[Constant IP blocks since installed paid MWB]

Hello sigma! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware.

====================================

Thank you, Maniac! One question: Is it ok to do this over several days? Life is kind of complicated right now--physical therapy, etc., and I may not be able to keep up with it every day. I perhaps should have waited til the weekend but those messages are getting a bit much! I will go check out the instructions at the bottom and go from there! Thanks!

======================================

Before we begin, please note the following:

• The process of cleaning your system may take some time, so please be patient.
  
• Follow my instructions step by step if there is a problem somewhere, stop and tell me I then I'll tell you what to do.
  
• Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  
• Instructions that I give are for your system only!
  
• If you don't know or can't understand something please ask.
  
• Do not install or uninstall any software or hardware, while work on.
  
• Keep me informed of any changes.
  

Follow these inistructions:

http://forums.malwarebytes.org/index.php?showtopic=9573

Post all logs if you can.

[Constant IP blocks since installed paid MWB]

From reading, I guess I'm not alone! At first it was only occasionally but now it's pretty constant. Often the same DNS #. Below is the Protection Log from today: What the heck are these? One guy said most of his were from China....how do you tell that? Others were advised to use Combofix and HiJackThis....I'm clueless as to what and where these are; also DDS?? And was this going on before I got paid MWB (never got the notices with free MWB) and what were they doing then when/if nothing was blocking them? Thanks for your help!

