Malwarebytes Constant blocked "outgoing" to 112.175.243.23
- Thread starter union122
- Start date
That is just a warning that you are trying to access a site or server that is known for malware...
It doesn't mean you have any malware on your PC.
You can ignore the block/warning and go to the web site.
After the block message, Rt. click on the MBAM tray icon and click Add to ignore list
You can also disable IP Blocking completely in the MBAM options.
It doesn't mean you have any malware on your PC.
You can ignore the block/warning and go to the web site.
After the block message, Rt. click on the MBAM tray icon and click Add to ignore list
You can also disable IP Blocking completely in the MBAM options.
My Computer
At a glance
Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x6...AMD Athlon II x4 6206GB GSkill DDR2 800AMD 4670 GPU + AMD 4200 IGP
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- home built
- OS
- Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
- CPU
- AMD Athlon II x4 620
- Motherboard
- Gigabyte GA-MA785G-UD3H
- Memory
- 6GB GSkill DDR2 800
- Graphics Card(s)
- AMD 4670 GPU + AMD 4200 IGP
- Sound Card
- on board Realtek ALC889A
- Monitor(s) Displays
- RCA 40" LCD TV, Insignia 32" LCD TV, HP 15" LCD monitor
- Screen Resolution
- 1680 x 1050
- Hard Drives
- OCZ Vertex 3 120GB,
Samsung F3 1TB (3),
Several others - WD, Seagate, Hitachi, ...
- PSU
- Corsair 500 W
- Case
- Rosewill mid tower
- Cooling
- CM 90mm rifle
- Keyboard
- Gyration wireless, Logitech wireless, Dell USB wired
- Mouse
- Gyration wireless, Logitech wireless, V7 USB wired
- Internet Speed
- Spectrum - 100Mbps D / 10Mbps U
- Antivirus
- Avast, MBAM3, EMET, WinPatrol
- Browser
- Pale Moon, Firefox, IE
- Other Info
- 2 multi-boot PC's
Mainly HTPC/Office/Gen purpose (no gaming).
Trendnet USB KVM.
LG DVD burner/Blue Ray Player.
Tray system for removable SATA backup drives.
Not currently OCd, under-volted.
I use Hybrid sleep, rarely re-boot or shutdown.
Hauppauge HD-PVR, Avermedia PCIe TV Tuner, Hauppauge PCI TV Tuner.
If I were you, I would disable the notification, not the IP Blocker itself. You can do this by unticking the box next to "Show tooltip balloon" in the protection tab. I always leave the notifactions off and expect it to do its thing. While using Skype or other chat clients, it will block some IPs but not most (meaning the program works fine while not potentially exposing you to malware), and when using a web browsers it will regularly block IPs of ads that may be potentially dangerous. Unless you regularly visit free porn sites or something like that, the IP blocker will rarely prevent you from doing anything, but the notifications are annoying.
My Computer
At a glance
Windows 7 Professional SP1 64-bitIntel Core i5-2450M @2.5 GHz6 GB DDR3 1333MHzIntel HD 3000
- Computer type
- Laptop
- Computer Manufacturer/Model Number
- Toshiba P775-S7100
- OS
- Windows 7 Professional SP1 64-bit
- CPU
- Intel Core i5-2450M @2.5 GHz
- Memory
- 6 GB DDR3 1333MHz
- Graphics Card(s)
- Intel HD 3000
- Monitor(s) Displays
- Built-in 17.3" LED; 22" Insignia NS-L22Q-10A
- Screen Resolution
- 1600x900; 1360x768
- Hard Drives
- 750 GB Hitachi
1TB Seagate FreeAgent External
- Internet Speed
- Verizon DSL Speed(Down/Up): 3360 Kbps / 800 Kbps
- Antivirus
- MSE and MBAM Pro
- Browser
- IE10
i agree, if you get a lot of notifications disabling them would be better.
It depends on the programs a person uses...torrents, p2p, etc.
I rarely get a block, so i prefer to know when i do hit one, and what program / site caused it.
It depends on the programs a person uses...torrents, p2p, etc.
I rarely get a block, so i prefer to know when i do hit one, and what program / site caused it.
My Computer
At a glance
Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x6...AMD Athlon II x4 6206GB GSkill DDR2 800AMD 4670 GPU + AMD 4200 IGP
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- home built
- OS
- Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
- CPU
- AMD Athlon II x4 620
- Motherboard
- Gigabyte GA-MA785G-UD3H
- Memory
- 6GB GSkill DDR2 800
- Graphics Card(s)
- AMD 4670 GPU + AMD 4200 IGP
- Sound Card
- on board Realtek ALC889A
- Monitor(s) Displays
- RCA 40" LCD TV, Insignia 32" LCD TV, HP 15" LCD monitor
- Screen Resolution
- 1680 x 1050
- Hard Drives
- OCZ Vertex 3 120GB,
Samsung F3 1TB (3),
Several others - WD, Seagate, Hitachi, ...
