Jump to content
Sign in to follow this  
captarheel

MBAM frequently blocking outbound access to malicious site 208.73.210.29

Recommended Posts

McAfee just popped up a notification saying it had detected and removed a trojan:

Artemis!48580F5E2A72

Share this post


Link to post
Share on other sites

OK, please do this:

  • Please download Random's System Information Tool by random/random from here and save it to your desktop.

Make sure that RSIT.exe is on the your Desktop before running the application!

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
  • log.txt will be opened maximized.
  • info.txt will be opened minimized.

Please post them.

MrC

Share this post


Link to post
Share on other sites

That looks OK, do you know what date this started?

Did you install any new programs?

Are you using a router?

This happen only when you use FireFox?

Let me know, MrC

Share this post


Link to post
Share on other sites

I think it started on Monday the 2nd. I have not installed any new programs. I have totally uninstalled all FF components and personal data, and am using IE exclusively, but am still having the problem.

I nearly always use a wireless router -- at work and at home.

Share this post


Link to post
Share on other sites

As i think about it, I think I got a message about flash something or other wanting access to the internet and I mistakenly clicked 'allow' for something that I wasn't totally certain about. Don't know if that is relevant or not.

I don't have all of the prior MBAM logs as somewhere along the way (July 4) I uninstalled and then reinstalled and re-registered MBAM.

Share this post


Link to post
Share on other sites

How about trying one of these restore points?

RP78: 6/30/2012 8:05:49 AM - Installed Java™ 6 Update 33

RP79: 7/3/2012 11:06:18 PM - Removed Java™ 6 Update 33

RP80: 7/3/2012 11:07:15 PM - Installed Java™ 7 Update 5

RP81: 7/3/2012 11:07:59 PM - Installed JavaFX 2.1.1

Worth a try, MrC

Share this post


Link to post
Share on other sites

OK, you can undo that restore point if you want to and bring it back to what it was.

I'll get back to you with something asap, MrC

Share this post


Link to post
Share on other sites

Thanks. I'm pretty unfamiliar with restore points. Is there a reason to bring it back to where it was? Any harm in leaving it back at June 21?

Share this post


Link to post
Share on other sites

Mr. C,

My main computer has become nearly unusable for internet connections. Speed suddenly became glacial. I cannot get on the internet at all without disabling the McAfee firewall.

Have you seen this before? I can probably use a pin drive to transfer downloads to the infected computer if you have any suggestions.

Thanks.

Share this post


Link to post
Share on other sites

Using ie as you described in your last post without add-ons dramatically increased the speed. Does this give you any more clues?

Share this post


Link to post
Share on other sites

Sounds like one or more of the add-ons is causing the problem, did the alerts also stop? MrC

Share this post


Link to post
Share on other sites

the IP block alerts have not stopped. I can run IE in safe mode and although the alerts still come in, the speed is relatively normal. When running FF in safe mode, the speed is sluggish but nominally usable.

Any suggestions?

Share this post


Link to post
Share on other sites

Not right at the moment, but we can run some scans and see if they find anything.

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

http://www.eset.eu/online-scanner

Tick the box next to YES, I accept the Terms of Use.

Click Start

When asked, allow the ActiveX control to install

Click Start

Make sure that the options Remove found threats and the option Scan unwanted applications is checked

Click Advanced settings and select the following:

  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

Click Start

Wait for the scan to finish

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic

MrC

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.