• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 344
  • Last Modified:

Malwarebytes

I am getting messages from Malwarebytes that it is blocking outgoing messages. Here is today’s log:

11:41:26               Andrew                MESSAGE            Protection started successfully
11:41:35               Andrew                MESSAGE            IP Protection started successfully
11:42:18               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:20               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:25               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:29               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:31               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:35               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:47               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:49               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:53               Andrew                IP-BLOCK             89.28.126.134 (Type: outgoing)
11:42:59               Andrew                MESSAGE            IP Protection stopped
11:42:59               Andrew                MESSAGE            Scheduled update executed successfully
11:43:04               Andrew                MESSAGE            Database updated successfully
11:43:06               Andrew                MESSAGE            IP Protection started successfully
12:41:56               Andrew                IP-BLOCK             78.26.187.2 (Type: outgoing)
12:41:57               Andrew                IP-BLOCK             78.26.187.2 (Type: outgoing)
12:42:01               Andrew                IP-BLOCK             78.26.187.2 (Type: outgoing)

The first IP address is in Moldova, the second in Ukraine … which  makes me very suspicious! But a scan has not revealed anything untoward. Should I be worried?
0
bledington
Asked:
bledington
1 Solution
 
sjklein42Commented:
Your router might be infected.   There are viruses that muck with the DNS tables stored in the router.

Reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.

Note: After resetting your router, it is important to set a non-default password, and if possible, username, on the router. This will assist in eliminating the possibility of the router being hijacked again.

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now