- PSU
- Corsair 500 W
- Case
- Rosewill mid tower
- Cooling
- CM 90mm rifle
- Keyboard
- Gyration wireless, Logitech wireless, Dell USB wired
- Mouse
- Gyration wireless, Logitech wireless, V7 USB wired
- Internet Speed
- Spectrum - 100Mbps D / 10Mbps U
- Antivirus
- Avast, MBAM3, EMET, WinPatrol
- Browser
- Pale Moon, Firefox, IE
- Other Info
- 2 multi-boot PC's
Mainly HTPC/Office/Gen purpose (no gaming).
Trendnet USB KVM.
LG DVD burner/Blue Ray Player.
Tray system for removable SATA backup drives.
Not currently OCd, under-volted.
I use Hybrid sleep, rarely re-boot or shutdown.
Hauppauge HD-PVR, Avermedia PCIe TV Tuner, Hauppauge PCI TV Tuner.
What are you using when it pops up?
My Computer
At a glance
Windows 7 Professional SP1 64-bitIntel Core i5-2450M @2.5 GHz6 GB DDR3 1333MHzIntel HD 3000
- Computer type
- Laptop
- Computer Manufacturer/Model Number
- Toshiba P775-S7100
- OS
- Windows 7 Professional SP1 64-bit
- CPU
- Intel Core i5-2450M @2.5 GHz
- Memory
- 6 GB DDR3 1333MHz
- Graphics Card(s)
- Intel HD 3000
- Monitor(s) Displays
- Built-in 17.3" LED; 22" Insignia NS-L22Q-10A
- Screen Resolution
- 1600x900; 1360x768
- Hard Drives
- 750 GB Hitachi
1TB Seagate FreeAgent External
- Internet Speed
- Verizon DSL Speed(Down/Up): 3360 Kbps / 800 Kbps
- Antivirus
- MSE and MBAM Pro
- Browser
- IE10
You can read about MBAM IP blocking here ( Section G - IP Protection Module )
FAQ - Common Issues, Questions, and their Solutions - Malwarebytes Forum
FAQ - Common Issues, Questions, and their Solutions - Malwarebytes Forum
My Computer
At a glance
Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x6...AMD Athlon II x4 6206GB GSkill DDR2 800AMD 4670 GPU + AMD 4200 IGP
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- home built
- OS
- Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
- CPU
- AMD Athlon II x4 620
- Motherboard
- Gigabyte GA-MA785G-UD3H
- Memory
- 6GB GSkill DDR2 800
- Graphics Card(s)
- AMD 4670 GPU + AMD 4200 IGP
- Sound Card
- on board Realtek ALC889A
- Monitor(s) Displays
- RCA 40" LCD TV, Insignia 32" LCD TV, HP 15" LCD monitor
- Screen Resolution
- 1680 x 1050
- Hard Drives
- OCZ Vertex 3 120GB,
Samsung F3 1TB (3),
Several others - WD, Seagate, Hitachi, ...
- PSU
- Corsair 500 W
- Case
- Rosewill mid tower
- Cooling
- CM 90mm rifle
- Keyboard
- Gyration wireless, Logitech wireless, Dell USB wired
- Mouse
- Gyration wireless, Logitech wireless, V7 USB wired
- Internet Speed
- Spectrum - 100Mbps D / 10Mbps U
- Antivirus
- Avast, MBAM3, EMET, WinPatrol
- Browser
- Pale Moon, Firefox, IE
- Other Info
- 2 multi-boot PC's
Mainly HTPC/Office/Gen purpose (no gaming).
Trendnet USB KVM.
LG DVD burner/Blue Ray Player.
Tray system for removable SATA backup drives.
Not currently OCd, under-volted.
I use Hybrid sleep, rarely re-boot or shutdown.
Hauppauge HD-PVR, Avermedia PCIe TV Tuner, Hauppauge PCI TV Tuner.
A check of the IP address says it's located in The Republic of Korea. By any chance are you using GOM Player? GOM player is nice, but it it will report back on anything you watch unless you block it.
My Computer
At a glance
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Dell Hell oh Well
- OS
- Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
- CPU
- Intel Core 2 Duo 2.93GHz
- Memory
- Not much with my ADHD
- Graphics Card(s)
- ATI Radeon HD 4350
- Monitor(s) Displays
- 24" HDTV/Monitor
- Screen Resolution
- Blurry after a Scotch or 2
- Hard Drives
- 1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
- Case
- Don't get on my case...man :D
- Cooling
- I have an Air Conditioner & Diet Pepsi
- Keyboard
- Saitek Cyborg
- Mouse
- 10 yr old MS optical mouse that still works
- Internet Speed
- Never fast enough
- Antivirus
- Various
- Browser
- Various
Interesting. looking at POT Player I find this:
And the addy checks out as being Korean. It may have put something on your PC you're unaware of.
