�P: 117.198.133.71
in [Windows Viruses]
|
Prev: �P: 117.198.133.71
Next: ?P: 117.198.133.71
From: David H. Lipman on 3 Mar 2010 19:09 From: "Ken A." <ken(a)nospam> | I am using XP Pro w/sp3. Using Spybot, AVG (free) and Malwarebytes (pay version). | Today when I turned on my computer I keep getting a Malwarebytes pop up in the sys tray | saying "Malwarebytes has successfully blocked access to malicious IP: 117.198.133.71" | This popup message is constant. I have made no changes to my system lately. I also | have ZoneAlarm (free) installed. Has anyone experienced this? It sounds like some kind | of malware trying to send from my computer but is being blocked by Malwarebytes. I | would appreciate any help or advice in this matter. | Thanks, | Ken A. Ken that's an IP address in India by BSNL Internet. If you are not deliberately tring to connect to that IP then there is malware that is trying to and if that is the case, we ned to ferret out WHAT is trying to connect to that IP. What fully installed anti virus application do you have installed in conjunction with MBAM ? -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: MEB on 4 Mar 2010 03:12 On 03/03/2010 07:09 PM, David H. Lipman wrote: > From: "Ken A." <ken(a)nospam> > > | I am using XP Pro w/sp3. Using Spybot, AVG (free) and Malwarebytes (pay version). > | Today when I turned on my computer I keep getting a Malwarebytes pop up in the sys tray > | saying "Malwarebytes has successfully blocked access to malicious IP: 117.198.133.71" > | This popup message is constant. I have made no changes to my system lately. I also > | have ZoneAlarm (free) installed. Has anyone experienced this? It sounds like some kind > | of malware trying to send from my computer but is being blocked by Malwarebytes. I > | would appreciate any help or advice in this matter. > > | Thanks, > | Ken A. > > Ken that's an IP address in India by BSNL Internet. > > If you are not deliberately tring to connect to that IP then there is malware that is > trying to and if that is the case, we ned to ferret out WHAT is trying to connect to that > IP. > > What fully installed anti virus application do you have installed in conjunction with MBAM > ? > I know it was an over-site, the AV is AVG {free}. I see it may be associated with ads/banners [alarm bells here]: INSERT DELAYED INTO phpads_adviews SET bannerid = '5651', zoneid = '161', host = '117.198.133.71', source = '', country = 'IN', t_stamp = '20091113224951'; ads3.cricbuzz.com/adserver/ SOURCE: Google That's a potential injection there... Honey Pot Assigned Threat Level: 17 Last Honey Pot Activity: 6 Days Ago. It is listed as suspicious and only listed for 23 days there so this may be a new threat or expanding; advertisers or related legitimate services generally don't hit honey pots [though spammers may]. -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___---
From: Ken A. on 4 Mar 2010 11:39 David Lipman, I have done a scan with AVG (free), Spybot Search & Destroy and Malwarebytes. All came up clean. Yes I did a google search on the IP address and did find that it was in India. Now here is something strange - I no longer am getting this pop up notification. When I turned on my computer this morning I did not get this Malware notification. Yesterday I rebooted three (3) times and always got the notification. Will just cross my finger and hope it was not a destruction malware. Thanks very much, Ken A. "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:OR%23No7yuKHA.3536(a)TK2MSFTNGP06.phx.gbl... > From: "Ken A." <ken(a)nospam> > > | I am using XP Pro w/sp3. Using Spybot, AVG (free) and Malwarebytes (pay > version). > | Today when I turned on my computer I keep getting a Malwarebytes pop up > in the sys tray > | saying "Malwarebytes has successfully blocked access to malicious IP: > 117.198.133.71" > | This popup message is constant. I have made no changes to my system > lately. I also > | have ZoneAlarm (free) installed. Has anyone experienced this? It sounds > like some kind > | of malware trying to send from my computer but is being blocked by > Malwarebytes. I > | would appreciate any help or advice in this matter. > > | Thanks, > | Ken A. > > Ken that's an IP address in India by BSNL Internet. > > If you are not deliberately tring to connect to that IP then there is > malware that is > trying to and if that is the case, we ned to ferret out WHAT is trying to > connect to that > IP. > > What fully installed anti virus application do you have installed in > conjunction with MBAM > ? > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
From: David H. Lipman on 4 Mar 2010 17:28 From: "Ken A." <ken(a)nospam> | David Lipman, | I have done a scan with AVG (free), Spybot Search & Destroy and | Malwarebytes. All came up clean. Yes I did a google search on the IP | address and did find that it was in India. Now here is something strange - | I no longer am getting this pop up notification. When I turned on my | computer this morning I did not get this Malware notification. Yesterday I | rebooted three (3) times and always got the notification. | Will just cross my finger and hope it was not a destruction malware. | Thanks very much, | Ken A. Ken: Keep us informed. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
Pages: 1 Prev: �P: 117.198.133.71 Next: ?P: 117.198.133.71 |