 |
Windows 7: Malwarebytes Blocking IP address
|
03 Jan 2013
|
#11 | |
|
RootkitsRepair
The rootkit was found by Malwarebytes, but it was strange indeed. This root kit was attempting to reach a malicious site, which Malwarebytes Pro was blocking every 15 minutes, which I could see from the Mbam log. After not finding the rootkit for several hours, it suddenly, after another 15 minute, found the rootkit, which it removed. Since that time the IP block has not occurred.
I opened a case on Mbam, and they did a very thorough job of helping, including scanning logs of my system, and suggesting various pieces of software to monitor my system, and helping me to use Combofix.
I can only say the buying Mbam Pro was really worth it.
The help at Mbam also suggested amending the host file. Take a look at: http://www.funkytoad.com/content/view/13/31/ | My System Specs |
| |
03 Jan 2013
|
#12 | |
Win 7 Pro x64 SP1, Win 7 Ult x86 SP1 NC, USA |
Thanks for posting back with that info!
I find it interesting they suggest using the HOST file for additional protection with the Pro version.
I wondered about that...if it's worth it to use MBAM Pro Website blocking AND HOST file "exclusions".
I wasn't sure if it's overkill and unnecessary redundant protection (paranoia).
If they suggest using it...well, they know better than me!
I agree, MBAM Pro is a a great value and well worth the cost.
Great to hear you are cleaned up and the problem is solved. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number home built
OS Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
CPU AMD Athlon II x4 620
Motherboard Gigabyte GA-MA785G-UD3H
Memory 6GB GSkill DDR2 800
Graphics Card AMD 4670 GPU + AMD 4200 IGP
Sound Card on board Realtek ALC889A
Monitor(s) Displays RCA 40" LCD TV, Insignia 32" LCD TV, HP 15" LCD monitor
Screen Resolution 1680 x 1050...
Keyboard Gyration wireless, Logitech wireless, Dell USB wired
Mouse Gyration wireless, Logitech wireless, V7 USB wired
PSU Corsair 500 W
Case Rosewill mid tower
Cooling CM 90mm Tower
Hard Drives OCZ Vertex 3 120GB,
Samsung F3 1TB (3),
Several others - WD, Seagate, Hitachi, ...
Internet Speed Uverse - 12Mbps D / 1.5Mbps U
Antivirus Avast free OR MSE. (+ MBAM Pro).
Browser 1-Firefox, 2-IE. (Chrome and Opera for testing)
Other Info 2 PCs: Primary: dual-boot, Test: triple-boot.
Mainly HTPC/Gen purpose (no gaming).
Trendnet USB KVM.
LG DVD burner/Blue Ray Player.
Tray system for removable SATA backup drives.
Not currently OCd, under-volted.
I use Hybrid sleep, rarely re-boot or shutdown.
Hauppauge HD-PVR, Avermedia PCIe TV Tuner, Hauppauge PCI TV Tuner.
|
03 Jan 2013
|
#13 | |
|
What's interesting is that there now exist black lists and white lists! I used to use Comodo Firewall, but they were set up so that you couldn't change the white lists. As of this moment I'm using Windows 7 Firewall Control. It's the free version, but allows you to control outbound and inbound traffic. I suspect that if Mbam hadn't blocked that malicious site then the firewall would have popped up asking for permission. | | My System Specs | | |
03 Jan 2013
|
#14 | |
Win 7 Pro x64 SP1, Win 7 Ult x86 SP1 NC, USA |
I just use the built in Windows firewall, and a router firewall. 
If you haven't heard of it, another Product I use and like is WinPatrol 2013
I use the free version, and it works well for me - no issues here... | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number home built
OS Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
CPU AMD Athlon II x4 620
Motherboard Gigabyte GA-MA785G-UD3H
Memory 6GB GSkill DDR2 800
Graphics Card AMD 4670 GPU + AMD 4200 IGP
Sound Card on board Realtek ALC889A
Monitor(s) Displays RCA 40" LCD TV, Insignia 32" LCD TV, HP 15" LCD monitor
Screen Resolution 1680 x 1050...
Keyboard Gyration wireless, Logitech wireless, Dell USB wired
Mouse Gyration wireless, Logitech wireless, V7 USB wired
PSU Corsair 500 W
Case Rosewill mid tower
Cooling CM 90mm Tower
Hard Drives OCZ Vertex 3 120GB,
Samsung F3 1TB (3),
Several others - WD, Seagate, Hitachi, ...
Internet Speed Uverse - 12Mbps D / 1.5Mbps U
Antivirus Avast free OR MSE. (+ MBAM Pro).
Browser 1-Firefox, 2-IE. (Chrome and Opera for testing)
Other Info 2 PCs: Primary: dual-boot, Test: triple-boot.
Mainly HTPC/Gen purpose (no gaming).
Trendnet USB KVM.
LG DVD burner/Blue Ray Player.
Tray system for removable SATA backup drives.
Not currently OCd, under-volted.
I use Hybrid sleep, rarely re-boot or shutdown.
Hauppauge HD-PVR, Avermedia PCIe TV Tuner, Hauppauge PCI TV Tuner.
|
03 Jan 2013
|
#15 | |
Windows 7 Home Premium 64 bit. SP-1 Northern Ohio |
This might be of some interest.  | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Home made Desktop
OS Windows 7 Home Premium 64 bit. SP-1
CPU Intel i7-960-3.2 @ 4.25
Motherboard ASUS P6X58D-E
Memory KINGSTON KHX2000C9, Hyper X,12 GIGS
Graphics Card MSI/Nvidia/460GTX-Cyclone 1GD5/OC
Monitor(s) Displays DYNEX 40 IN.
Screen Resolution 1920-1080 or 1280-720 HDMI
Keyboard M/S 3000 v 2.0 wireless
Mouse M/S 5000 wireless
PSU Corsair AX-850 Plus Gold
Case Corsair 600T (Black) + side panel with 2 140 mm Noctua fans
Cooling Corsair H50/2 Noctua NF-P12 (120 mm) Push/Pull-
Hard Drives INTEL SSD 120GB-SER 510
Seagate 1TB SATA 600 7200 rpm Hard Drive
Internet Speed 3.0 mb
Antivirus Microsoft Security Eesentials
Browser I.E. 10 default/Firefox
Other Info LG BluRay-Read/Write
Sound system
KLipsch-THX
Asus Router RTN-12
2 Noctua 140 added on top of 600t case
Malwarebytes Anti Malware Professional
Windows 7 Firewall
|
03 Jan 2013
|
#16 | |
|
All three of my grown sons say "Dad, get yourself an Apple".  | | My System Specs | | |
03 Jan 2013
|
#17 | |
Windows 7 Home Premium 64 bit. SP-1 Northern Ohio |
Why pay that kind of money just for more problems. Apple systems have problems just like Windows. In your case it wasn't Windows but a infection that got in. That happens to all operating system. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Home made Desktop
OS Windows 7 Home Premium 64 bit. SP-1
CPU Intel i7-960-3.2 @ 4.25
Motherboard ASUS P6X58D-E
Memory KINGSTON KHX2000C9, Hyper X,12 GIGS
Graphics Card MSI/Nvidia/460GTX-Cyclone 1GD5/OC
Monitor(s) Displays DYNEX 40 IN.
Screen Resolution 1920-1080 or 1280-720 HDMI
Keyboard M/S 3000 v 2.0 wireless
Mouse M/S 5000 wireless
PSU Corsair AX-850 Plus Gold
Case Corsair 600T (Black) + side panel with 2 140 mm Noctua fans
Cooling Corsair H50/2 Noctua NF-P12 (120 mm) Push/Pull-
Hard Drives INTEL SSD 120GB-SER 510
Seagate 1TB SATA 600 7200 rpm Hard Drive
Internet Speed 3.0 mb
Antivirus Microsoft Security Eesentials
Browser I.E. 10 default/Firefox
Other Info LG BluRay-Read/Write
Sound system
KLipsch-THX
Asus Router RTN-12
2 Noctua 140 added on top of 600t case
Malwarebytes Anti Malware Professional
Windows 7 Firewall
|
04 Jan 2013
|
#18 | |
Windows 7 HP 64bit, Windows 8 Pro w/Media Center 64bit Covington, La |
Quote: Originally Posted by mhhack  All three of my grown sons say "Dad, get yourself an Apple". Tell them it would make a good Christmas or Birthday gift from them and that will shut them up. 
