Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus Change my all Passwords Same Time [$30 Gift 4 Help] [Solved


  • This topic is locked This topic is locked

#16
amicusthe

amicusthe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

are the IP's blocked by Malwarebytes always the same ?


1st 2 are same! others are different... popup coming when i reboot & when i disconnect and reconnect my net connection
  • 0

Advertisements


#17
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Click Start then type in the search box: cmd

right click cmd and run as administrator , type in the cmd window:

netstat -b > c:\stat.txt

attach the log file c:\stat.txt
  • 0

#18
amicusthe

amicusthe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Active Connections

Proto Local Address Foreign Address State PID
TCP doom3cxd:4375 dsl-pribrasgw1-fe85dd00-240.dhcp.inet.fi:24963 SYN_SENT 1808
[BitTorrent.exe]

TCP doom3cxd:4376 ip165c121.banglalionwimax.com:43865 SYN_SENT 1808
[BitTorrent.exe]

TCP doom3cxd:4377 83.137.251.250:61367 SYN_SENT 1808
[BitTorrent.exe]

TCP doom3cxd:1978 localhost:1979 ESTABLISHED 2952
[firefox.exe]

TCP doom3cxd:1979 localhost:1978 ESTABLISHED 2952
[firefox.exe]

TCP doom3cxd:4347 tb-in-f113.1e100.net:http ESTABLISHED 2952
[firefox.exe]

TCP doom3cxd:4348 203-69-138-19.HINET-IP.hinet.net:http ESTABLISHED 2952
[firefox.exe]

TCP doom3cxd:4350 tf-in-f138.1e100.net:https ESTABLISHED 2952
[firefox.exe]

TCP doom3cxd:4361 adsl-dyn-224.95-102-100.t-com.sk:12614 ESTABLISHED 1808
[BitTorrent.exe]

TCP doom3cxd:4369 cpc3-know12-2-0-cust21.know.cable.virginmedia.com:14896 ESTABLISHED 1808
[BitTorrent.exe]

TCP doom3cxd:4300 182.182.88.162:39740 LAST_ACK 1808
[BitTorrent.exe]

TCP doom3cxd:4262 203-69-138-25.HINET-IP.hinet.net:http TIME_WAIT 0
TCP doom3cxd:4266 tb-in-f113.1e100.net:http TIME_WAIT 0
TCP doom3cxd:4267 203-69-138-19.HINET-IP.hinet.net:http TIME_WAIT 0
TCP doom3cxd:4269 tb-in-f113.1e100.net:http TIME_WAIT 0
TCP doom3cxd:4343 184.173.226.176-static.reverse.softlayer.com:http TIME_WAIT 0
TCP doom3cxd:4351 203-69-138-19.HINET-IP.hinet.net:http TIME_WAIT 0
TCP doom3cxd:4352 203.190.124.25:http TIME_WAIT 0

Posted Image
Posted Image

Edited by amicusthe, 29 August 2012 - 12:55 PM.

  • 0

#19
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
stop bittorrent and tell me if you still get warnings from Malwarebytes
  • 0

#20
amicusthe

amicusthe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Stop bittorrent & didn'tget any popup yet! Thank you very much :wub:
Msg mw your pp id :)
  • 0

#21
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Congratulations your logs appear clean :thumbsup:

Reset and Re-enable your System Restore

The following will implement some cleanup procedures as well as reset System Restore points:
  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image

NEXT

  • Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
  • Click on the CleanUp button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes


Recommendations

See Here for a list of recommendations for free Antivirus\AntiSpyware applications.


  • Keep Your windows up to date by regularly checking their website at:
    http://windowsupdate.microsoft.com/

  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.

  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.


  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
    Here

    If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
    • NoScript - for blocking ads and other potential website attacks
    • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

  • Click Here to learn how to keep a backup of your important files

  • FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.


Stay safe :wave:
  • 0

#22
amicusthe

amicusthe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Thank you very much Mr. ali.B!
You save me


  • 0

#23
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#24
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
topic reopened

what popup you are getting ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP