Jump to content

MBAM Protection Blocking LOTS of IP Addresses


Recommended Posts

For a while, I've been seeing popups from my system tray extremely frequently. It seems like MBAM is blocking an IP address literally every few minutes.

This is the log from just today. My dad wakes up the PC at about 7:00, and I get on around 8:45. It's 12:45 right now. Of course, I replaced my User Account name with <MyUserAccount> and my Dad's account name with <MyDad'sAccount>. I'm the Administrator, my Dad is a Standard (Limited) User.

00:04:48	<MyUserAccount>	IP-BLOCK	85.234.175.53
00:30:01 <MyUserAccount> MESSAGE Scheduled scan executed successfully
07:08:26 <MyDad'sAccount> IP-BLOCK 212.117.173.248
07:24:36 <MyDad'sAccount> IP-BLOCK 89.28.103.227
07:25:00 <MyDad'sAccount> IP-BLOCK 89.28.71.49
07:25:00 <MyDad'sAccount> IP-BLOCK 188.65.50.32
07:25:49 <MyDad'sAccount> IP-BLOCK 218.7.126.253
07:29:09 <MyDad'sAccount> IP-BLOCK 219.147.5.30
07:41:11 <MyDad'sAccount> IP-BLOCK 89.28.56.106
08:11:48 <MyDad'sAccount> IP-BLOCK 218.7.126.253
08:24:56 <MyDad'sAccount> IP-BLOCK 219.152.106.228
08:40:49 <MyDad'sAccount> IP-BLOCK 91.188.44.94
08:50:35 <MyDad'sAccount> IP-BLOCK 89.28.64.101
08:53:47 <MyDad'sAccount> IP-BLOCK 109.235.48.103
08:54:03 (null) IP-BLOCK 89.28.91.32
08:54:03 (null) IP-BLOCK 89.28.44.115
08:54:59 <MyUserAccount> IP-BLOCK 91.188.44.94
09:14:07 <MyUserAccount> IP-BLOCK 222.64.63.79
09:26:33 <MyUserAccount> IP-BLOCK 94.96.40.235
09:26:33 <MyUserAccount> IP-BLOCK 121.10.83.46
09:29:37 <MyUserAccount> IP-BLOCK 87.248.162.131
09:36:58 <MyUserAccount> IP-BLOCK 94.96.5.109
09:40:43 <MyUserAccount> IP-BLOCK 213.186.122.4
09:40:59 <MyUserAccount> IP-BLOCK 95.169.186.102
09:40:59 <MyUserAccount> IP-BLOCK 213.186.122.4
09:41:55 <MyUserAccount> IP-BLOCK 213.186.122.4
09:42:11 <MyUserAccount> IP-BLOCK 62.45.162.203
09:47:24 <MyUserAccount> IP-BLOCK 58.240.121.143
09:47:24 <MyUserAccount> IP-BLOCK 58.240.121.143
09:49:56 <MyUserAccount> IP-BLOCK 58.240.121.143
09:49:56 <MyUserAccount> IP-BLOCK 58.240.121.143
09:50:12 <MyUserAccount> IP-BLOCK 58.240.121.143
09:50:36 <MyUserAccount> IP-BLOCK 58.240.121.143
09:50:36 <MyUserAccount> IP-BLOCK 58.240.121.143
09:50:44 <MyUserAccount> IP-BLOCK 58.240.121.143
09:50:44 <MyUserAccount> IP-BLOCK 58.240.121.143
09:57:10 <MyUserAccount> IP-BLOCK 112.165.14.218
10:12:48 <MyUserAccount> IP-BLOCK 94.96.240.192
10:19:45 <MyUserAccount> IP-BLOCK 89.28.24.99
10:22:49 <MyUserAccount> IP-BLOCK 58.240.90.199
10:31:47 <MyUserAccount> IP-BLOCK 91.211.116.8
10:40:44 <MyUserAccount> IP-BLOCK 62.45.243.241
10:42:04 <MyUserAccount> IP-BLOCK 83.128.125.3
10:54:30 <MyUserAccount> IP-BLOCK 94.96.138.174
10:54:30 <MyUserAccount> IP-BLOCK 222.65.18.81
10:55:10 <MyUserAccount> IP-BLOCK 94.96.39.197
10:55:10 <MyUserAccount> IP-BLOCK 94.96.52.80
11:08:16 <MyUserAccount> IP-BLOCK 89.28.17.112
11:28:02 <MyUserAccount> IP-BLOCK 222.70.181.212
11:32:43 <MyUserAccount> IP-BLOCK 91.188.46.184
11:41:39 <MyUserAccount> IP-BLOCK 58.240.89.23
11:55:48 <MyUserAccount> IP-BLOCK 94.96.93.46
11:56:28 <MyUserAccount> IP-BLOCK 58.240.89.23
11:56:37 <MyUserAccount> IP-BLOCK 222.70.121.124
12:02:21 <MyUserAccount> IP-BLOCK 188.130.177.20
12:06:14 <MyUserAccount> IP-BLOCK 195.216.178.172
12:09:35 <MyUserAccount> IP-BLOCK 220.248.187.222
12:09:43 <MyUserAccount> IP-BLOCK 89.28.23.153
12:10:07 <MyUserAccount> IP-BLOCK 94.96.92.36
12:14:07 <MyUserAccount> IP-BLOCK 222.189.228.13
12:28:00 <MyUserAccount> MESSAGE Protection started successfully
12:28:03 <MyUserAccount> MESSAGE IP Protection started successfully
12:28:11 <MyUserAccount> IP-BLOCK 218.7.221.87
12:29:15 <MyUserAccount> IP-BLOCK 94.96.166.44
12:35:09 <MyUserAccount> IP-BLOCK 85.234.175.10

What should I do? Is there a hole in my firewall or something? I'm running the paid version of MBAM on Win7 Home 64-bit.

I use Windows Remote Desktop within my LAN, if that's relevant at all. But I don't use the default port 3389.

Link to post
Share on other sites

this is an excerpt from the bottom of a P2P File Sharing Warning given to users seeking help at many of the forums

By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program itself, may be safe but the files downloaded may not be... P2P programs form a direct conduit onto your computer, and their security measures are easily circumvented.... A poorly configured P2P program is always a security risk... you use P2P programs at your own risk! Keep in mind that this practice may be the source of your current malware infestation.

References... siting risk factors, using P2P programs:

Malware: Help prevent the Infection

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.