king kaos

MBAM BLOCKS FIREFOX

5 posts in this topic

just started yesterday:

heres the log:

00:44:08 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12583, Process: firefox.exe)

00:44:10 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 12584, Process: firefox.exe)

00:44:18 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 12585, Process: firefox.exe)

00:44:18 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 12586, Process: firefox.exe)

01:15:18 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 12633, Process: firefox.exe)

01:16:31 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 12644, Process: firefox.exe)

01:19:24 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12651, Process: firefox.exe)

01:19:49 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12655, Process: firefox.exe)

01:19:58 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12662, Process: firefox.exe)

01:20:06 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12671, Process: firefox.exe)

01:20:06 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12688, Process: firefox.exe)

01:20:14 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12694, Process: firefox.exe)

01:20:14 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12712, Process: firefox.exe)

01:21:43 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12723, Process: firefox.exe)

01:21:51 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12730, Process: firefox.exe)

01:23:36 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12740, Process: firefox.exe)

01:24:01 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12746, Process: firefox.exe)

01:24:01 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12752, Process: firefox.exe)

01:24:01 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12755, Process: firefox.exe)

01:24:01 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12757, Process: firefox.exe)

01:24:01 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12760, Process: firefox.exe)

01:24:01 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12763, Process: firefox.exe)

01:24:09 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12768, Process: firefox.exe)

01:24:09 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12781, Process: firefox.exe)

01:24:26 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12800, Process: firefox.exe)

01:24:34 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12806, Process: firefox.exe)

01:24:34 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 12812, Process: firefox.exe)

01:29:25 A Plus MESSAGE IP Protection stopped

01:29:39 A Plus MESSAGE Database updated successfully

01:29:41 A Plus MESSAGE IP Protection started successfully

02:07:00 A Plus MESSAGE Protection started successfully

02:07:05 A Plus MESSAGE IP Protection started successfully

02:08:11 A Plus IP-BLOCK 94.228.209.143 (Type: outgoing, Port: 1182, Process: firefox.exe)

02:09:01 A Plus IP-BLOCK 94.228.209.143 (Type: outgoing, Port: 1197, Process: firefox.exe)

02:10:46 A Plus IP-BLOCK 94.228.209.143 (Type: outgoing, Port: 1220, Process: firefox.exe)

02:11:02 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1225, Process: firefox.exe)

02:12:15 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1264, Process: firefox.exe)

02:12:47 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1268, Process: firefox.exe)

02:46:36 A Plus MESSAGE Protection started successfully

02:46:41 A Plus MESSAGE IP Protection started successfully

02:48:24 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1052, Process: firefox.exe)

02:48:33 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1068, Process: firefox.exe)

02:48:58 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1077, Process: firefox.exe)

02:48:58 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1083, Process: firefox.exe)

02:49:30 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1099, Process: firefox.exe)

02:49:39 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1104, Process: firefox.exe)

02:51:48 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1131, Process: firefox.exe)

02:52:28 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1149, Process: firefox.exe)

02:52:28 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1155, Process: firefox.exe)

02:52:36 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1159, Process: firefox.exe)

02:52:52 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1161, Process: firefox.exe)

02:53:08 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1166, Process: firefox.exe)

02:53:49 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1169, Process: firefox.exe)

02:53:49 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1175, Process: firefox.exe)

02:53:57 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1184, Process: firefox.exe)

02:54:05 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1185, Process: firefox.exe)

02:54:37 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1190, Process: firefox.exe)

02:54:46 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1191, Process: firefox.exe)

02:55:36 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1195, Process: firefox.exe)

02:55:37 A Plus IP-BLOCK 94.228.216.14 (Type: outgoing, Port: 1196, Process: firefox.exe)

02:56:01 A Plus IP-BLOCK 94.228.216.14 (Type: outgoing, Port: 1197, Process: firefox.exe)

02:56:09 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1198, Process: firefox.exe)

02:56:09 A Plus IP-BLOCK 94.228.216.14 (Type: outgoing, Port: 1199, Process: firefox.exe)

