Jump to content

Need details of blocked outgoing


AaLF

Recommended Posts

Malwarebytes regularly pops up a message that it has blocked a potential dangerous website i.p. xxx.xxx.x.xx type - outgoing. The only information the log shows is the i.p. address.

How can I investigate further to find the source of the outgoing attempts that Malwarebytes is blocking?

Link to post
Share on other sites

Please provide following details, so that someone may be able to assist you:

  • What is your current version of windows (XP, Vista, or Win7)?
  • Is your windows OS 32-bit or 64-bit?
  • What is your OS Service Pack?
  • What version (if any) of MBAM are you running (current is 1.51.2.1300) and is it the Free or Pro version?
  • What MBAM database version do you have now (current is 8030)?
  • What brand and version of antivirus software do you have?
  • What firewall software do you use if any?
  • Do you use any P2P (Peer to Peer) software such as Utorrent, Bittorrent or Skype?
  • Has your computer been infected recently, or is it currently showing any other abnormal behavior (browser redirects, IP blocks, etc.) to suggest an infection?

Link to post
Share on other sites

  • Root Admin

Please run the following scanner and post back the logs.

Download
DDS
and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
dds.scr
to run the tool.

When done, the
DDS.txt
will open.

Click Yes at the next prompt for Optional Scan.


    When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply:
    DDS.txt
    and
    Attach.txt

Link to post
Share on other sites

Please provide following details, so that someone may be able to assist you:

  • What is your current version of windows (XP, Vista, or Win7)?
  • Is your windows OS 32-bit or 64-bit?
  • What is your OS Service Pack? SP3
  • What version (if any) of MBAM are you running (current is 1.51.2.1300) and is it the Free or Pro version?
  • What MBAM database version do you have now (current is 8030)? 8022
  • What brand and version of antivirus software do you have? Nil
  • What firewall software do you use if any? Look n Stop
  • Do you use any P2P (Peer to Peer) software such as Utorrent, Bittorrent or Skype? No except Skype - unused
  • Has your computer been infected recently, or is it currently showing any other abnormal behavior (browser redirects, IP blocks, etc.) to suggest an infection? Couple of malwares found from downloaded programs

Please run the following scanner and post back the logs.

Download
DDS
and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
dds.scr
to run the tool.

When done, the
DDS.txt
will open.

Click Yes at the next prompt for Optional Scan.


  • When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply:
    DDS.txt
    and
    Attach.txt

Defense programs are SandBoxie / Shadow Defender / Malwarebytes / Spyshelter

Logs attached AaLF.RAR

AaLF.rar

Link to post
Share on other sites

  • Root Admin

Look at the Event Log at the bottom of your attach log file. You need to fix all those issues.

Why are you running pebuilder while scanning?

You're using Tor which is similar to Skype in that it uses IP addresses from peer 2 peer networks that can be on one or more IP block lists.

Disable Tor and fix your other issues and you'll probably be fine.

Your Tune-up utilities don't work well with some other programs - up to you but you might want to reconsider if you really need it.

A good healthy full disk check might be in order as well.

CHKDSK C: /R

Link to post
Share on other sites

Look at the Event Log at the bottom of your attach log file. You need to fix all those issues.

Why are you running pebuilder while scanning?

You're using Tor which is similar to Skype in that it uses IP addresses from peer 2 peer networks that can be on one or more IP block lists.

Disable Tor and fix your other issues and you'll probably be fine.

Your Tune-up utilities don't work well with some other programs - up to you but you might want to reconsider if you really need it.

A good healthy full disk check might be in order as well.

CHKDSK C: /R

pebuilder, too much rushing. forgot to turn it off. Yes, now you mention it I think it happens with Tor. Got any more info on Tune Up clashes?

Woooooooo. Just read the attachment.

==== Event Viewer Messages From Past Week ========

What's a starting point to seek help / info on that list? I'm unskilled but willing to learn / try.

What xp tools will help shorten that list? Would greatly appreciate some informed tips from you.

Thanks

AaLF

Link to post
Share on other sites

  • Root Admin

Please run the following and post back the results

Create an Autoruns Log:

  • Please download Sysinternals Autoruns from here.
  • Save Autoruns.exe to your desktop and double-click it to run it.
  • Once it starts, please press the Esc key on your keyboard.
  • Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures
  • Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
  • When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.
  • Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
  • Attach the Autoruns.zip folder you just created to your next reply

Then download HijackThis and run a scan with it and post back that log too.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.