Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help IP address is on blacklists


  • Please log in to reply
32 replies to this topic

#1 helpsickcomputer

helpsickcomputer

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 07 May 2016 - 10:08 PM

I am not able to Google or yahoo search because my IP address is listed on several blacklists. I started the guide before posting but couldn't finish because I don't know if I have 32 or 64 bit Windows and the link to find out would not open. Avast and Maleware bytes do not find any virus. The black lists say I am running a http open connect proxy and a SOCKS proxy and one says I am deliberately looking for security issues on websites. I was working with whatismyipaddress.com but my email will not go through anymore. My ISP and Router company say everything is secure. The ISP is looking into things but I don't think they have done this before.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 08 May 2016 - 01:17 AM

Hi helpsickcomputer

Have you used any proxies in the past? Has you anti-virus complained about any malware recently?

:step1:
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

:step2:
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Paste logs in your next post.

Member of the Bleeping Computer A.I.I. early response team!


#3 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 08 May 2016 - 12:13 PM

I have never used a proxy, nor has anyone in my home to my knowledge. I have run avast and malwarebytes and no hits. I will follow directions tonight after services. Thank you!

#4 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 09 May 2016 - 02:45 PM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Scott and Deana (administrator) on 09-05-2016 at 14:31:24
Running from "C:\Users\DEANNA\Downloads"
Microsoft Windows 10 Home  (X64)
Model: 80R3 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Intel® Dual Band Wireless-AC 3165 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-MI0BBV5
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 54-EE-75-76-DD-2F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : DC-53-60-36-D8-33
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 3165
   Physical Address. . . . . . . . . : DC-53-60-36-D8-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9456:16ab:6ec8:738d%19(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, May 9, 2016 2:22:21 PM
   Lease Expires . . . . . . . . . . : Monday, May 9, 2016 4:22:21 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 165434208
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-B8-5F-95-54-EE-75-76-DD-2F
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{FD449211-E39B-4663-8C4F-E2D57E5A476C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:18ec:192e:b58e:55bd(Preferred)
   Link-local IPv6 Address . . . . . : fe80::18ec:192e:b58e:55bd%4(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-B8-5F-95-54-EE-75-76-DD-2F
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    google.com
Addresses:  2607:f8b0:4000:808::200e
      172.217.2.174


Pinging google.com [172.217.2.174] with 32 bytes of data:
Reply from 172.217.2.174: bytes=32 time=23ms TTL=50
Reply from 172.217.2.174: bytes=32 time=87ms TTL=50

Ping statistics for 172.217.2.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 87ms, Average = 55ms
Server:  resolver1.opendns.com
Address:  208.67.222.222

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      2001:4998:44:204::a7
      98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=77ms TTL=40
Request timed out.

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 77ms, Maximum = 77ms, Average = 77ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...54 ee 75 76 dd 2f ......Realtek PCIe GBE Family Controller
 16...dc 53 60 36 d8 33 ......Microsoft Wi-Fi Direct Virtual Adapter
 19...dc 53 60 36 d8 32 ......Intel® Dual Band Wireless-AC 3165
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  4...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.102    281
    192.168.0.102  255.255.255.255         On-link     192.168.0.102    281
    192.168.0.255  255.255.255.255         On-link     192.168.0.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.102    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  4    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  4    306 2001::/32                On-link
  4    306 2001:0:9d38:6abd:18ec:192e:b58e:55bd/128
                                    On-link
 19    281 fe80::/64                On-link
  4    306 fe80::/64                On-link
  4    306 fe80::18ec:192e:b58e:55bd/128
                                    On-link
 19    281 fe80::9456:16ab:6ec8:738d/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    281 ff00::/8                 On-link
  4    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/08/2016 06:00:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cb
Faulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908
Exception code: 0xc0000005
Fault offset: 0x00000000000096f2
Faulting process id: 0x1860
Faulting application start time: 0xsvchost.exe_MapsBroker0
Faulting application path: svchost.exe_MapsBroker1
Faulting module path: svchost.exe_MapsBroker2
Report Id: svchost.exe_MapsBroker3
Faulting package full name: svchost.exe_MapsBroker4
Faulting package-relative application ID: svchost.exe_MapsBroker5

