Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Something" is trying to download/get in my PC ?


  • Please log in to reply
5 replies to this topic

#1 Hawkwolf-

Hawkwolf-

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 01 January 2011 - 03:39 PM

Hello,

For about a month now, my PC have been -constantly- infected by I-Don't-Know-What.
I had reformat my PC about 5 times now, and every 2 days or so, I get like 50 - 70 virus/malwares/what-so-ever.
Ran MBAM every time. But didn't keep a log (Wasn't thinking about that).
When I get infected, I can't do anything afterward. Can't run Explorer.exe after a reboot.

Recently, 2 days ago, I left MBAM running on my PC and it have been blocking IPs even though I'm not browsing or doing any via the Internet.

Here's the lop of MBAM of blocked IPs :

00:08:01 Kin MESSAGE IP Protection stopped
00:08:02 Kin MESSAGE IP Protection started successfully
00:10:21 Kin MESSAGE IP Protection stopped
00:10:22 Kin MESSAGE IP Protection started successfully
00:11:33 Kin IP-BLOCK 218.8.50.72
00:11:33 Kin IP-BLOCK 218.8.50.72
00:14:05 Kin IP-BLOCK 222.65.27.25
00:14:45 Kin IP-BLOCK 218.8.247.112
00:18:53 Kin IP-BLOCK 218.7.221.57
00:18:53 Kin IP-BLOCK 218.7.221.57
00:23:01 Kin IP-BLOCK 112.159.237.170
00:25:25 Kin IP-BLOCK 218.8.50.72
00:25:25 Kin IP-BLOCK 218.8.50.72
00:29:17 Kin IP-BLOCK 218.8.50.72
00:29:17 Kin IP-BLOCK 218.8.50.72
00:29:25 Kin IP-BLOCK 218.8.50.72
00:29:25 Kin IP-BLOCK 218.8.50.72
00:29:49 Kin IP-BLOCK 218.8.50.72
00:29:49 Kin IP-BLOCK 218.8.50.72
00:37:34 Kin IP-BLOCK 218.7.221.57
00:37:34 Kin IP-BLOCK 218.7.221.57
00:37:58 Kin IP-BLOCK 218.7.221.57
00:38:30 Kin IP-BLOCK 218.7.221.57
00:39:18 Kin IP-BLOCK 218.7.221.57
00:39:42 Kin IP-BLOCK 218.7.221.57
00:40:06 Kin IP-BLOCK 218.7.221.57
00:40:06 Kin IP-BLOCK 218.7.221.57
00:40:30 Kin IP-BLOCK 218.7.221.57
00:40:30 Kin IP-BLOCK 218.7.221.57
00:41:02 Kin IP-BLOCK 218.7.221.57
00:41:02 Kin IP-BLOCK 218.7.221.57
00:41:10 Kin IP-BLOCK 218.8.247.112
00:41:26 Kin IP-BLOCK 218.7.221.57
00:41:26 Kin IP-BLOCK 218.7.221.57
00:41:50 Kin IP-BLOCK 218.7.221.57
00:41:50 Kin IP-BLOCK 218.7.221.57
00:42:14 Kin IP-BLOCK 218.7.221.57
00:42:14 Kin IP-BLOCK 218.7.221.57
00:42:38 Kin IP-BLOCK 218.7.221.57
00:43:02 Kin IP-BLOCK 218.7.221.57
00:43:02 Kin IP-BLOCK 218.7.221.57
