Jump to content

Malwarebytes blocking several ip


bunyamin
 Share

Recommended Posts

Hi,

Malwarebytes is blocking several ip continually. I did complete scan with both ESED NOD 32 and Malwarebytes but nothing came out. Also i can not use Google Chrome and Internet Explorer 32-bit. Programs are starting but can not starts completely. It is like something blocking them to connect and loading goes and goes. If I could not explain it i can add a screen capture of it.

Sorry for my English. Thanks fot the help...

DDS (Ver_10-12-12.02) - NTFS_AMD64

Run by BENNY at 15:45:58,29 on 13.02.2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Enterprise 6.1.7600.0.1254.90.1033.18.3839.2590 [GMT 2:00]

AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe

C:\Users\BENNY\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\BENNY\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\BENNY\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

mRun: [<NO NAME>]

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Microsoft Excel'e &Ver - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: {3AD07A1D-E3DC-44F6-BF2E-EC057A930637} = 8.8.8.8,8.8.4.4

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

AppInit_DLLs: acaptuser32.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

mRun-x64: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"

mRun-x64: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

mRun-x64: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

AppInit_DLLs-X64: acaptuser64.dll

============= SERVICES / DRIVERS ===============

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-27 203776]

R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-5-14 731840]

R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-5-14 121152]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-2-13 363344]

R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-27 8012288]

R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-27 287232]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-2-13 24152]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-1-22 77824]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-1-22 180224]

R3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;C:\Windows\System32\drivers\Rtenic64.sys [2010-7-6 280344]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

=============== Created Last 30 ================

2011-02-13 04:52:38 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

2011-02-13 04:26:47 -------- d-----w- C:\Users\BENNY\AppData\Roaming\Malwarebytes

2011-02-13 04:26:42 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-02-13 04:26:42 -------- d-----w- C:\PROGRA~3\Malwarebytes

2011-02-13 04:26:39 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-02-13 04:26:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-02-13 03:25:00 -------- d-----w- C:\Users\BENNY\AppData\Roaming\Outertech

2011-02-13 03:24:42 -------- d-----w- C:\Program Files (x86)\GetDiz

2011-02-12 22:16:03 -------- d-----w- C:\Program Files (x86)\StarCraft II

2011-02-12 22:16:03 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2011-02-12 22:16:03 -------- d-----w- C:\PROGRA~3\Blizzard Entertainment

2011-02-12 13:05:27 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared

2011-02-12 13:05:12 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll

2011-02-12 13:01:36 -------- d-----w- C:\Users\BENNY\AppData\Local\ESET

2011-02-12 12:54:37 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2011-02-12 12:54:14 -------- d-----w- C:\Users\BENNY\AppData\Local\Microsoft Help

2011-02-12 12:15:41 -------- d-----w- C:\Program Files (x86)\Defcon

2011-02-12 10:57:52 -------- d-----w- C:\PROGRA~3\regid.1986-12.com.adobe

2011-02-12 10:45:36 -------- d-----w- C:\Users\BENNY\AppData\Local\Adobe

2011-02-12 10:38:02 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite

2011-02-12 03:39:54 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab

2011-02-12 03:36:45 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-02-12 03:36:13 -------- d-----w- C:\Program Files (x86)\JDownloader

2011-02-12 03:11:43 -------- d-----w- C:\Users\BENNY\AppData\Local\{49D6A37B-3D8C-432C-8572-1EE389C467C3}

2011-02-12 03:11:30 -------- d-----w- C:\Users\BENNY\Tracing

2011-02-12 02:40:33 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\37d6f6dc1cbca5e07\Silverlight.4.0.exe

2011-02-12 02:38:22 -------- d-----r- C:\Program Files (x86)\Skype

2011-02-12 02:35:38 -------- d-----w- C:\Users\BENNY\AppData\Local\Windows Live

2011-02-12 02:35:37 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2011-02-11 20:44:26 513080 ----a-w- C:\Windows\System32\drivers\sptd.sys

2011-02-11 20:43:52 -------- d-----w- C:\Users\BENNY\AppData\Roaming\DAEMON Tools Lite

2011-02-11 20:43:51 -------- d-----w- C:\PROGRA~3\DAEMON Tools Lite

2011-02-11 19:39:55 -------- d-----w- C:\Program Files\ESET

2011-02-11 19:36:52 -------- d-----w- C:\Program Files\Microsoft IntelliPoint

2011-02-11 19:35:25 -------- d-----w- C:\Program Files\Microsoft IntelliType Pro

2011-02-11 19:35:17 -------- d-----w- C:\Windows\PCHEALTH

2011-02-11 18:56:33 92672 ----a-w- C:\Windows\System32\ff_vfw.dll

2011-02-11 18:56:33 191488 ----a-w- C:\Windows\System32\unrar.dll

2011-02-11 18:56:32 -------- d-----w- C:\Program Files\KLCP64

2011-02-11 18:51:52 -------- d-----w- C:\Program Files\Media Player Classic - Home Cinema

2011-02-11 18:50:02 -------- d-----w- C:\Program Files (x86)\uTorrent

2011-02-11 18:46:30 -------- d-----w- C:\Users\BENNY\AppData\Roaming\uTorrent

2011-02-11 17:32:25 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{E193B5E0-DE8B-4E28-A582-CA34A57A701C}\mpengine.dll

2011-02-11 17:30:59 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2011-02-11 17:19:48 0 ----a-w- C:\Windows\ativpsrm.bin

2011-02-11 17:16:23 -------- d-----w- C:\Users\BENNY\AppData\Local\Google

2011-02-11 17:11:21 -------- d-----w- C:\Program Files (x86)\NEC Electronics

2011-02-11 17:10:59 -------- d-----w- C:\Users\BENNY\AppData\Local\Downloaded Installations

==================== Find3M ====================

2011-02-02 15:11:20 270720 ------w- C:\Windows\System32\MpSigStub.exe

2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll

2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll

2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll

2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll

2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll

2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll

2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys

2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll

2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll

2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll

2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll

2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll

2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll

2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll

2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll

2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll

2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll

2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll

2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll

2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll

2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll

2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll

2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll

2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll

2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll

2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll

2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec

2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-12-02 03:35:18 4280320 ----a-w- C:\Windows\SysWow64\GPhotos.scr

============= FINISH: 15:46:55,16 ===============

06:30:08 BENNY MESSAGE Protection started successfully

06:30:12 BENNY MESSAGE IP Protection started successfully

06:32:20 BENNY IP-BLOCK 193.27.232.75 (Type: outgoing, Port: 49687, Process: svchost.exe)

06:33:57 BENNY IP-BLOCK 91.200.240.30 (Type: outgoing, Port: 49691, Process: iexplore.exe)

06:33:57 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49692, Process: iexplore.exe)

06:33:57 BENNY IP-BLOCK 194.60.205.234 (Type: outgoing, Port: 49693, Process: iexplore.exe)

06:33:57 BENNY IP-BLOCK 91.200.240.29 (Type: outgoing, Port: 49694, Process: iexplore.exe)

06:33:57 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49695, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 91.200.240.30 (Type: outgoing, Port: 49716, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49717, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 194.60.205.234 (Type: outgoing, Port: 49718, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 91.200.240.29 (Type: outgoing, Port: 49719, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 194.60.205.232 (Type: outgoing, Port: 49724, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49728, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 194.60.205.234 (Type: outgoing, Port: 49732, Process: iexplore.exe)

06:34:05 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49734, Process: iexplore.exe)

06:34:13 BENNY IP-BLOCK 194.60.205.232 (Type: outgoing, Port: 49738, Process: iexplore.exe)

06:34:13 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49739, Process: iexplore.exe)

06:34:13 BENNY IP-BLOCK 194.60.205.234 (Type: outgoing, Port: 49740, Process: iexplore.exe)

