Jump to content

MW pop-up balloon even when Not connected to internet


Recommended Posts

Hi folks. How's it going? I have an odd question that I cannot seem to find an answer for. I have MW Pro because I have found it to be the best software for what I need; and for the price; it Can't be beat. My question is: My Comcast cable service was interrupted for over 4 hours during the last snow storm. While the internet was out of service I disconnected my computer from the modem and ran MW full scan while I had the chance. As usual it found nothing, which means it's doing it's job. Now for the problem. During that 4 hour down time; I kept getting a MW pop-up balloon every so often as if I was surfing the net, stating that MW blocked a potentially harmful incoming attack/site. Why on Earth would That pop-up? I was not connected to the net and my desktop do not have any wi-fi connected to or installed. I do have Magic-Jack but it to was unplugged from the computer at that time. PC is an eMachines 1200, XP Home 2003. I little help or info would go a long way with this issue. It was quite annoying.

Link to post
Share on other sites

I got home at 4p that day, my hours are 4a to 3p M-F, and the cable was already out. That's when I unplugged it.                           I hope this is what you're asking for:

2014/03/12 03:28:56 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    93.174.93.51 (Type: incoming)
2014/03/12 03:46:47 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    80.82.78.85 (Type: incoming)
2014/03/12 07:25:39 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    222.186.31.43 (Type: incoming)
2014/03/12 09:28:29 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    93.174.93.51 (Type: incoming)
2014/03/12 10:47:17 -0500    EMACHINE-7AF6B9    USER    MESSAGE    Executing scheduled update:  Daily
2014/03/12 10:48:00 -0500    EMACHINE-7AF6B9    USER    MESSAGE    Starting database refresh
2014/03/12 10:48:00 -0500    EMACHINE-7AF6B9    USER    MESSAGE    Scheduled update executed successfully:  database updated from version v2014.03.11.08 to version v2014.03.12.09
2014/03/12 10:48:00 -0500    EMACHINE-7AF6B9    USER    MESSAGE    Stopping IP protection
2014/03/12 10:48:02 -0500    EMACHINE-7AF6B9    USER    MESSAGE    IP Protection stopped successfully
2014/03/12 10:49:11 -0500    EMACHINE-7AF6B9    USER    MESSAGE    Database refreshed successfully
2014/03/12 10:49:11 -0500    EMACHINE-7AF6B9    USER    MESSAGE    Starting IP protection
2014/03/12 10:49:50 -0500    EMACHINE-7AF6B9    USER    MESSAGE    IP Protection started successfully
2014/03/12 15:28:32 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    93.174.93.51 (Type: incoming)
2014/03/12 16:19:15 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    80.82.70.116 (Type: incoming)
2014/03/12 16:34:54 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:34:57 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:34:58 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:03 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:03 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:03 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:03 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:05 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:06 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:11 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:12 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:16 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:19 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:24 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:24 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:27 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:35:33 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:33 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:36 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:36 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:42 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:42 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:54 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:36:57 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:03 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:15 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:18 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:24 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:36 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:39 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:37:45 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    88.214.225.161 (Type: outgoing)
2014/03/12 16:53:17 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    78.140.142.60 (Type: outgoing)
2014/03/12 16:53:38 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    78.140.142.60 (Type: outgoing)
2014/03/12 16:53:41 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    78.140.142.60 (Type: outgoing)
2014/03/12 16:53:47 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    78.140.142.60 (Type: outgoing)
2014/03/12 17:00:21 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    93.174.93.51 (Type: incoming)
2014/03/12 20:43:55 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    93.174.93.51 (Type: incoming)
2014/03/12 20:51:08 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    222.186.31.43 (Type: incoming)
2014/03/12 23:11:39 -0500    EMACHINE-7AF6B9    USER    IP-BLOCK    222.186.38.116 (Type: incoming)
 

Link to post
Share on other sites

This is the first time trying to post from logs, Usually I see 2 progs to download and run then post and wait then rerun... As you can see from 16:19 thru to the end, I was not connected. I fell asleep and reconnected before I went to work at 4a the next morn. What I am most puzzled about is that, I just noticed it, most of them are an outgoing block. I really find that strange.

Link to post
Share on other sites

Well not sure where your located, but those IP's are in the Netherlands.... have a read through the stuff below...

IP blocks can indicate a number of things:

  • They could indicate that MBAM is doing its job of blocking bad content on websites.
  • In some cases the blocks are a false positive.
  • However, they can also be a sign of infection, especially if the blocks are outgoing and they occur when no browsers are open.
--> There is more information about the IP blocking module in the in the Help Desk topics HERE and HERE and HERE, and in the FAQ - Section G.

They also contain instructions on how to determine what process might be trying to make the connections.

You may also research the IP in question at www.ip-lookup.net or a similar site.

On the other hand, if you think the IP blocks might be a false positive, then please read this pinned topic before starting a new topic in the Website False Positives sub-forum.

Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following for the available options to have a malware expert assist you with the cleaning process Available Assistance For Possibly Infected Computers.

Thanks!

Link to post
Share on other sites

No I do not believe that Malwarebytes Pro was malfunctioning, and I can not say what cause those popups at the time. Without running tools to look at logs and see what's running on your computer I can only guess. However those tools need to be run from a dedicated section of the forum as we are not allowed to use those tools in this section.

 

That being said... you will have to seek help from one of our experts below...

 

If you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following for the available options to have a malware expert assist you with the cleaning process Available Assistance For Possibly Infected Computers.

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.