Jump to content

Recommended Posts

Hello everyone!

 

Maybe 1 week ago I noticed that serienjunkies.org always got blocked when I wanted to enter the site - it also happened to similar homepages before (even if it's a secure one) but that's not the biggest problem here. I deactivated the block (rightclick on the icon in the tray) - after checking their FB-profile for "We've been hacked"-messages, of course - to go on their forums and activated it a few minutes later. Since then I keep getting a little popup that Malwarebytes blocked access to the IP 93.115.81.237 every now and then (maybe 1-2 per hour), even if my browser isn't open (Skype usually is, though), which is really annoying! I googled it and it looks like it's the IP of serienjunkies.org but I haven't been on the site since, so why does it keep blocking attempts to connect to it?

I've already had Malwarebytes, Norton Antivirus and Spybot scan my PC and they didn't find anything, furthermore I didn't notice anything suspicious in the Task Manager or any suspicious behavior at all. Reinstalling Malwarebytes didn't help either.

 

I'm using Win 7 (64bit), Firefox 26 with AdBlock and NoScript and all of said programs are up-to-date.

To me it looks like the message is kinda stuck. How can I stop it from popping up every hour (except adding it to the "ignore" list)?

 

Thanks in advance!

Link to post
Share on other sites

Hello and :welcome:

In order to help you better, please post back with the following logs as attachments to your next reply:

  • Checkresults.txt from mbam-check
  • A couple of protection logs, if you have them
  • DDS.txt from DDS
  • Attach.txt from DDS
-------------------------------------------------

Step 1 -- Create an mbam-check log:

Download mbam-check.exe from HERE and save it to your desktop.

Double-click on mbam-check.exe to run it, it should then open a log file.

Please attach to your next reply the CheckResults.txt file which should now be located on your desktop.

Then, if you can, please also upload your 3 most recent Protection module logs:

In Windows XP, these logs are located in:

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

In Windows Vista/7/8, these logs are located in:

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Step 2 -- Run DDS and create 2 logs:

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file

Link to post
Share on other sites

Thanks for the fast reply! Here are the logs.

 

Regarding CheckResults: I already got rid of "Trials Evolution" because it didn't work but it looks like there's still something left in the Registry. I'll delete it later.

 

I won't attach Attach.txt because it contains too much personal information to post it on public forums (you don't have to know about my HDDs, which programs are installed,...) but I looked over the list and I didn't find anything I hadn't installed myself. There are no toolbars or stuff like that installed if that's what you're looking for. DDS.txt also isn't much better. Tell me what you're looking for, then I can check myself.

CheckResults.txt

protection-log-2014-01-28.txt

protection-log-2014-01-29.txt

protection-log-2014-01-30.txt

Link to post
Share on other sites

  • Root Admin

The logs would indicate a possible infection but if you're not willing to post logs then you'll need to open a ticket with Customer Service as you're running the paid version of the program they can assist you in private.

 

http://www.malwarebytes.org/support/consumer/contact/

 

Thank you

Link to post
Share on other sites

I already looked at the list in Attach.txt and there's nothing in there except programs I installed or the usual things like printer drivers and stuff like Bonjour (iTunes). I'd pm the DDS.txt to someone (as long as it isn't posted here) but I don't want to upload it here in this thread where everyone can open it.

A family member got the program for me a few years ago (when the icon was still red) and I don't have an order number now, so I can't open a ticket.

 

Btw, what about the CheckResults.txt and the 3 logs? Did they show anything and if so, what?

 

But like I said, I don't think my PC is infected since three different programs didn't find anything and the popups are the only weird thing. I just think that Malwarebytes got somehow stuck on it but I can't know how to fix it.

Link to post
Share on other sites

Hi Neph,

 

I'm no expert so all the logs show me is was the blocked IP-adres and that a proces named firefox.exe was trying to reach out. It showed Advanced Setup that you might be infected.

 

When I looked at the customer support site I noticed that the order number may very well not be manditory. (The field doesn't have a asterix)

 

In order to expedite your ticket response time, customers of the full version will want to include their order number when possible.  This will help support staff to prioritize your ticket and to view the details of your order.

Could you try submitting your ticket without using an order number?

Another option: your family member could go to http://www.cleverbridge.com/?scope=cusecolp&id=qGL2uhseCM to request the license info and send you the ordernumber.

 

I hope this helped. If you have any questions or run into problems, please post & ask.

Link to post
Share on other sites

Firefox.exe is just my Firefox browser and according to the explorer the file hasn't been changed since the last update at the end of December. Clearing the Cache didn't work but it looks like most of the time it only happens if I activly surf in the internet. Yesterday Firefox was open with only a single tab (leo.org) while I was playing a game and there were no popups for a few hours.

Is there anything conspicuous in the CheckResults.txt?

I'll first try deleting the cookies and later reinstall Firefox but if that doesn't help I'll create a ticket (must have overlooked that, thanks).

Link to post
Share on other sites

Hi, Neph: :)

 

AdvancedSetup is our forum Root Admin, and Firefox is one of our Trusted Advisors - they are providing you with expert input.

So, in addition to the well-meaning & helpful advice provided by Durew, it would be advisable to follow the suggestions offered by all of them to have someone assist you with looking into your issue.

 

Diagnostics and any cleanup that might be needed can't be done without some basic diagnostic logs.

If you are not comfortable posting them in the forum for free help, then please do follow AdvancedSetup's advice to open a ticket at the help desk.

As Durew pointed out, the reseller, Cleverbridge, should be able to look up your order and license info.

 

The help desk will assist you one-on-one via email for free, if you are a paid user of MBAM PRO.

 

Thanks,

 

daledoc1

Link to post
Share on other sites

I know how long it usually takes the support to answer tickets (and that they usually end up giving the advice to reinstall everything, even Windows, over and over) and I want the damn thing solved rather sooner than later. Deleting the cookies didn't help, now I'll just reinstall Firefox and then I can still open a ticket.

Would it be okay to send the remaining 2 logs to AdvancedSetup or Firefox via pm? This way they would be able to help me without everyone else downloading the files.

I'll tell my relative to check out the site.

Link to post
Share on other sites

  • Staff

I know how long it usually takes the support to answer tickets (and that they usually end up giving the advice to reinstall everything, even Windows, over and over) and I want the damn thing solved rather sooner than later. Deleting the cookies didn't help, now I'll just reinstall Firefox and then I can still open a ticket.

Would it be okay to send the remaining 2 logs to AdvancedSetup or Firefox via pm? This way they would be able to help me without everyone else downloading the files.

I'll tell my relative to check out the site.

Hi Neph

 

I'm sorry but the information about support 'giving up' and advising a reformat is factually incorrect. It is in fact the exact opposite, we almost never advise users to do that, it is a last resort option and only when we've exhausted all cleaning options and repairs.

 

If you PM me your ticket in support if you have one I'll be glad to look into it.

Link to post
Share on other sites

That's the way it usually ended for me with different companies. If it's different with your support, I apologize of course.

I just opened a ticket with the title in this thread as the issue-explanation and I'm now waiting for the e-mail.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.