00:43:34 Kin IP-BLOCK 218.7.221.57
00:43:34 Kin IP-BLOCK 218.7.221.57
00:43:34 Kin IP-BLOCK 95.31.245.3
00:43:58 Kin IP-BLOCK 218.7.221.57
00:43:58 Kin IP-BLOCK 218.7.221.57
00:44:22 Kin IP-BLOCK 218.8.247.112
00:44:22 Kin IP-BLOCK 218.7.221.57
00:44:22 Kin IP-BLOCK 218.7.221.57
00:44:46 Kin IP-BLOCK 218.7.221.57
00:44:46 Kin IP-BLOCK 218.7.221.57
00:45:10 Kin IP-BLOCK 218.7.221.57
00:45:34 Kin IP-BLOCK 121.10.120.182
00:45:42 Kin IP-BLOCK 218.7.221.57
00:45:42 Kin IP-BLOCK 218.7.221.57
00:46:54 Kin IP-BLOCK 218.7.221.57
00:47:18 Kin IP-BLOCK 218.7.221.57
00:47:18 Kin IP-BLOCK 218.7.221.57
00:57:26 Kin IP-BLOCK 222.70.158.197
00:58:46 Kin IP-BLOCK 218.10.76.12
00:59:18 Kin IP-BLOCK 218.8.247.112
00:59:42 Kin IP-BLOCK 218.8.247.112
01:05:43 Kin IP-BLOCK 218.8.247.112
01:05:59 Kin IP-BLOCK 218.8.247.112
01:13:03 Kin IP-BLOCK 222.65.57.187
01:13:51 Kin IP-BLOCK 218.8.247.112
01:14:07 Kin IP-BLOCK 218.8.247.112
01:17:35 Kin IP-BLOCK 218.8.247.112
01:23:27 Kin IP-BLOCK 218.8.247.112
01:23:35 Kin IP-BLOCK 218.8.247.112
01:29:27 Kin IP-BLOCK 218.8.247.112
01:29:59 Kin IP-BLOCK 218.8.247.112
01:33:19 Kin IP-BLOCK 195.216.173.152
01:37:19 Kin IP-BLOCK 222.66.7.134
01:44:31 Kin IP-BLOCK 83.128.48.69
01:45:51 Kin IP-BLOCK 188.65.50.115
01:45:59 Kin IP-BLOCK 68.168.122.73
01:53:27 Kin IP-BLOCK 89.28.72.7
01:57:03 Kin IP-BLOCK 59.34.63.121
02:05:04 Kin IP-BLOCK 218.8.247.112
02:05:20 Kin IP-BLOCK 218.8.247.112
02:07:28 Kin IP-BLOCK 222.64.181.230
02:11:20 Kin IP-BLOCK 83.128.85.191
02:14:24 Kin IP-BLOCK 89.28.45.35
02:14:40 Kin IP-BLOCK 204.16.192.169
02:15:52 Kin IP-BLOCK 89.28.102.95
02:18:40 Kin IP-BLOCK 218.10.141.202
02:45:04 Kin IP-BLOCK 213.231.5.155
02:45:44 Kin IP-BLOCK 218.8.247.112
02:46:00 Kin IP-BLOCK 58.241.231.118
02:46:00 Kin IP-BLOCK 59.34.3.138
02:52:00 Kin IP-BLOCK 58.240.96.229
03:01:05 Kin IP-BLOCK 218.8.247.112
03:01:13 Kin IP-BLOCK 218.8.247.112
03:01:29 Kin IP-BLOCK 58.241.135.135
03:01:45 Kin IP-BLOCK 203.93.211.163
03:01:45 Kin IP-BLOCK 203.93.211.163
03:02:17 Kin IP-BLOCK 203.93.211.163
03:02:17 Kin IP-BLOCK 203.93.211.163
03:08:33 Kin IP-BLOCK 212.113.53.28
03:09:45 Kin IP-BLOCK 222.64.8.27
03:09:45 Kin IP-BLOCK 222.64.8.27
03:10:09 Kin IP-BLOCK 222.64.8.27
03:10:09 Kin IP-BLOCK 222.64.8.27
03:11:29 Kin IP-BLOCK 83.128.85.191
