Jump to content

malicious website "219.139.81.6"

xchclow

By xchclow
in Resolved Malware Removal Logs

 Share

Recommended Posts

xchclow

xchclow

Posted
Posted

Hi.

I've encountered a problem that I can't connect to Facebook, Twitter and even Youtube. I can online and load other webpages, just these few sites I couldnt load.

Sometimes, I can connect to Facebook, reply comments etc, everything works fine, but just for a couple minutes.

I've tried to install some antivirus/spyware removal in order to remove the virus. Only Malwarebytes' works.

By the way, can I remove this virus permanently?

I have this recurring popup every couple of minutes from MalwareBytes saying MalwareBytes has successfully blocked access to a potentially malicious website "219.139.81.6".

type:outgoing

port: 62274

process:svchost.exe

or

process:mdnresponder.exe

Hopefully someone can help, I couldn't connect to Facebook now.

*Looking forward of your help. :unsure:

Link to post
Share on other sites
xchclow

xchclow

Posted
  • Author
Posted

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7504

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

19/8/2011 4:52:50 PM

mbam-log-2011-08-19 (16-52-50).txt

Scan type: Full scan (C:\|D:\|F:\|)

Objects scanned: 568115

Time elapsed: 1 hour(s), 32 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\thunder (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites
xchclow

xchclow

Posted
  • Author
Posted

Avira scan report

Avira AntiVir Personal

Report file date: Friday, 19 August, 2011 16:56

Scanning for 3268970 virus strains and unwanted programs.

The program is running as an unrestricted full version.

Online services are available:

Licensee : Avira AntiVir Personal - Free Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows 7 x64

Windows version : (Service Pack 1) [6.1.7601]

Boot mode : Normally booted

Username : User

Computer name : USER-PC

Version information:

BUILD.DAT : 10.2.0.700 35934 Bytes 2011/7/21 17:12:00

AVSCAN.EXE : 10.3.0.7 484008 Bytes 2011/8/19 05:36:45

AVSCAN.DLL : 10.0.5.0 47464 Bytes 2011/8/19 05:36:45

LUKE.DLL : 10.3.0.5 45416 Bytes 2011/8/19 05:36:45

LUKERES.DLL : 10.0.0.1 12648 Bytes 2010/2/10 16:40:49

AVSCPLR.DLL : 10.3.0.7 119656 Bytes 2011/8/19 05:36:45

AVREG.DLL : 10.3.0.9 88833 Bytes 2011/8/19 05:36:45

VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009/11/6 02:05:36

VBASE001.VDF : 7.11.0.0 13342208 Bytes 2010/12/14 23:53:55

VBASE002.VDF : 7.11.3.0 1950720 Bytes 2011/2/9 23:53:56

VBASE003.VDF : 7.11.5.225 1980416 Bytes 2011/4/7 03:30:38

VBASE004.VDF : 7.11.8.178 2354176 Bytes 2011/5/31 03:30:40

VBASE005.VDF : 7.11.10.251 1788416 Bytes 2011/7/7 03:30:41

VBASE006.VDF : 7.11.13.60 6411776 Bytes 2011/8/16 05:21:30

VBASE007.VDF : 7.11.13.61 2048 Bytes 2011/8/16 05:21:30

VBASE008.VDF : 7.11.13.62 2048 Bytes 2011/8/16 05:21:30

VBASE009.VDF : 7.11.13.63 2048 Bytes 2011/8/16 05:21:30

VBASE010.VDF : 7.11.13.64 2048 Bytes 2011/8/16 05:21:31

VBASE011.VDF : 7.11.13.65 2048 Bytes 2011/8/16 05:21:31

VBASE012.VDF : 7.11.13.66 2048 Bytes 2011/8/16 05:21:31

VBASE013.VDF : 7.11.13.95 166400 Bytes 2011/8/17 05:21:35

VBASE014.VDF : 7.11.13.125 209920 Bytes 2011/8/18 05:21:40

VBASE015.VDF : 7.11.13.126 2048 Bytes 2011/8/18 05:21:40

VBASE016.VDF : 7.11.13.127 2048 Bytes 2011/8/18 05:21:40

VBASE017.VDF : 7.11.13.128 2048 Bytes 2011/8/18 05:21:41

VBASE018.VDF : 7.11.13.129 2048 Bytes 2011/8/18 05:21:41

VBASE019.VDF : 7.11.13.130 2048 Bytes 2011/8/18 05:21:41

VBASE020.VDF : 7.11.13.131 2048 Bytes 2011/8/18 05:21:41

VBASE021.VDF : 7.11.13.132 2048 Bytes 2011/8/18 05:21:42

VBASE022.VDF : 7.11.13.133 2048 Bytes 2011/8/18 05:21:42

VBASE023.VDF : 7.11.13.134 2048 Bytes 2011/8/18 05:21:42

VBASE024.VDF : 7.11.13.135 2048 Bytes 2011/8/18 05:21:42

VBASE025.VDF : 7.11.13.136 2048 Bytes 2011/8/18 05:21:43

VBASE026.VDF : 7.11.13.137 2048 Bytes 2011/8/18 05:21:43

VBASE027.VDF : 7.11.13.138 2048 Bytes 2011/8/18 05:21:43

VBASE028.VDF : 7.11.13.139 2048 Bytes 2011/8/18 05:21:43

VBASE029.VDF : 7.11.13.140 2048 Bytes 2011/8/18 05:21:44

VBASE030.VDF : 7.11.13.141 2048 Bytes 2011/8/18 05:21:44

VBASE031.VDF : 7.11.13.144 2048 Bytes 2011/8/18 05:21:44

Engineversion : 8.2.6.32

AEVDF.DLL : 8.1.2.1 106868 Bytes 2011/4/20 23:53:28

AESCRIPT.DLL : 8.1.3.74 1622393 Bytes 2011/8/19 05:22:46

AESCN.DLL : 8.1.7.2 127349 Bytes 2011/4/20 23:53:27

AESBX.DLL : 8.2.1.34 323957 Bytes 2011/7/20 03:29:54

AERDL.DLL : 8.1.9.13 639349 Bytes 2011/7/20 03:29:53

AEPACK.DLL : 8.2.9.5 676214 Bytes 2011/7/20 03:29:53

AEOFFICE.DLL : 8.1.2.13 201083 Bytes 2011/8/19 05:22:37

AEHEUR.DLL : 8.1.2.155 3617144 Bytes 2011/8/19 05:22:35

AEHELP.DLL : 8.1.17.7 254327 Bytes 2011/8/19 05:21:56

AEGEN.DLL : 8.1.5.7 401778 Bytes 2011/8/19 05:21:53

AEEMU.DLL : 8.1.3.0 393589 Bytes 2011/4/20 23:53:14

AECORE.DLL : 8.1.22.4 196983 Bytes 2011/7/20 03:29:42

AEBB.DLL : 8.1.1.0 53618 Bytes 2011/4/20 23:53:14

AVWINLL.DLL : 10.0.0.0 19304 Bytes 2011/4/20 23:53:36

AVPREF.DLL : 10.0.3.2 44904 Bytes 2011/8/19 05:36:45

AVREP.DLL : 10.0.0.10 174120 Bytes 2011/8/19 05:36:45

AVARKT.DLL : 10.0.26.1 255336 Bytes 2011/8/19 05:36:45

AVEVTLOG.DLL : 10.0.0.9 203112 Bytes 2011/8/19 05:36:45

SQLITE3.DLL : 3.6.19.0 355688 Bytes 2011/7/20 08:40:24

AVSMTP.DLL : 10.0.0.17 63848 Bytes 2011/4/20 23:53:36

NETNT.DLL : 10.0.0.0 11624 Bytes 2011/4/20 23:53:46

RCIMAGE.DLL : 10.0.0.35 2589544 Bytes 2011/8/19 05:36:45

RCTEXT.DLL : 10.0.64.0 97640 Bytes 2011/8/19 05:36:45

Configuration settings for the scan:

Jobname.............................: Local Drives

Configuration file..................: C:\program files (x86)\avira\antivir desktop\alldrives.avp

Logging.............................: Default

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:, D:, E:, F:, I:,

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: off

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: Advanced

Start of the scan: Friday, 19 August, 2011 16:56

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'QvodTerminal.exe' - '1' Module(s) have been scanned

Scan process 'QvodPlayer.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'rundll32.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'chrome.exe' - '1' Module(s) have been scanned

Scan process 'TFGui.exe' - '1' Module(s) have been scanned

Scan process 'NASvc.exe' - '1' Module(s) have been scanned

Scan process 'TFTray.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'issch.exe' - '1' Module(s) have been scanned

Scan process 'acrotray.exe' - '1' Module(s) have been scanned

Scan process 'NBAgent.exe' - '1' Module(s) have been scanned

Scan process 'nusb3mon.exe' - '1' Module(s) have been scanned

Scan process 'PPAP.exe' - '1' Module(s) have been scanned

Scan process 'PPSAP.exe' - '1' Module(s) have been scanned

Scan process 'lxczbmon.exe' - '1' Module(s) have been scanned

Scan process 'LXCZbmgr.exe' - '1' Module(s) have been scanned

Scan process 'GUI.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'TFService.exe' - '1' Module(s) have been scanned

Scan process 'nvSCPAPISvr.exe' - '1' Module(s) have been scanned

Scan process 'RichVideo.exe' - '1' Module(s) have been scanned

Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned

Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned

Scan process 'PassThruSvr.exe' - '1' Module(s) have been scanned

Scan process 'raysat_3dsmax2010_64server.exe' - '1' Module(s) have been scanned

Scan process 'mdm.exe' - '1' Module(s) have been scanned

Scan process 'GPCommonService.exe' - '1' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned

Scan process 'armsvc.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '231' files ).

Starting the file scan:

Begin scan in 'C:\'

Begin scan in 'D:\'

Begin scan in 'E:\'

Search path E:\ could not be opened!

System error [21]: The device is not ready.

Begin scan in 'F:\' <SAN10GM>

Begin scan in 'I:\'

Search path I:\ could not be opened!

System error [21]: The device is not ready.

End of the scan: Friday, 19 August, 2011 18:46

Used time: 1:49:27 Hour(s)

The scan has been done completely.

45498 Scanned directories

1506783 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

1506783 Files not concerned

10168 Archives were scanned

0 Warnings

0 Notes

Link to post
Share on other sites
  • 2 weeks later...
  • 3 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.