Error: (05/04/2016 04:30:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: AvastSvc.exe, version: 11.2.2738.0, time stamp: 0x571e0372
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x9ec
Faulting application start time: 0xAvastSvc.exe0
Faulting application path: AvastSvc.exe1
Faulting module path: AvastSvc.exe2
Report Id: AvastSvc.exe3
Faulting package full name: AvastSvc.exe4
Faulting package-relative application ID: AvastSvc.exe5

Error: (05/04/2016 04:30:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: AvastSvc.exe, version: 11.2.2738.0, time stamp: 0x571e0372
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x97c
Faulting application start time: 0xAvastSvc.exe0
Faulting application path: AvastSvc.exe1
Faulting module path: AvastSvc.exe2
Report Id: AvastSvc.exe3
Faulting package full name: AvastSvc.exe4
Faulting package-relative application ID: AvastSvc.exe5

Error: (05/04/2016 04:30:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: AvastSvc.exe, version: 11.2.2738.0, time stamp: 0x571e0372
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x5ac
Faulting application start time: 0xAvastSvc.exe0
Faulting application path: AvastSvc.exe1
Faulting module path: AvastSvc.exe2
Report Id: AvastSvc.exe3
Faulting package full name: AvastSvc.exe4
Faulting package-relative application ID: AvastSvc.exe5

Error: (05/04/2016 01:54:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: GDCAgent.exe, version: 1.0.1.6, time stamp: 0x55b8998c
Faulting module name: GDCAgent.exe, version: 1.0.1.6, time stamp: 0x55b8998c
Exception code: 0xc0000005
Fault offset: 0x00020fb8
Faulting process id: 0x1a90
Faulting application start time: 0xGDCAgent.exe0
Faulting application path: GDCAgent.exe1
Faulting module path: GDCAgent.exe2
Report Id: GDCAgent.exe3
Faulting package full name: GDCAgent.exe4
Faulting package-relative application ID: GDCAgent.exe5

Error: (05/04/2016 01:49:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: AvastSvc.exe, version: 11.2.2738.0, time stamp: 0x571e0372
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x83c
Faulting application start time: 0xAvastSvc.exe0
Faulting application path: AvastSvc.exe1
Faulting module path: AvastSvc.exe2
Report Id: AvastSvc.exe3
Faulting package full name: AvastSvc.exe4
Faulting package-relative application ID: AvastSvc.exe5

Error: (05/04/2016 01:49:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: AvastSvc.exe, version: 11.2.2738.0, time stamp: 0x571e0372
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x1fd0
Faulting application start time: 0xAvastSvc.exe0
Faulting application path: AvastSvc.exe1
Faulting module path: AvastSvc.exe2
Report Id: AvastSvc.exe3
Faulting package full name: AvastSvc.exe4
Faulting package-relative application ID: AvastSvc.exe5

Error: (05/04/2016 01:49:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: AvastSvc.exe, version: 11.2.2738.0, time stamp: 0x571e0372
Faulting module name: MSVCR110.dll, version: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting process id: 0x5b0
Faulting application start time: 0xAvastSvc.exe0
Faulting application path: AvastSvc.exe1
Faulting module path: AvastSvc.exe2
Report Id: AvastSvc.exe3
Faulting package full name: AvastSvc.exe4
Faulting package-relative application ID: AvastSvc.exe5

Error: (05/04/2016 11:29:07 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/02/2016 01:01:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: WINWORD.EXE, version: 16.0.6769.2017, time stamp: 0x570134d0
Faulting module name: ntdll.dll, version: 10.0.10240.16683, time stamp: 0x56ad9358
Exception code: 0xc0000374
Fault offset: 0x000d627c
Faulting process id: 0x19ac
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Faulting package full name: WINWORD.EXE4
Faulting package-relative application ID: WINWORD.EXE5


System errors:
=============
Error: (05/09/2016 02:22:26 PM) (Source: Service Control Manager) (User: )
Description: The System Interface Foundation Service service failed to start due to the following error:
%%1053

Error: (05/09/2016 02:22:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the System Interface Foundation Service service to connect.