My Computer
At a glance
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Dell Hell oh Well
- OS
- Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
- CPU
- Intel Core 2 Duo 2.93GHz
- Memory
- Not much with my ADHD
- Graphics Card(s)
- ATI Radeon HD 4350
- Monitor(s) Displays
- 24" HDTV/Monitor
- Screen Resolution
- Blurry after a Scotch or 2
- Hard Drives
- 1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
- Case
- Don't get on my case...man :D
- Cooling
- I have an Air Conditioner & Diet Pepsi
- Keyboard
- Saitek Cyborg
- Mouse
- 10 yr old MS optical mouse that still works
- Internet Speed
- Never fast enough
- Antivirus
- Various
- Browser
- Various
Did some looking online. I want to start off by saying that you seem to have posted about this on several different sites about this issue. While it is not wrong to do so, we like to know because you have people telling you to do stuff we don't know about, which makes it harder for us to help you in the long run.
More importantly, it seems that the IP Address you mention is used in several DDOS attacks. I'm not sure if this means you are currently infected or not, but it does indicate that MBAM is doing its job. Please go to the Logs tab in Malwarebytes and scroll down to the protection module logs. Open one of the logs and copy and paste it's contents into your next post. The log should tell us exactly what is trying to access that IP address. It may be your media player, it might not, but we need to find out.
More importantly, it seems that the IP Address you mention is used in several DDOS attacks. I'm not sure if this means you are currently infected or not, but it does indicate that MBAM is doing its job. Please go to the Logs tab in Malwarebytes and scroll down to the protection module logs. Open one of the logs and copy and paste it's contents into your next post. The log should tell us exactly what is trying to access that IP address. It may be your media player, it might not, but we need to find out.
My Computer
At a glance
Windows 7 Professional SP1 64-bitIntel Core i5-2450M @2.5 GHz6 GB DDR3 1333MHzIntel HD 3000
- Computer type
- Laptop
- Computer Manufacturer/Model Number
- Toshiba P775-S7100
- OS
- Windows 7 Professional SP1 64-bit
- CPU
- Intel Core i5-2450M @2.5 GHz
- Memory
- 6 GB DDR3 1333MHz
- Graphics Card(s)
- Intel HD 3000
- Monitor(s) Displays
- Built-in 17.3" LED; 22" Insignia NS-L22Q-10A
- Screen Resolution
- 1600x900; 1360x768
- Hard Drives
- 750 GB Hitachi
1TB Seagate FreeAgent External
- Internet Speed
- Verizon DSL Speed(Down/Up): 3360 Kbps / 800 Kbps
- Antivirus
- MSE and MBAM Pro
- Browser
- IE10
This Korean player must a call home program and IMHO it's good it's being blocker by MAM.
My Computer
At a glance
Windows 10 Pro. 64/ version 1709 Windows 7 Pr...Intel i7-6800K @ 4.3Corsair Platinum 16 gig @2400EVGA GTX 1070 OC
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Home made Desktop
- OS
- Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
- CPU
- Intel i7-6800K @ 4.3
- Motherboard
- ASUS X-99 Deluxe II
- Memory
- Corsair Platinum 16 gig @2400
- Graphics Card(s)
- EVGA GTX 1070 OC
- Monitor(s) Displays
- Asus 27" LED LCD/VE278Q
- Screen Resolution
- 1920-1080 or 1280-720 HDMI
- Hard Drives
- INTEL SSD 730-240 Gb Sata 3.0/
- PSU
- EVGA Platium 1200W
- Case
- Phanteks Luxe Tempered Glass 8 fans/ one radiator
- Cooling
- XSPC/ Water Cooled CPU
- Keyboard
- Das 4 Professional
- Mouse
- Logitech M705/MX Anywhere 2-S
- Internet Speed
- 100 mbits
- Antivirus
- Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS
- Browser
- I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum
- Other Info
- LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
Sorry, yes I did, well only on technibble.. that and sevens is my constant read when I can. I didn't know MBAM had that feature, log tab and protection module.. thanks for the heads up I will look at that and post back.