03:16:09 Kin IP-BLOCK 218.8.247.112
03:16:25 Kin IP-BLOCK 218.8.247.112
03:16:25 Kin IP-BLOCK 218.8.247.112
03:16:41 Kin IP-BLOCK 188.65.50.75
03:16:57 Kin IP-BLOCK 218.8.247.112
03:17:05 Kin IP-BLOCK 218.7.10.4
03:17:05 Kin IP-BLOCK 218.8.247.112
03:20:57 Kin IP-BLOCK 89.28.109.44
03:31:37 Kin IP-BLOCK 212.117.183.211
03:32:41 Kin IP-BLOCK 218.8.247.112
03:43:29 Kin IP-BLOCK 89.28.109.44
03:48:09 Kin IP-BLOCK 89.28.3.254
03:49:45 Kin IP-BLOCK 121.10.137.43
03:56:18 Kin IP-BLOCK 218.10.141.202
03:58:34 Kin IP-BLOCK 222.65.1.180
04:00:02 Kin IP-BLOCK 222.70.210.224
04:02:02 Kin IP-BLOCK 194.165.0.5
04:02:10 Kin IP-BLOCK 218.8.247.112
04:02:18 Kin IP-BLOCK 218.8.247.112
04:02:50 Kin IP-BLOCK 222.70.141.190
04:03:38 Kin IP-BLOCK 121.10.120.182
04:03:46 Kin IP-BLOCK 121.10.120.182
04:03:46 Kin IP-BLOCK 121.10.120.182
04:03:46 Kin IP-BLOCK 121.10.120.182
04:04:42 Kin IP-BLOCK 89.28.109.44
04:07:30 Kin IP-BLOCK 222.64.181.230
04:18:18 Kin IP-BLOCK 218.8.247.112
04:18:26 Kin IP-BLOCK 188.65.50.68
04:18:34 Kin IP-BLOCK 222.69.217.119
04:21:22 Kin IP-BLOCK 58.241.231.27
04:24:42 Kin IP-BLOCK 222.66.133.89
04:30:58 Kin IP-BLOCK 188.65.50.46
04:31:46 Kin IP-BLOCK 218.8.247.112
04:38:58 Kin IP-BLOCK 222.64.181.230
04:45:46 Kin IP-BLOCK 89.28.72.7
04:46:26 Kin IP-BLOCK 218.8.247.112
04:47:22 Kin IP-BLOCK 89.28.109.44
04:52:18 Kin IP-BLOCK 58.241.231.27
04:59:06 Kin IP-BLOCK 222.65.1.180
05:01:30 Kin IP-BLOCK 211.20.131.217
05:01:46 Kin IP-BLOCK 218.8.247.112
05:02:18 Kin IP-BLOCK 219.152.79.169
05:02:42 Kin IP-BLOCK 218.8.45.152
05:03:55 Kin IP-BLOCK 95.211.102.133
05:06:19 Kin IP-BLOCK 219.146.143.208
05:16:03 Kin IP-BLOCK 188.130.176.2
05:18:11 Kin IP-BLOCK 89.28.112.203
05:24:59 Kin IP-BLOCK 62.45.89.241
05:32:59 Kin IP-BLOCK 89.28.124.104
05:41:23 Kin IP-BLOCK 62.45.194.181
05:59:39 Kin IP-BLOCK 89.28.109.44
06:00:03 Kin IP-BLOCK 62.45.209.220
06:03:47 Kin IP-BLOCK 89.28.84.211
06:04:51 Kin IP-BLOCK 121.12.131.5
06:11:55 Kin IP-BLOCK 83.128.85.191
06:14:27 Kin IP-BLOCK 58.240.129.83
06:14:43 Kin IP-BLOCK 222.65.248.59
06:14:59 Kin IP-BLOCK 60.12.166.141
06:15:07 Kin IP-BLOCK 218.8.247.112
06:17:47 Kin IP-BLOCK 218.8.247.112
06:17:55 Kin IP-BLOCK 218.8.247.112
06:20:35 Kin IP-BLOCK 89.28.17.11
06:20:35 Kin IP-BLOCK 188.65.50.72
06:21:39 Kin IP-BLOCK 89.28.109.44