Error: (05/09/2016 02:21:40 PM) (Source: BugCheck) (User: )
Description: 0x000000ef (0xffffe00036d41780, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP050916-24500-01

Error: (05/09/2016 02:21:33 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:11:21 PM on ‎5/‎9/‎2016 was unexpected.

Error: (05/09/2016 02:15:41 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (05/09/2016 02:15:09 PM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053

Error: (05/09/2016 02:10:40 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (05/09/2016 02:10:09 PM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053

Error: (05/09/2016 02:05:39 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (05/09/2016 02:05:09 PM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (05/08/2016 06:00:35 PM) (Source: Application Error)(User: )
Description: svchost.exe_MapsBroker10.0.10240.16384559f38cbMosHostCore.dll10.0.10240.16384559f3908c000000500000000000096f2186001d1a97d56652260C:\Windows\System32\svchost.exeC:\Windows\System32\MosHostCore.dll07de3fd3-4d59-4cc6-a855-ebaab1bf295b

Error: (05/04/2016 04:30:52 PM) (Source: Application Error)(User: )
Description: AvastSvc.exe11.2.2738.0571e0372MSVCR110.dll11.0.51106.15098858ec0000409000a326c9ec01d1a64c3a29f6afC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dllc633ba46-d1ea-46d8-a8bb-762d148910b1

Error: (05/04/2016 04:30:44 PM) (Source: Application Error)(User: )
Description: AvastSvc.exe11.2.2738.0571e0372MSVCR110.dll11.0.51106.15098858ec0000409000a326c97c01d1a64c350a1339C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll60a0d549-151c-45ad-98a3-1611784f76c6

Error: (05/04/2016 04:30:35 PM) (Source: Application Error)(User: )
Description: AvastSvc.exe11.2.2738.0571e0372MSVCR110.dll11.0.51106.15098858ec0000409000a326c5ac01d1a643513e7093C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll948fba9d-2627-42fa-9fc3-9c71b9be5dce

Error: (05/04/2016 01:54:56 PM) (Source: Application Error)(User: )
Description: GDCAgent.exe1.0.1.655b8998cGDCAgent.exe1.0.1.655b8998cc000000500020fb81a9001d1a630d290d74dC:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exeC:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exedf95b481-1820-476a-beb5-f54f29cf6fa6

Error: (05/04/2016 01:49:24 PM) (Source: Application Error)(User: )
Description: AvastSvc.exe11.2.2738.0571e0372MSVCR110.dll11.0.51106.15098858ec0000409000a326c83c01d1a635ac6720d8C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll00080074-f350-459a-b113-1e146424e6e5

Error: (05/04/2016 01:49:17 PM) (Source: Application Error)(User: )
Description: AvastSvc.exe11.2.2738.0571e0372MSVCR110.dll11.0.51106.15098858ec0000409000a326c1fd001d1a635a867ef20C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll7415bebf-3a04-4dd7-a709-7968e649432b

Error: (05/04/2016 01:49:10 PM) (Source: Application Error)(User: )
Description: AvastSvc.exe11.2.2738.0571e0372MSVCR110.dll11.0.51106.15098858ec0000409000a326c5b001d1a63066993906C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll65915426-7615-4024-81b5-7ba97a1b228f

Error: (05/04/2016 11:29:07 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (05/02/2016 01:01:25 PM) (Source: Application Error)(User: )
Description: WINWORD.EXE16.0.6769.2017570134d0ntdll.dll10.0.10240.1668356ad9358c0000374000d627c19ac01d1a49c876dcc78C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXEC:\Windows\SYSTEM32\ntdll.dll4d0ef1af-61ae-4691-9c93-06ab8bfb9fd3


