/04 20:18:48 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 109.95.114.247 (Type: outgoing, Port: 50186, Process: chrome.exe)
2013/10/04 20:19:04 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:19:04 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:19:12 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:19:20 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 50457, Process: pmb.exe)
2013/10/04 20:21:44 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 51537, Process: pmb.exe)
2013/10/04 20:21:52 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 51730, Process: pmb.exe)
2013/10/04 20:29:04 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:29:04 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:29:12 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:44:25 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:44:25 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:44:33 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 98.142.248.22 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/04 20:45:53 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 63458, Process: pmb.exe)
2013/10/04 20:46:17 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 63931, Process: pmb.exe)
2013/10/04 20:47:05 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 65178, Process: pmb.exe)
 
2013/10/05 01:47:10 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: outgoing, Port: 57212, Process: pmb.exe)
2013/10/05 01:47:50 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: outgoing, Port: 57673, Process: pmb.exe)
2013/10/05 01:48:14 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: outgoing, Port: 58030, Process: pmb.exe)
2013/10/05 01:48:38 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 85.234.169.164 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/05 01:49:50 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 89.28.75.29 (Type: outgoing, Port: 59598, Process: pmb.exe)
2013/10/05 01:50:30 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 89.28.75.29 (Type: outgoing, Port: 60328, Process: pmb.exe)
2013/10/05 01:50:38 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: outgoing, Port: 60446, Process: pmb.exe)
2013/10/05 01:52:06 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/05 01:53:02 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 85.234.172.13 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/05 01:53:02 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: outgoing, Port: 62442, Process: pmb.exe)
2013/10/05 01:53:35 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.249.154 (Type: outgoing, Port: 62831, Process: pmb.exe)
2013/10/05 01:55:51 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 193.169.12.118 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/05 01:56:07 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 89.28.75.29 (Type: outgoing, Port: 64606, Process: pmb.exe)
2013/10/05 02:21:03 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 31.133.52.39 (Type: outgoing, Port: 50431, Process: pmb.exe)
2013/10/05 02:41:36 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 109.95.114.247 (Type: outgoing, Port: 51283, Process: pmb.exe)
2013/10/05 02:41:36 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 58.241.131.195 (Type: outgoing, Port: 51286, Process: pmb.exe)
2013/10/05 03:02:09 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 178.152.6.137 (Type: incoming, Port: 14006, Process: skype.exe)
2013/10/05 09:57:35 -0700 STORMTROOPER-PC (null) MESSAGE Starting protection
2013/10/05 09:57:35 -0700 STORMTROOPER-PC (null) MESSAGE Protection started successfully
2013/10/05 09:57:35 -0700 STORMTROOPER-PC (null) MESSAGE Starting IP protection
2013/10/05 09:57:37 -0700 STORMTROOPER-PC (null) MESSAGE IP Protection started successfully
2013/10/05 10:08:07 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 50571, Process: pmb.exe)
2013/10/05 10:10:31 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 51338, Process: pmb.exe)
2013/10/05 10:11:35 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 51750, Process: pmb.exe)
2013/10/05 10:13:43 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 52490, Process: pmb.exe)
2013/10/05 10:15:19 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 53228, Process: pmb.exe)
2013/10/05 10:16:39 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 53878, Process: pmb.exe)
2013/10/05 10:17:14 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Starting database refresh
2013/10/05 10:17:14 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Stopping IP protection
2013/10/05 10:17:14 -0700 STORMTROOPER-PC Stormtrooper MESSAGE IP Protection stopped successfully
2013/10/05 10:17:16 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Database refreshed successfully
2013/10/05 10:17:16 -0700 STORMTROOPER-PC Stormtrooper MESSAGE Starting IP protection
2013/10/05 10:17:19 -0700 STORMTROOPER-PC Stormtrooper MESSAGE IP Protection started successfully
2013/10/05 10:19:00 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 54917, Process: pmb.exe)
2013/10/05 10:23:56 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 57329, Process: pmb.exe)
2013/10/05 10:25:33 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 91.188.50.230 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/05 10:34:13 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 91.188.50.230 (Type: incoming, Port: 56573, Process: pmb.exe)
2013/10/05 10:35:17 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 64288, Process: pmb.exe)
2013/10/05 10:41:25 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 51868, Process: pmb.exe)
2013/10/05 10:42:37 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 52501, Process: pmb.exe)
2013/10/05 10:42:45 -0700 STORMTROOPER-PC Stormtrooper IP-BLOCK 77.78.252.236 (Type: outgoing, Port: 52650, Process: pmb.exe)
 
Hope this helps!

 

Link to post
Share on other sites

  • Root Admin

Hello and :welcome:

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.