06:25:00 Kin IP-BLOCK 94.96.93.235
06:31:24 Kin IP-BLOCK 218.8.247.112
06:33:32 Kin IP-BLOCK 94.96.39.130
06:35:00 Kin IP-BLOCK 60.12.166.141
06:38:36 Kin IP-BLOCK 94.96.3.130
06:42:04 Kin IP-BLOCK 89.28.17.11
06:44:36 Kin IP-BLOCK 222.65.27.25
06:45:24 Kin IP-BLOCK 218.8.247.112
06:46:20 Kin IP-BLOCK 89.28.109.44
06:47:00 Kin IP-BLOCK 188.65.50.119
06:50:36 Kin IP-BLOCK 83.128.48.69
06:55:00 Kin IP-BLOCK 60.12.166.141
07:01:32 Kin IP-BLOCK 212.113.34.66
07:02:20 Kin IP-BLOCK 211.20.144.62
07:05:16 Kin IP-BLOCK 89.28.17.11
07:05:32 Kin IP-BLOCK 62.45.138.126
07:11:08 Kin IP-BLOCK 218.8.247.112
07:11:16 Kin IP-BLOCK 218.8.247.112
07:15:00 Kin IP-BLOCK 60.12.166.141
07:16:52 Kin IP-BLOCK 218.10.141.202
07:17:32 Kin IP-BLOCK 218.9.164.201
07:17:56 Kin IP-BLOCK 89.28.59.107
07:18:04 Kin IP-BLOCK 83.128.93.239
07:31:33 Kin IP-BLOCK 94.96.36.93
07:31:57 Kin IP-BLOCK 62.45.138.126
07:32:29 Kin IP-BLOCK 218.8.247.112
07:35:01 Kin IP-BLOCK 60.12.166.141
07:42:53 Kin IP-BLOCK 222.70.99.18
07:45:17 Kin IP-BLOCK 121.10.68.113
07:50:45 Kin IP-BLOCK 121.10.120.182
07:50:53 Kin IP-BLOCK 121.10.120.182
07:55:01 Kin IP-BLOCK 60.12.166.141
07:57:17 Kin IP-BLOCK 68.168.122.28
07:59:49 Kin IP-BLOCK 222.65.1.180
08:00:05 Kin IP-BLOCK 94.102.52.154
08:00:21 Kin IP-BLOCK 93.183.194.82
08:05:57 Kin IP-BLOCK 218.8.247.112
08:05:57 Kin IP-BLOCK 58.241.13.176
08:06:05 Kin IP-BLOCK 218.8.247.112
08:10:21 Kin IP-BLOCK 83.128.85.191
08:15:01 Kin IP-BLOCK 60.12.166.141
08:16:05 Kin IP-BLOCK 218.8.247.112
08:16:29 Kin IP-BLOCK 59.34.5.251
08:18:05 Kin IP-BLOCK 222.64.1.117
08:29:26 Kin IP-BLOCK 222.65.128.182
08:31:02 Kin IP-BLOCK 218.8.247.112
08:31:26 Kin IP-BLOCK 121.13.9.171
08:31:34 Kin IP-BLOCK 218.8.126.88
08:31:42 Kin IP-BLOCK 89.28.83.62
08:35:02 Kin IP-BLOCK 60.12.166.141
08:38:30 Kin IP-BLOCK 89.28.109.44
08:40:22 Kin IP-BLOCK 218.8.247.112
08:40:30 Kin IP-BLOCK 218.8.247.112
08:42:22 Kin IP-BLOCK 68.168.126.75
08:47:26 Kin IP-BLOCK 218.8.247.112
08:53:42 Kin IP-BLOCK 194.165.0.5
08:55:10 Kin IP-BLOCK 222.65.128.182
08:55:10 Kin IP-BLOCK 222.65.128.182
08:59:02 Kin IP-BLOCK 222.65.128.182
09:01:02 Kin IP-BLOCK 222.65.128.182
09:01:02 Kin IP-BLOCK 222.65.128.182
09:01:02 Kin IP-BLOCK 222.65.128.182
09:02:06 Kin IP-BLOCK 218.7.208.110
09:03:02 Kin IP-BLOCK 218.8.247.112