=========================== Installed Programs ============================

Ad-Aware Antivirus (HKLM\...\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1}_AdAwareUpdater) (Version: 11.10.767.8917 - Lavasoft)
AdAwareInstaller (HKLM\...\{2B24CCAA-5C9B-4A10-8285-3AC1B3986952}) (Version: 11.10.767.8917 - Lavasoft) Hidden
AdAwareUpdater (HKLM\...\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1}) (Version: 11.10.767.8917 - Lavasoft) Hidden
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.248 - Alps Electric)
AntimalwareEngine (HKLM\...\{B6547F83-398A-4E22-BB5A-DC6A9F013796}) (Version: 3.0.99.0 - Lavasoft) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.5.1.30 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Drive (HKLM-x32\...\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}) (Version: 1.29.2074.1528 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{2FA0176C-3BD1-4FBA-ABA8-17891F8FDC3A}) (Version: 17.1.1530.1652 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e6f0207e-ac43-48a9-bfff-3d879b45694d}) (Version: 18.12.1 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.007.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Service Bridge (HKCU\...\cbe8636f7dd0cf1d) (Version: 1.6.1.1 - Lenovo)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.6769.2040 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6729.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6729.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.6729.1019 - Microsoft Corporation) Hidden
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Quicken 2016 (HKLM-x32\...\{519B4ED1-AF5F-4812-B2A8-B18D783AEFE8}) (Version: 25.1.4.14 - Intuit)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.004.8 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (HKLM-x32\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.3.0.1103 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8041.55 MB
Available physical RAM: 5980.73 MB
Total Virtual: 9321.55 MB
Available Virtual: 7146.43 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:885.25 GB) (Free:813.89 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.35 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-MI0BBV5

Administrator            DefaultAccount           Guest                    
Scott and Deana          

========================= Minidump Files ==================================

C:\Windows\Minidump\010516-32265-01.dmp
C:\Windows\Minidump\013116-24078-01.dmp
C:\Windows\Minidump\021116-40843-01.dmp
C:\Windows\Minidump\030116-54937-01.dmp
C:\Windows\Minidump\032116-41812-01.dmp
C:\Windows\Minidump\032316-38234-01.dmp
C:\Windows\Minidump\040516-34921-01.dmp
C:\Windows\Minidump\040616-28203-01.dmp
C:\Windows\Minidump\042016-35406-01.dmp
C:\Windows\Minidump\042316-31109-01.dmp
C:\Windows\Minidump\050916-24500-01.dmp
C:\Windows\Minidump\120815-39703-01.dmp
C:\Windows\Minidump\120915-47109-01.dmp
C:\Windows\Minidump\121615-35843-01.dmp
C:\Windows\Minidump\122715-30796-01.dmp
========================= Restore Points ==================================

25-04-2016 20:33:24 Removed HP Officejet 4630 series Basic Device Software
04-05-2016 16:29:02 AA11

