Jump to content

Successfully blocked access blah blah blah

Grindcore
 Share

Recommended Posts

Firefox

Firefox

Posted
Posted

Hello and :welcome:

IP blocks can indicate a number of things:

  • They could indicate that MBAM is doing its job of blocking bad content on websites.
  • In some cases the blocks are a false positive.
  • However, they can also be a sign of infection, especially if the blocks are outgoing and they occur when no browsers are open.
--> There is more information about the IP blocking module in the in the Help Desk topics HERE and HERE and HERE, and in the FAQ - Section G.

They also contain instructions on how to determine what process might be trying to make the connections.

You may also research the IP in question at www.ip-lookup.net or a similar site.

On the other hand, if you think the IP blocks might be a false positive, then please read this pinned topic before starting a new topic in the Website False Positives sub-forum.

Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following for the available options to have a malware expert assist you with the cleaning process Available Assistance For Possibly Infected Computers.

Thanks!

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

DDS – Checktool - FRST

STEP 1

Please run the DDS scanner and send back both logs as attachments to your next reply.

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include both of the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
STEP 2

Please run mbam-check and send back the log as an attachment to your next reply.

  • Download mbam-check.exe from HERE and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post; instead please attach to your next reply the CheckResults.txt log file which should now be located on your desktop.
STEP 3

Please run the FRST tool and send back both logs as attachments to your next reply.

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system - that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your next reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your next reply.
Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

Oh yes, sorry you are running Windows 8.1...

Then, if you can, please also upload your 3 most recent Protection module logs:

In Windows XP, these logs are located in: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

In Windows Vista/7/8, these logs are located in: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

As you can see from the protection logs (all 3 of them), it was utorrent.exe that generated the blocks...

This is just a small part of your log... 

2014/02/19 02:59:09 -0500	TORRENTING	Jimmy	IP-BLOCK	91.195.10.22 (Type: incoming, Port: 64221, Process: utorrent.exe)2014/02/19 03:12:17 -0500	TORRENTING	Jimmy	IP-BLOCK	212.113.44.12 (Type: incoming, Port: 64221, Process: utorrent.exe)2014/02/19 03:21:33 -0500	TORRENTING	Jimmy	IP-BLOCK	109.163.230.167 (Type: outgoing, Port: 46255, Process: utorrent.exe)
So to answer your question, No it does not matter if you are seeding or not, its going to product traffic and cause these blocks. If you were to exit out of utorrent completely, more than likely the blocks would stop.
Link to post
Share on other sites
Grindcore

Grindcore

Posted
  • Author
Posted

As you can see from the protection logs (all 3 of them), it was utorrent.exe that generated the blocks...

This is just a small part of your log... 

2014/02/19 02:59:09 -0500	TORRENTING	Jimmy	IP-BLOCK	91.195.10.22 (Type: incoming, Port: 64221, Process: utorrent.exe)2014/02/19 03:12:17 -0500	TORRENTING	Jimmy	IP-BLOCK	212.113.44.12 (Type: incoming, Port: 64221, Process: utorrent.exe)2014/02/19 03:21:33 -0500	TORRENTING	Jimmy	IP-BLOCK	109.163.230.167 (Type: outgoing, Port: 46255, Process: utorrent.exe)
So to answer your question, No it does not matter if you are seeding or not, its going to product traffic and cause these blocks. If you were to exit out of utorrent completely, more than likely the blocks would stop.

 

ok thanks. i guess ill just exit it when im done

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.