00:02:11 Polly IP-BLOCK 221.192.199.46

00:06:23 Polly IP-BLOCK 221.192.199.48

00:20:30 Polly IP-BLOCK 221.192.199.46

00:32:32 Polly IP-BLOCK 221.192.199.48

00:34:59 Polly IP-BLOCK 221.192.199.48

00:38:39 Polly IP-BLOCK 221.192.199.46

00:42:11 Polly IP-BLOCK 221.192.199.48

00:44:36 Polly IP-BLOCK 221.192.199.48

00:46:56 Polly IP-BLOCK 221.192.199.48

00:47:47 Polly IP-BLOCK 221.192.199.46

00:50:52 Polly IP-BLOCK 221.192.199.46

00:51:44 Polly IP-BLOCK 221.192.199.48

00:53:51 Polly IP-BLOCK 221.192.199.46

00:56:31 Polly IP-BLOCK 221.192.199.48

00:58:52 Polly IP-BLOCK 221.192.199.48

00:59:43 Polly IP-BLOCK 221.192.199.35

00:59:43 Polly IP-BLOCK 221.192.199.35

00:59:44 Polly IP-BLOCK 221.192.199.35

01:03:34 Polly IP-BLOCK 221.192.199.48

01:05:55 Polly IP-BLOCK 221.192.199.48

01:06:21 Polly IP-BLOCK 218.8.245.123

01:13:01 Polly IP-BLOCK 221.192.199.48

01:17:44 Polly IP-BLOCK 221.192.199.48

01:22:26 Polly IP-BLOCK 221.192.199.48

01:29:34 Polly IP-BLOCK 221.192.199.48

01:36:26 Polly IP-BLOCK 221.192.199.46

01:38:59 Polly IP-BLOCK 221.192.199.48

01:41:24 Polly IP-BLOCK 221.192.199.48

01:50:58 Polly IP-BLOCK 221.192.199.48

01:57:38 Polly IP-BLOCK 221.192.199.46

02:00:22 Polly IP-BLOCK 221.192.199.48

02:02:46 Polly IP-BLOCK 221.192.199.48

02:07:28 Polly IP-BLOCK 221.192.199.48

02:12:10 Polly IP-BLOCK 221.192.199.48

13:53:19 (null) MESSAGE Protection started successfully

13:53:26 Polly MESSAGE IP Protection started successfully

13:58:07 Polly IP-BLOCK 221.192.199.48

14:00:20 Polly MESSAGE Scheduled update executed successfully

14:00:20 Polly MESSAGE IP Protection stopped

14:00:30 Polly MESSAGE Database updated successfully

14:00:33 Polly MESSAGE IP Protection started successfully

14:02:53 Polly IP-BLOCK 221.192.199.48

14:07:35 Polly IP-BLOCK 221.192.199.46

14:07:39 Polly IP-BLOCK 221.192.199.48

14:12:26 Polly IP-BLOCK 221.192.199.48

14:21:59 Polly IP-BLOCK 221.192.199.48

14:31:32 Polly IP-BLOCK 221.192.199.48

14:36:00 Polly IP-BLOCK 218.8.245.123

14:36:13 Polly IP-BLOCK 221.192.199.48

14:38:34 Polly IP-BLOCK 221.192.199.48

14:43:22 Polly IP-BLOCK 221.192.199.48

14:45:47 Polly IP-BLOCK 221.192.199.48

14:47:12 Polly IP-BLOCK 221.192.199.46

14:48:12 Polly IP-BLOCK 221.192.199.48

14:50:16 Polly IP-BLOCK 221.192.199.46

14:50:35 Polly IP-BLOCK 221.192.199.48

15:00:04 Polly IP-BLOCK 221.192.199.48

15:02:27 Polly IP-BLOCK 221.192.199.46

15:04:52 Polly IP-BLOCK 221.192.199.48

15:05:35 Polly IP-BLOCK 221.192.199.46

15:07:18 Polly IP-BLOCK 221.192.199.48

15:08:39 Polly IP-BLOCK 221.192.199.46

15:11:56 Polly IP-BLOCK 61.147.120.164

15:12:07 Polly IP-BLOCK 221.192.199.48

15:16:55 Polly IP-BLOCK 221.192.199.48

15:23:52 Polly IP-BLOCK 221.192.199.46

15:24:05 Polly IP-BLOCK 221.192.199.48

15:29:59 Polly IP-BLOCK 221.192.199.46

15:33:02 Polly IP-BLOCK 221.192.199.46

15:36:02 Polly IP-BLOCK 221.192.199.48

15:40:46 Polly IP-BLOCK 221.192.199.48

15:43:11 Polly IP-BLOCK 221.192.199.48

15:45:15 Polly IP-BLOCK 221.192.199.46

15:47:54 Polly IP-BLOCK 221.192.199.48

15:51:25 Polly IP-BLOCK 221.192.199.46

15:52:39 Polly IP-BLOCK 221.192.199.48

15:57:28 Polly IP-BLOCK 221.192.199.48

15:57:36 Polly IP-BLOCK 221.192.199.46

16:02:17 Polly IP-BLOCK 221.192.199.48

16:09:22 Polly IP-BLOCK 221.192.199.48

16:09:50 Polly IP-BLOCK 221.192.199.46

16:18:58 Polly IP-BLOCK 221.192.199.46

16:22:04 Polly IP-BLOCK 221.192.199.46

16:23:38 Polly IP-BLOCK 221.192.199.48

16:26:01 Polly IP-BLOCK 221.192.199.48

16:33:11 Polly IP-BLOCK 221.192.199.48

16:34:21 Polly IP-BLOCK 221.192.199.46

16:35:33 Polly IP-BLOCK 221.192.199.48

16:40:33 Polly IP-BLOCK 221.192.199.49

16:40:33 Polly IP-BLOCK 221.192.199.49

16:45:06 Polly IP-BLOCK 221.192.199.48

16:46:37 Polly IP-BLOCK 221.192.199.46

16:52:14 Polly IP-BLOCK 221.192.199.48

17:00:19 Polly MESSAGE Scheduled update executed successfully

17:00:19 Polly MESSAGE IP Protection stopped

17:00:30 Polly MESSAGE Database updated successfully

17:00:34 Polly MESSAGE IP Protection started successfully

17:04:12 Polly IP-BLOCK 221.192.199.48

17:09:04 Polly IP-BLOCK 221.192.199.48

17:11:26 Polly IP-BLOCK 221.192.199.48

17:18:40 Polly IP-BLOCK 221.192.199.48

17:23:15 Polly IP-BLOCK 221.192.199.46

17:26:18 Polly IP-BLOCK 221.192.199.46

17:28:21 Polly IP-BLOCK 221.192.199.48

17:44:29 Polly IP-BLOCK 221.192.199.46

17:45:08 Polly IP-BLOCK 221.192.199.48

17:47:35 Polly IP-BLOCK 221.192.199.46

17:49:54 Polly IP-BLOCK 221.192.199.48

17:52:17 Polly IP-BLOCK 221.192.199.48

17:59:47 Polly IP-BLOCK 221.192.199.46

18:01:44 Polly IP-BLOCK 221.192.199.48

18:02:47 Polly IP-BLOCK 221.192.199.46

18:05:48 Polly IP-BLOCK 221.192.199.46

18:06:32 Polly IP-BLOCK 221.192.199.48

18:11:49 Polly IP-BLOCK 221.192.199.46

18:16:03 Polly IP-BLOCK 221.192.199.48

Below is the Quick Scan log from yesterday-haven't done it yet today. BTW IE is listed--I never use it. Use FF 3.6.3.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4192

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/12/2010 11:30:01 PM

mbam-log-2010-06-12 (23-30-01).txt

Scan type: Quick scan

Objects scanned: 136829

Time elapsed: 14 minute(s), 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)