06:39:59 BENNY IP-BLOCK 91.200.240.30 (Type: outgoing, Port: 49837, Process: iexplore.exe)

06:39:59 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49838, Process: iexplore.exe)

06:39:59 BENNY IP-BLOCK 194.60.205.234 (Type: outgoing, Port: 49839, Process: iexplore.exe)

06:39:59 BENNY IP-BLOCK 91.200.240.29 (Type: outgoing, Port: 49840, Process: iexplore.exe)

06:39:59 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49841, Process: iexplore.exe)

06:40:07 BENNY IP-BLOCK 194.60.205.232 (Type: outgoing, Port: 49842, Process: iexplore.exe)

06:40:07 BENNY IP-BLOCK 194.60.205.233 (Type: outgoing, Port: 49843, Process: iexplore.exe)

06:40:07 BENNY IP-BLOCK 194.60.205.234 (Type: outgoing, Port: 49844, Process: iexplore.exe)

06:42:08 BENNY IP-BLOCK 91.188.44.219 (Type: outgoing, Port: 49471, Process: utorrent.exe)

14:35:30 BENNY MESSAGE Protection started successfully

14:35:34 BENNY MESSAGE IP Protection started successfully

14:36:17 BENNY ERROR Scheduled update failed: WinHttpSendRequest failed with error code 12007

15:18:05 BENNY IP-BLOCK 193.27.232.75 (Type: outgoing, Port: 49287, Process: svchost.exe)

15:40:01 BENNY MESSAGE Protection started successfully

15:40:05 BENNY MESSAGE IP Protection started successfully

15:56:48 BENNY IP-BLOCK 94.75.253.181 (Type: outgoing, Port: 49326, Process: iexplore.exe)

16:04:25 BENNY IP-BLOCK 94.75.253.181 (Type: outgoing, Port: 49403, Process: iexplore.exe)

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Veritaban? s

Attach.zip

Link to post
Share on other sites

:lol:

Can't say I've ever seen this one.

TCP: {3AD07A1D-E3DC-44F6-BF2E-EC057A930637} = 8.8.8.8,8.8.4.4

Please don't attach the scans / logs, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

Internet Explorer (Windows)

1. Click "Tools", then click "Internet Options". This will bring up the Internet Options window.

2. Click the "Connections" tab, then click the "LAN Settings" button.

3. Uncheck the box labeled "Use a proxy server for your LAN". Click "OK", and click "OK" in the previous window. This will remove the proxy server settings in Internet Explorer.

Firefox (Windows)

1. Click "Tools", then click "Options" to bring up the Options window.

2. Click the "Advanced" button, then click the "Network" tab.

3. Click the "Settings" button, located next to "Configure how Firefox connects to the Internet".

4. Click the radio button labeled "No proxy". Click "OK" twice. This will remove the proxy server settings in Firefox.

Disable Internet Explorer Proxy Settings and Reset TCP/IP and Winsock

Disable Internet Explorer Proxy Settings and Reset TCP/IP

It is very important that these steps be carried out exactly as shown otherwise the fix will not work.

If you have any questions please ask before moving on.

  • Please start Notepad and using your mouse make sure you select and copy all the information below in the Code box into your new document.
  • Then save the file as "fixme.bat" to your Desktop
  • In the drop down box for Save as type: make sure you select All Files (*.*) and keep the quotes on the name as well. Then close the new file.
    @ECHO OFF
    reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /f
    reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyOverride /f
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v GlobalUserOffline /t REG_DWORD /d 0 /f
    netsh int ip reset resetlog.txt
    netsh winsock reset catalog


  • On Windows XP you can double-click the file to run it.
  • On Vista/Win7 you need to Right click the file and choose Run as administrator to run it. With User Account Control on it should ask permission to run it. Click Yes
  • This will flash a black DOS box very quickly and go away, this is normal.
  • Restart your computer now.
  • Launch Internet Explorer and see if you can connect to the Internet.
  • Launch MBAM and check for Updates

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.