**** End of log ****

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender     
avast! Antivirus     
Ad-Aware Antivirus   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player     21.0.0.213  
 Mozilla Firefox (46.0.1)
````````Process Check: objlist.exe by Laurent````````  
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.10.767.8917\AdAwareService.exe
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.10.767.8917\AdAwareTray.exe
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````


 



#5 RolandJS

RolandJS

  • Members
  • 4,477 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:02:54 PM

Posted 09 May 2016 - 03:03 PM

PlayStation or anything similar to such running through your router/modem?  An earlier thread revealed a different thread starter was doing something that consumed lots of bandwidth and searched through lots and lots of databases of some sort.


Edited by RolandJS, 09 May 2016 - 03:03 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)

"I heard Spock finally got colander!"  "I believe the word is Kolinahr."  "Oh."


#6 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 09 May 2016 - 03:18 PM

Yes our xbox is connected. It has been connected long before the problem started.



#7 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 10 May 2016 - 08:44 AM

Hi

Are you still having problems?

If you are, could you take screenshot of error message you are receiving.

Member of the Bleeping Computer A.I.I. early response team!


#8 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 10 May 2016 - 09:13 AM

It will not allow me to attach a jpeg.



#9 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 10 May 2016 - 09:32 AM

Also will not allow me to copy paste. It says you are not allowed to use that file extension on this site.



#10 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 10 May 2016 - 09:50 AM

Hi

 

You can use Imagebin and send link here.


Member of the Bleeping Computer A.I.I. early response team!


#11 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 10 May 2016 - 10:27 AM

http://rbl.efnetrbl.org/?i=74.113.170.66&recaptcha_challenge_field=03AHJ_Vuv82D9rfRtTLrKjKncpCsPVrB8YS3AxYFMval8ppMgEDpf057v9Y59mLKXJYNOEqmpQUVxOmYRVv4A6Rk5DlA9IXMEI-kwnI2wOL7878RCk3Z59ylvUUH0owG3wI7_CiCifwyKZMdly7iemxvQIR-YxmOD12ept0mTlsJ25vYJ2v51cc6Nre5CrfdA7O7NK8yfLD6W4&recaptcha_response_field=3116



#12 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 10 May 2016 - 11:19 AM

This is on EFnet RBL

74.113.170.66 was found in the database with a create date of Thursday 07th of April 2016 12:49:07 PM, last updated Thursday 05th of May 2016 01:57:08 PM
This host was found to be an open proxy by the bot on choPOPM!bopm@proactive.bopm
OPEN PROXY -> open-4126!~proxy@74.113.170.66 74.113.170.66:8080 (HTTP) [scan]
You may request removal here

 

CBL

IP Address 74.113.170.66 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.

It was last detected at 2016-05-06 02:00 GMT (+/- 30 minutes), approximately 4 days, 12 hours ago.

This IP has been observed scanning web sites for vulnerabilities, and as such it is almost certainly being used by botnet operators to inject malicious code into web servers.

Given what these IPs are doing, we will not permit self-removal of these IP addresses, and you will have to convince us that you are not responsible for this activity and are taking steps to stop it.

In some cases it's proven to be a Mikrotik router's open proxy being left turned on. If you are using Mikrotik routers, be sure that the open proxy is turned off.

If you think that we should delist it, contact us via this link to explain to us what you've done to prevent it. We will not remove listings unless you explain how you fixed it.

 

I'm also on XBL but there is not an error code like these that I have found yet.

 

Drone BL

 

2645746 May-05-2016 01:20:34 GMT 3 infected with a spambot or other associated drone: run antivirus software on your machine. used by irc spam bot request removal 2595647 Apr-18-2016 11:57:56 GMT 9 host is running an insecure HTTP proxy server. open http proxy

listing not active

 

 

I am currently able to search on Google and Yahoo, but every site nearly asks for a captcha or I'm not a robot questions.



#13 RolandJS

RolandJS

  • Members
  • 4,477 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:02:54 PM

Posted 10 May 2016 - 11:41 AM

"...This IP has been observed scanning web sites for vulnerabilities, and as such it is almost certainly being used by botnet operators to inject malicious code into web servers.  Given what these IPs are doing, we will not permit self-removal of these IP addresses, and you will have to convince us that you are not responsible for this activity and are taking steps to stop it.  In some cases it's proven to be a Mikrotik router's open proxy being left turned on. If you are using Mikrotik routers, be sure that the open proxy is turned off..."

There you have it; this is very similar to an earlier thread.  As I suspected, it is now thread starter's move.

Revisiting a long ago Charter House commercial:  It may be not be your fault, but, it is your problem.


Edited by RolandJS, 10 May 2016 - 11:41 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)

"I heard Spock finally got colander!"  "I believe the word is Kolinahr."  "Oh."


#14 helpsickcomputer

helpsickcomputer
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 10 May 2016 - 12:12 PM

I'm sorry, RolandJS, I'm not sure how "There you have it; this is very similar to an earlier thread. As I suspected, its now thread starter's move. Revisiting a long ago Charter House commercial: It may be not be your fault, but, it is your problem." is helpful to me?



#15 Slurppa

Slurppa

  • Malware Study Hall Senior
  • 564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:54 PM

Posted 10 May 2016 - 01:30 PM

Hi

 

You appear to be using wireless connection. Are there other users also connected to your wlan or is it public?  As it appears your current public IP is banned I suggest that you check all computers connected to it for malware/suspicious programs. Your IP appears to be in Open Proxy list which is why some sites block it. Your port 8080 appears to be open, does your computer have any service that use that port and have you forwarded it to some machine?  What is your routers model?


Member of the Bleeping Computer A.I.I. early response team!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users