Video Screencast Help

Constant "Traffic from IP address XXXXXXXX is blocked" message popping out

Created: 31 Jan 2011 • Updated: 31 Jan 2011 | 8 comments
This issue has been solved. See solution.

I get those every few minutes all day long. They stop only if I disconnect my internet. I've attached a few screenshots.

Please help!

Comments 8 CommentsJump to latest comment

_Brian's picture

First thing I would do is make sure your defs are fully updated and run a full scan in safemode.

How long has this been going on?

Has anything changed on the machine that you know of?

Are you running any P2P software?

What version of SEP are you on?

Nadya's picture

I did run a full scan and nothing came up. It started around 10 a.m. And I'm using v.11. 

Except for the message, nothing else seems different.indecision

_Brian's picture

What version of 11? The latest is RU6 MP2 (11.0.6200.754)

It's also possible you have a new variant of malware on the machine that SEP is not catching. You can try a second opinion malware scanner such as Hitman Pro or Malwarebytes and run a full scan. I would try Hitman Pro as it is much faster at running a full scan (2-3 minutes)

SOLUTION
Fatih Teke's picture

Hello,

Brian is right. Please update your Sep client version. Always use latest version. And please create a weeky scans.

Best Regards.

Fatih

 Everything works better when everything works together.

Nadya's picture

11.0.5002.333

I'll try Hitman Pro as you say and see what's gonna happen. Thanks :)

Thomas K's picture

Download and run the Power Eraser and Load Point Analysis Tool (included with the SEP Support Tool).

The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

The Load point Analysis Tool generates a detailed report of the programs loaded on your system, and is helpful in listing common loadpoints where threats can live.

 

http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402

Ooyala - Check us out!

_Brian's picture

My other questions are where did you receive the software from and who installed it?

What I've seen is when SEP is handed out for home/personal use, the install is done and the settings are never adjusted. Default SEP install settings do not cut it and they will need to be tweaked to block various threats.

Let's wait and see what Hitman comes back with though before we take a look at your current settings.

What simply could be happening is you are on a website that is compromised and trying to exploit your system to download more malware.

However, if it stops when you disconnect the Internet, then you likely have something on your machine trying to send info out to the IP specified in the message. perhaps some sort of toolbar or adware.

Nadya's picture

Hi again,

So I ran Hitman Pro and deleted numerous tracking cookies and a trojan horse. And it worked! No more messages popping out! Thank youu! cool