My Computer
At a glance
7 pro 64 nit
- OS
- 7 pro 64 nit
2012/06/21 08:12:19 -0400 THINK SLC IP-BLOCK 112.175.243.24 (Type: outgoing, Port: 52204, Process: svchost.exe)
2012/06/21 08:12:19 -0400 THINK SLC IP-BLOCK 112.175.243.21 (Type: outgoing, Port: 52205, Process: svchost.exe)
2012/06/21 08:18:27 -0400 THINK SLC IP-BLOCK 112.175.243.21 (Type: outgoing, Port: 52226, Process: svchost.exe)
2012/06/21 08:18:27 -0400 THINK SLC IP-BLOCK 112.175.243.21 (Type: outgoing, Port: 52227, Process: svchost.exe)
2012/06/21 08:21:31 -0400 THINK SLC IP-BLOCK 95.215.1.248 (Type: outgoing, Port: 52238, Process: svchost.exe)
2012/06/21 08:21:31 -0400 THINK SLC IP-BLOCK 95.215.1.248 (Type: outgoing, Port: 52239, Process: svchost.exe)
2012/06/21 08:24:28 -0400 THINK SLC IP-BLOCK 112.175.243.22 (Type: outgoing, Port: 52251, Process: svchost.exe)
2012/06/21 08:24:28 -0400 THINK SLC IP-BLOCK 112.175.243.22 (Type: outgoing, Port: 52252, Process: svchost.exe)
2012/06/21 08:27:25 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52282, Process: svchost.exe)
2012/06/21 08:27:34 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52284, Process: svchost.exe)
2012/06/21 08:30:32 -0400 THINK SLC IP-BLOCK 112.175.243.23 (Type: outgoing, Port: 52291, Process: svchost.exe)
2012/06/21 08:30:32 -0400 THINK SLC IP-BLOCK 112.175.243.23 (Type: outgoing, Port: 52292, Process: svchost.exe)
2012/06/21 08:33:30 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52301, Process: svchost.exe)
2012/06/21 08:33:30 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52302, Process: svchost.exe)
2012/06/21 08:12:19 -0400 THINK SLC IP-BLOCK 112.175.243.21 (Type: outgoing, Port: 52205, Process: svchost.exe)
2012/06/21 08:18:27 -0400 THINK SLC IP-BLOCK 112.175.243.21 (Type: outgoing, Port: 52226, Process: svchost.exe)
2012/06/21 08:18:27 -0400 THINK SLC IP-BLOCK 112.175.243.21 (Type: outgoing, Port: 52227, Process: svchost.exe)
2012/06/21 08:21:31 -0400 THINK SLC IP-BLOCK 95.215.1.248 (Type: outgoing, Port: 52238, Process: svchost.exe)
2012/06/21 08:21:31 -0400 THINK SLC IP-BLOCK 95.215.1.248 (Type: outgoing, Port: 52239, Process: svchost.exe)
2012/06/21 08:24:28 -0400 THINK SLC IP-BLOCK 112.175.243.22 (Type: outgoing, Port: 52251, Process: svchost.exe)
2012/06/21 08:24:28 -0400 THINK SLC IP-BLOCK 112.175.243.22 (Type: outgoing, Port: 52252, Process: svchost.exe)
2012/06/21 08:27:25 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52282, Process: svchost.exe)
2012/06/21 08:27:34 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52284, Process: svchost.exe)
2012/06/21 08:30:32 -0400 THINK SLC IP-BLOCK 112.175.243.23 (Type: outgoing, Port: 52291, Process: svchost.exe)
2012/06/21 08:30:32 -0400 THINK SLC IP-BLOCK 112.175.243.23 (Type: outgoing, Port: 52292, Process: svchost.exe)
2012/06/21 08:33:30 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52301, Process: svchost.exe)
2012/06/21 08:33:30 -0400 THINK SLC IP-BLOCK 93.170.52.31 (Type: outgoing, Port: 52302, Process: svchost.exe)
My Computer
At a glance
7 pro 64 nit
- OS
- 7 pro 64 nit
The fact that it says "svchost.exe" means that it is a service excessing that IP address. In the start menu search bar, type "msconfig" and press enter. Go to the services tab and check the box saying "Hide all Microsoft services". Please provide us a list of the names of all remaining services.
My Computer
At a glance
Windows 7 Professional SP1 64-bitIntel Core i5-2450M @2.5 GHz6 GB DDR3 1333MHzIntel HD 3000
- Computer type
- Laptop
- Computer Manufacturer/Model Number
- Toshiba P775-S7100
- OS
- Windows 7 Professional SP1 64-bit
- CPU
- Intel Core i5-2450M @2.5 GHz
- Memory
- 6 GB DDR3 1333MHz
- Graphics Card(s)
- Intel HD 3000
- Monitor(s) Displays
- Built-in 17.3" LED; 22" Insignia NS-L22Q-10A
- Screen Resolution
- 1600x900; 1360x768
- Hard Drives
- 750 GB Hitachi
1TB Seagate FreeAgent External
- Internet Speed
- Verizon DSL Speed(Down/Up): 3360 Kbps / 800 Kbps
- Antivirus
- MSE and MBAM Pro
- Browser
- IE10