Jim  | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Home Built
OS Windows 7 HP 64bit, Windows 8 Pro w/Media Center 64bit
CPU Phenom II X6 1100T
Motherboard ASUS M5A99X EVO
Memory Crucial Balistic 8gb DDR3-1866 CL9
Graphics Card MSI R6850 Cyclone IGD5 PE
Sound Card On Board
Monitor(s) Displays ASUS VE258Q 25" LED with DVI-HDMI-DisplayPort
Screen Resolution 1920 x 1080
Keyboard Logitech K120
Mouse Logitech Marble Mouse USB, Logitech Precision Game Pad
PSU Seasonic X650 80 Plus GOLD Modular
Case Corsair 400R
Cooling Antec Kuhler H2O 620, Two 120mm and four 140mm
Hard Drives Two WD Cavier Black 2TB Sata III, WD My Book Essential 2TB USB 3.0
Internet Speed 15MB
Antivirus Norton IS 2012, Malwarebytes Pro
Browser IE-10, FF-19
Other Info APC UPS ES 750, Netgear WNR3500L Gigabit & Wireless N Router with SamKnows Test Program, Motorola SB6120 Gigabit Cable Modem. Brother HL-2170W Laser Printer, Epson V300 Scanner
|
04 Jan 2013
|
#19 | |
Windows 7 Ultimate 32bit SP1 |
Your Hosts File is very important to use, as it has abilities to block malicious programs!
See the explanation here: The Hosts File and what it can do for you | | My System Specs | | System Manufacturer/Model Number Bruce ... somewhere in his 40's
OS Windows 7 Ultimate 32bit SP1
CPU Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard INTEL/D975XBX2
Memory 4 GB
Graphics Card ATI Radeon HD 2600 Pro
Monitor(s) Displays Samsung SyncMaster 914v
Screen Resolution 1280 x 1024
Keyboard Standard PS/2 Keyboard
Mouse Microsoft PS/2 Mouse
PSU Rocketfish 700 W
Case G.Skill Gigabyte Chassis
Hard Drives 2/500GB each ... ST3500630AS ATA Device.
One is not connected
Internet Speed DSL
Antivirus Avira Internet Security
Browser IE 9
Other Info ATI HDMI Audio
|
05 Jan 2013
|
#20 | |
Windows 7 Home Premium 64 bit. SP-1 Northern Ohio |
Thank you Jacee for the information on Host File. Very informative. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Home made Desktop
OS Windows 7 Home Premium 64 bit. SP-1
CPU Intel i7-960-3.2 @ 4.25
Motherboard ASUS P6X58D-E
Memory KINGSTON KHX2000C9, Hyper X,12 GIGS
Graphics Card MSI/Nvidia/460GTX-Cyclone 1GD5/OC
Monitor(s) Displays DYNEX 40 IN.
Screen Resolution 1920-1080 or 1280-720 HDMI
Keyboard M/S 3000 v 2.0 wireless
Mouse M/S 5000 wireless
PSU Corsair AX-850 Plus Gold
Case Corsair 600T (Black) + side panel with 2 140 mm Noctua fans
Cooling Corsair H50/2 Noctua NF-P12 (120 mm) Push/Pull-
Hard Drives INTEL SSD 120GB-SER 510
Seagate 1TB SATA 600 7200 rpm Hard Drive
Internet Speed 3.0 mb
Antivirus Microsoft Security Eesentials
Browser I.E. 10 default/Firefox
Other Info LG BluRay-Read/Write
Sound system
KLipsch-THX
Asus Router RTN-12
2 Noctua 140 added on top of 600t case
Malwarebytes Anti Malware Professional
Windows 7 Firewall
Malwarebytes Blocking IP address problems? All times are GMT -5. The time now is 08:30 PM. |  |
Question about malwarebytes website blocking 
