Jump to content

Blocked potentially malicious website


Recommended Posts

Hello,

I've recently used the product recovery disc to reinistall Vista and within one day I get the message:

"Successfully blocked access to potentially malicious website: 85.17.184.12

Type: outgoing

Port: 53984

Process: svchost.exe"

After reinstalling I connected a USB harddisk to copy Vista SP2, MS Security Essentials, IE9, Malwarebyes Anti-MW, Avira.

Is this a virus of some kind?

If so, how did I get it? (the USB harddisk?)

An Avira scan does not come up with any detections.

I'll be greatful for your advice,

James

post-93462-0-32544500-1315244702.jpg

Link to post
Share on other sites

Hi, and welcome to MBAM, jamontoast:

Until one of the MBAM staff or expert members arrives...

IP blocking can occur as a result of certain legitimate programs such as Skype, and it can happen when MBAM is doing its job by preventing bad content from websites from infecting your computer.

Sometimes the website itself is clean, but it is being hosted on a bad IP range.

But it can also be the result of infection on your system, especially if the IP blocks are "outgoing" and if they occur when no browsers are open.

I know you said this is a fresh OS install, but you didn't mention if it was performed because of infection issues, or if you actually reformatted the HDD before the OS reinstall (some bad rootkit infections can linger unless the disk is reformatted).

Please have a look at the FAQ - Section G for information about the IP blocking module. You can also research the IP in question here.

After doing so, if you think these IP blocks are false positives, then please read this sticky and then please start a new thread here.

  • To have Malwarebytes' Anti-Malware ignore an individual IP address, visit the website in question to incur a block. When you see the tray notification that Malwarebytes' Anti-Malware has blocked the address, right-click on the red M tray icon and use the Add to Ignore List menu to have the IP ignored. You should then be able to refresh your web browser and visit the page. If not, then you may need to close and then open your browser and try again or clear your browser's cache to be able to see the page.
  • If at any time you decide to remove the selected IP from the Ignore List, you can do so by opening Malwarebytes' Anti-Malware and clicking on the Ignore List tab.

------------------------

If you think your system might be infected -- based on the IP blocks or other suspicious computer behavior -- then please do the following, as we cannot review logs or work on malware removal in this part of the forum.

1. First, please go to THIS PAGE, print out, read and follow as many instructions as you can, skipping any you are unable to complete.

2. Then, please describe your computer's symptoms as best you can and post the requested MBAM and DDS logs by starting a new thread at the Malware Removal-HJT forum . Please post the results of the requested scans directly into your post, using copy/paste, rather than attaching them.

One of the authorized, trained experts will then assist you as soon as possible for free, one-on-one malware detection and removal.

When you post, please be sure to select Track This Topic & choose one of the email options, so that you will be notified when someone responds.

Please be patient and allow at least 48 hours before bumping your thread -- otherwise it may appear to the experts that you are already being helped

(The "0" reply count is the easiest way for the experts to spot your thread as still needing help.)

Hope this helps a bit,

daledoc1

Link to post
Share on other sites

  • 3 weeks later...

The warning pop-up only occurred when I was using an old 56k modem dial-up number that I got from a google search (0845 123 2000 "free dialup").

As long as I use my broadband dongle or a different telephone dial-up the warning does not occur.

Therefore I guess it was due to the free 0845 number that I was using as nothing materialised in the virus scans.

Many thanks for the help.

Jamontoast

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.