09:04:22 Kin IP-BLOCK 222.66.71.118
09:11:34 Kin IP-BLOCK 83.128.85.191
09:17:42 Kin IP-BLOCK 121.13.67.248
09:23:10 Kin IP-BLOCK 222.64.195.22
09:28:38 Kin IP-BLOCK 94.96.72.226
09:34:55 Kin IP-BLOCK 218.8.247.112
09:40:47 Kin IP-BLOCK 83.128.85.191
09:44:31 Kin IP-BLOCK 218.8.247.112
09:44:39 Kin IP-BLOCK 218.8.247.112
09:46:39 Kin IP-BLOCK 117.205.48.211
09:50:39 Kin IP-BLOCK 94.96.41.120
09:57:19 Kin IP-BLOCK 121.10.146.90
10:04:15 Kin IP-BLOCK 94.96.119.29
10:06:31 Kin IP-BLOCK 218.8.247.112
10:06:47 Kin IP-BLOCK 218.8.247.112
10:07:03 Kin IP-BLOCK 58.240.141.254
10:07:19 Kin IP-BLOCK 89.28.112.171
10:11:27 Kin IP-BLOCK 83.128.85.191
10:13:35 Kin IP-BLOCK 222.71.68.154
10:14:07 Kin IP-BLOCK 94.96.39.130
10:21:20 Kin IP-BLOCK 62.45.138.126
10:22:32 Kin IP-BLOCK 89.28.59.221
10:28:40 Kin IP-BLOCK 59.34.83.171
10:28:48 Kin IP-BLOCK 89.28.28.251
10:29:52 Kin IP-BLOCK 121.10.120.182
10:29:52 Kin IP-BLOCK 121.10.120.182
10:29:52 Kin IP-BLOCK 121.10.120.182
10:30:00 Kin IP-BLOCK 121.10.120.182
10:37:04 Kin IP-BLOCK 222.66.7.134
10:50:48 Kin IP-BLOCK 220.248.175.98
10:51:28 Kin IP-BLOCK 218.8.247.112
10:52:00 Kin IP-BLOCK 58.240.34.89
10:54:56 Kin IP-BLOCK 222.67.205.113
10:55:44 Kin IP-BLOCK 222.67.205.113
10:55:44 Kin IP-BLOCK 222.67.205.113
10:56:48 Kin IP-BLOCK 62.45.157.133
11:00:16 Kin IP-BLOCK 222.67.205.113
11:05:12 Kin IP-BLOCK 218.8.247.112
11:07:37 Kin IP-BLOCK 58.241.13.176
11:08:49 Kin IP-BLOCK 222.67.205.113
11:16:17 Kin IP-BLOCK 222.71.68.154
11:21:45 Kin IP-BLOCK 222.67.159.127
11:25:37 Kin IP-BLOCK 121.10.120.182
11:30:41 Kin IP-BLOCK 219.152.15.158
11:34:57 Kin IP-BLOCK 89.28.81.182
11:35:37 Kin IP-BLOCK 222.71.68.154
11:36:57 Kin IP-BLOCK 222.66.7.134
11:37:05 Kin IP-BLOCK 222.71.68.154
11:38:17 Kin IP-BLOCK 58.241.13.176
11:48:09 Kin IP-BLOCK 218.8.247.112
11:48:09 Kin IP-BLOCK 218.8.247.112
11:49:13 Kin IP-BLOCK 222.69.221.196
11:56:17 Kin IP-BLOCK 222.67.159.127
11:57:13 Kin IP-BLOCK 222.67.159.127
12:02:01 Kin IP-BLOCK 218.8.247.112
12:02:33 Kin IP-BLOCK 188.130.177.5
12:09:05 Kin IP-BLOCK 222.64.8.27
12:09:13 Kin IP-BLOCK 222.64.8.27
12:09:21 Kin IP-BLOCK 222.71.68.154
12:10:25 Kin IP-BLOCK 222.71.68.154
12:10:25 Kin IP-BLOCK 222.71.68.154
12:13:13 Kin IP-BLOCK 222.64.8.27
12:13:13 Kin IP-BLOCK 222.64.8.27
12:13:37 Kin IP-BLOCK 222.64.8.27
