Malwarebytes keeps blocking outgoing traffic from Vivaldi
Since today, malwarebytes keeps blocking some outgoing traffic coming from Vivaldi. The IP adress is always the same but the ports are changing. I get it like every 30 seconds but I didn't change anything in Vivaldi. Does somebody know how to fix?
@Vincent90 Exactly the same problem. I think it is just Vivaldi - I haven't seen it on IE or FireFox.
It's for device plug & play.
This IP belongs to the SSDP / UPnP range (220.127.116.11 to 18.104.22.168).
This IP doesn't belong to an address in the internet it should be in your local network - like a printer/router/fax/ a wifi using toaster/whatever - that uses UPnP (Universal Plug and Play) .
So the questions are:
- What windows version are you on
- What extensions do you use
- What version of Vivaldi do you use
- Go to vivaldi://about to find out about your versionnumber
- Did you run a systemcheck against malware/adware/viruses
- since when is this happening (since the last update from version xxx to version yyy || or a system update || or a new installed mouse)
- Is Vivaldi installed / set as default browser?
Meh .... and again I was too slow but nice that you already know the culprit. Good to know
exactly what @dLeon said, if you don't need chromecast you can try disabling it (not tested, I don't need it either)
and in any case that malwarebytes thing should be instructed to ignore those packets.
I'm a little new to Vivaldi so be kind. I went to bed and was having no issue with Vivaldi. I got up, turned on my PC, brought up Vivaldi and started getting this message from Malwarebytes. In short, I changed nothing. Now I'm sure Malwarebytes updated something so maybe that's the issue. I don't know if Vivaldi automatically updates itself or not. In FireFox you can turn off the automatic update. Thus far, I have not found a setting for Vivaldi that stops automatic updates. So perhaps that is the issue. I found something called chrome://flags but that gives me about 50 things that I am afraid to touch.
ok - -I finally found the setting and disabled it. I am still receiving this message from MalwareBytes (yes I have scanned my files).
Vivaldi has no silent updates if that's what you mean.
When there is an update a small window will popup and tell you that there is an update - asking you if you want to install / skip this version / or remind later
Well that's cool. Like I said I'm just learning so you answered one question! Thanks.
Hehe okay, so another question for you - although this might be obsolete but I just want to be sure.
After you disabled cast-streaming-hw-encoding - did you restarted vivaldi?
The IP is harmless. It just try to detect/redetect devices (like Android devices) that support Chromecast. You don't really need to disable it per Chromium based browsers.
Well, you could disable it in Vivaldi or Chromium in overall.
I don't know about that "disable-cast-streaming-hw-encoding" flag.
If I'm not mistaken to completely disable it is by disabling "Load Media Router Component Extension" flag.
You can whitelist Vivaldi on that
22.214.171.124address at any ports.
I don't know how to do that in Malwarebytes. I never use it.
What windows version are you on win10 64bit
What extensions do you use Stylish and pocket and Ghostery is disabled
What version of Vivaldi do you use 1.7.735.46 (Stable channel) (32-bit)
Did you run a systemcheck against malware/adware/viruses actually, Malwarebytes found adware this morning and I removed them and a few hours later, the problems started(see image below)
since when is this happening (since the last update from version xxx to version yyy || or a system update || or a new installed mouse) It happens since this morning and that is all I know (I only re-installed sketch-up).
Is Vivaldi installed / set as default browser? yes
I disabled that chromecast option but it does not fix the problem.
MWB just posted a fix. Update MWB. And it wasn't the president's fault.
@dLeon In mbam you can only whitelist an IP for everything. You can't add it to a blacklist or whitelist it for only a specific program. Is it harmfull if I whitelist that IP?
Yeah it safe. It only search for local (IPv4) devices.
Specific address, ports blocking is a job for firewall anyway.
Plug & Play (UPnP) by default was turned off in Windows.
Modern 3rd party firewall programs usually (since Windows 98 sp2(?) era) also silently block inbound/incoming UPnP. You will need to explicitly enable it. Outbound all the time fine. Just be suspicious if there's inbound streams coming without your concern.
A bit of info: https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol