Jump to content

Why blocking?


Recommended Posts

Hi all

 

Come across something that is starting to annoy me.  Every time I open up one ogf my favourites, Malwarebytes blocks IP 31.222.0.1 which I have traced to be the IP for Net1 GmbH, who are supposed to be a financial institution, based in Germany, with server in Belize.  I am not trying to open up this IP, but I think it may have something to do with a pop-up.  The way round is to disable Malwarebytes, whic has left me vunerable in the past.  Everytime I disable and use the site, I carry out a clean-up after usuing the site. This is on my PC.

 

Right, if I go to the same site on my laptop, I don't get a block from Malwarebytes and just leave things alone, just go through the annoying Pop-ups, which go after 20seconds.  However, last Sunday, I went onto the site as usual to watch football and a new pop-up appeared.  I could go now further, no matter what I did.  This pop-up was telling me that my flash player needed updating. It looked like Adobe, so I tried the update.  OMG, my laptop froze and that was it. Closed down and started a clean-up.  Two hours later, these were the results: Malwarebyttes - 53 Objects, AVG - 7 Trojans, Spybot - 13 trackers. Now, I had only carried out a clean-up the day before.

 

Can someone explain and advise why I get MB blocking me on my PC, but now on my lappy?

 

Thanks and Happy new Year to you all  .

Link to post
Share on other sites

Hi, Stokkers:
 

Two hours later, these were the results: Malwarebyttes - 53 Objects, AVG - 7 Trojans, Spybot - 13 trackers. Now, I had only carried out a clean-up the day before.

 
IP blocks can indicate a number of things:

  • They could indicate that MBAM is doing its job of blocking bad content on websites, such as banner ads.
  • In some cases the blocks are a false positive.
  • However, they can also be a sign of infection, especially if the blocks are outgoing and they occur when no browsers are open.

--> There is more information about the IP blocking module in the in the Help Desk topics HERE and HERE and HERE, and in the FAQ - Section G.
They also contain instructions on how to determine what process might be trying to make the connections.
You may also research the IP in question at www.ip-lookup.net or a similar site.

On the other hand, if you think the IP blocks might be a false positive, then please read this pinned topic before starting a new topic in the Website Blocking False Positives sub-forum.

>>>>>Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following for the available options to have a malware expert assist you with the cleaning process Available Assistance For Possibly Infected Computers.  A malware expert will guide you through scanning your system and cleaning it of any malware.
>>>>Under the circumstances, since you say that both MBAM and AVG have picked up infections, this is probably the best and safest course of action for you at this time.

Thanks,

daledoc1

Link to post
Share on other sites

Hi:

 

The IP blocks and popups you clicked that "looked like Adobe" you describe certainly sound suspicious.

(BTW that IP you mentioned is in the Czech Republic, not Belize.)

And you report multiple detections on your scans and the fact that you dealt with IP blocks by disabling the real-time IP protection of MBAM.

 

That sounds suspicious for infection.

Only the experts can determine that.

The help in the malware removal section of the forum is free.

 

But it's up to you.

If you do decide to get help there, please follow the advice here first: Available Assistance for Possibly Infected Computers.

And then please start a SEPARATE, NEW post for EACH of the 2 different computers >>HERE<<.

 

Cheers,

 

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.