12:14:17 Kin IP-BLOCK 222.64.8.27
12:14:26 Kin IP-BLOCK 222.64.8.27
12:18:34 Kin IP-BLOCK 222.64.8.27
12:19:46 Kin IP-BLOCK 222.71.68.154
12:20:18 Kin IP-BLOCK 222.64.8.27
12:20:26 Kin IP-BLOCK 222.64.8.27
12:20:58 Kin IP-BLOCK 222.64.8.27
12:21:22 Kin IP-BLOCK 222.64.8.27
12:28:02 Kin IP-BLOCK 222.65.52.25
12:31:30 Kin IP-BLOCK 222.71.68.154
12:31:54 Kin IP-BLOCK 222.71.68.154
12:32:18 Kin IP-BLOCK 218.8.247.112
12:39:54 Kin IP-BLOCK 222.71.68.154
12:40:42 Kin IP-BLOCK 222.71.68.154
12:55:22 Kin IP-BLOCK 89.28.67.37
13:10:27 Kin IP-BLOCK 218.247.153.54
13:10:51 Kin IP-BLOCK 219.152.15.158
13:12:59 Kin IP-BLOCK 121.10.72.139
13:13:23 Kin IP-BLOCK 121.10.72.139
13:13:23 Kin IP-BLOCK 121.10.72.139
13:20:03 Kin IP-BLOCK 94.96.110.3
13:28:51 Kin IP-BLOCK 89.28.72.7
13:28:59 Kin IP-BLOCK 222.67.239.27
13:32:51 Kin IP-BLOCK 121.10.120.182
13:32:51 Kin IP-BLOCK 121.10.120.182
13:32:51 Kin IP-BLOCK 121.10.120.182
13:32:59 Kin IP-BLOCK 121.10.120.182
13:32:59 Kin IP-BLOCK 121.10.120.182
13:32:59 Kin IP-BLOCK 121.10.120.182
13:32:59 Kin IP-BLOCK 121.10.120.182
13:32:59 Kin IP-BLOCK 121.10.120.182
13:35:07 Kin IP-BLOCK 62.45.138.226
13:45:15 Kin IP-BLOCK 218.8.247.112
13:45:31 Kin IP-BLOCK 94.96.110.3
13:45:47 Kin IP-BLOCK 62.45.124.185
13:47:31 Kin IP-BLOCK 119.152.151.71
13:56:11 Kin IP-BLOCK 83.128.52.235
13:59:31 Kin IP-BLOCK 89.28.109.44
14:01:47 Kin IP-BLOCK 218.8.247.112
14:11:47 Kin IP-BLOCK 83.128.85.191
14:17:31 Kin IP-BLOCK 218.8.247.112
14:23:47 Kin IP-BLOCK 121.10.72.139
14:23:47 Kin IP-BLOCK 121.10.72.139
14:31:23 Kin IP-BLOCK 95.31.245.3
14:34:20 Kin IP-BLOCK 222.64.185.125
14:34:20 Kin IP-BLOCK 222.64.185.125
14:39:16 Kin IP-BLOCK 121.10.120.182
14:39:16 Kin IP-BLOCK 121.10.120.182
14:39:24 Kin IP-BLOCK 121.10.120.182
14:45:48 Kin IP-BLOCK 218.8.247.112
14:46:04 Kin IP-BLOCK 89.28.89.207
14:51:00 Kin IP-BLOCK 72.20.37.209
14:53:00 Kin IP-BLOCK 121.10.137.43
14:53:08 Kin IP-BLOCK 121.10.137.43
15:01:32 Kin IP-BLOCK 218.8.247.112
15:08:36 Kin IP-BLOCK 219.153.131.218
15:15:24 Kin IP-BLOCK 68.168.126.162
15:15:32 Kin IP-BLOCK 62.109.11.186
15:15:32 Kin IP-BLOCK 222.67.198.143
15:16:28 Kin IP-BLOCK 218.8.247.112
15:31:59 Kin IP-BLOCK 218.8.247.112
15:32:39 Kin IP-BLOCK 89.149.254.207
15:32:47 Kin IP-BLOCK 89.28.109.44
15:32:55 Kin IP-BLOCK 94.96.125.107


I noticed the same IP several time and I searched a few of them, and it's comming from China ..

How do I fix/get rip of that?

Thank you in advance.

P.S: I'm not sure I'm in the good sector. Feel free to move it !

-Hawkwolf

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 01 January 2011 - 09:20 PM

Hello,is this the Paid version of MBAM?
What is your operating system,antivirus and firewall?
You have done a full format and reinstall.

Lets' see a full log please.

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.

Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

From your regular user account..
Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
Close all open browsers before using, especially FireFox. <-Important!!!
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining
.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program
.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Hawkwolf-

Hawkwolf-
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 02 January 2011 - 01:12 AM

Hello, thanks for the instruction.

I'm using Windows 7, not paid MBAM. Not using any Antivirus and Firewall are disactived.
I ran both progrms on NormalWindows.
Here's the log of SUPPER :

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/02/2011 at 01:04 AM

Application Version : 4.47.1000

Core Rules Database Version : 6113
Trace Rules Database Version: 3925

Scan type : Complete Scan
Total Scan Time : 00:20:34

Memory items scanned : 556
Memory threats detected : 0
Registry items scanned : 6970
Registry threats detected : 1
File items scanned : 61646
File threats detected : 119

System.BrokenFileAssociation
HKCR\.exe

Adware.Tracking Cookie
secure-us.imrworldwide.com [ C:\Users\Kin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZETGKBEJ ]
.doubleclick.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.kontera.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.harrenmedianetwork.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.game-advertising-online.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.advertising.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.advertising.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.advertising.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.advertising.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.advertising.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.yieldmanager.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.advertising.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.www.burstnet.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.adcentriconline.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.mediafire.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.mediafire.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.mediafire.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
user.lucidmedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.zedo.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.zedo.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.zedo.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.zedo.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.zedo.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.liveperson.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.liveperson.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.pro-market.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.ru4.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.ru4.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.2o7.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.2o7.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.usairways.112.2o7.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
account.ankama.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
imagevenue.advertserve.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
imagevenue.advertserve.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.partypoker.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.partypoker.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.myroitracking.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.clicksor.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.xiti.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.chitika.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.interclick.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.interclick.com [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Kin\AppData\Roaming\Mozilla\Firefox\Profiles\auigf89d.default\cookies.sqlite ]


All SUPER scanned are Cookies ..

And I didn't reset my router, and don't know why I should (?). Three computers and linked to it, and only I have problems, and my IP is changing twice a day.

-Hawkwolf

Edited by Hawkwolf-, 02 January 2011 - 06:55 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 02 January 2011 - 01:22 PM

OK on the router if MBAM stops picking that first issue up. I felt something had your router address.
Did you rerun MBAM as you did not post that log?
SAS did remove HKCR\.exe, a malware trouble maker.

Is MBAM still blocking things.
You need to activate a firewall this will stop the accessing.
Install this free AV and scan with it or you will surely be swamped with malware.
•Avira Antivir
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Hawkwolf-

Hawkwolf-
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:59 AM

Posted 04 January 2011 - 05:45 PM

Sorry for the late reply
MBAM didn't detect anything and isn't blocking any IP now. Thanks !
My Firewall is now on.

The problem seem to be fixed, for now. Thanks!

-Hawkwolf

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:59 AM

Posted 04 January 2011 - 08:32 PM

Hi, good to hear it. You need to Have an Antivirus so I am hoping you installed and scanned with the ANtiVir I recommended above. It's free,effective and the one I use.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users