02:56:09 A Plus IP-BLOCK 94.228.216.14 (Type: outgoing, Port: 1200, Process: firefox.exe)

02:57:15 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1211, Process: firefox.exe)

02:57:24 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1228, Process: firefox.exe)

02:57:32 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1236, Process: firefox.exe)

02:57:32 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1241, Process: firefox.exe)

02:57:40 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1247, Process: firefox.exe)

02:57:56 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1251, Process: firefox.exe)

02:58:04 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1253, Process: firefox.exe)

02:58:44 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1255, Process: firefox.exe)

02:58:44 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1260, Process: firefox.exe)

02:59:09 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1266, Process: firefox.exe)

02:59:17 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1273, Process: firefox.exe)

02:59:25 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1288, Process: firefox.exe)

when i open up firefox, MBAM blocks these IP's. every website i go to it blocks these IP's. but its only when i use Firefox.

i have ESET Nod32 smart security and it says im clean.

hijack this reports nothing unusual.

and MBAM only happens on my windows 7 laptop - but on my windows vista desktop its fine, no IP blocking.

any help is very much appreciated! :)

NOTE: i have NOSCRIPT plugin installed on firefox, MBAM still blocks these IP's (eve in firefox safemode).

look these IP's up and these are blacklisted for spam. i have just installed trendmicro's RUBOTTED and i says im not infected with any botnets.

Share this post


Link to post
Share on other sites

i am currently running GMER to view hidden rootkits and processes. hopefully i dont have a nasty rootkit. but any help on this subject?

MBAM is blocking these IP'S like crazy lol

03:06:00 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1321, Process: firefox.exe)

03:06:08 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1329, Process: firefox.exe)

03:06:16 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1331, Process: firefox.exe)

03:06:40 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1333, Process: firefox.exe)

03:09:33 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1401, Process: firefox.exe)

03:09:41 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1405, Process: firefox.exe)

03:10:06 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1422, Process: firefox.exe)

03:10:06 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1436, Process: firefox.exe)

03:10:47 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1438, Process: firefox.exe)

03:13:57 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1458, Process: firefox.exe)

03:13:57 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1460, Process: firefox.exe)

03:14:14 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1466, Process: firefox.exe)

03:15:43 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1472, Process: firefox.exe)

03:15:51 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1479, Process: firefox.exe)

03:15:59 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1480, Process: firefox.exe)

03:16:48 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1481, Process: firefox.exe)

03:17:12 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1484, Process: firefox.exe)

03:18:09 A Plus IP-BLOCK 94.228.209.142 (Type: outgoing, Port: 1493, Process: firefox.exe)

03:18:17 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1496, Process: firefox.exe)

03:18:26 A Plus IP-BLOCK 98.126.135.12 (Type: outgoing, Port: 1502, Process: firefox.exe)

03:18:26 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1503, Process: firefox.exe)

03:19:14 A Plus IP-BLOCK 98.126.135.12 (Type: outgoing, Port: 1505, Process: firefox.exe)

03:19:22 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1506, Process: firefox.exe)

03:19:31 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1512, Process: firefox.exe)

03:19:47 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1513, Process: firefox.exe)

03:19:55 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1519, Process: firefox.exe)

03:20:28 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1525, Process: firefox.exe)

03:21:33 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1538, Process: firefox.exe)

03:23:59 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1544, Process: firefox.exe)

03:24:07 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1546, Process: firefox.exe)

03:24:40 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1548, Process: firefox.exe)

03:24:56 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1550, Process: firefox.exe)

03:25:04 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1553, Process: firefox.exe)

03:25:04 A Plus IP-BLOCK 212.117.174.97 (Type: outgoing, Port: 1554, Process: firefox.exe)

Share this post


Link to post
Share on other sites

since i see this post has been moved to malware removal, and no help has been replied. ill take my chances on finding this hidden malware :\

Share this post


Link to post
Share on other sites

Hi,

Please download DDS and save it to your desktop.

  • Disable any script blocking protection.
  • Double click dds.com to run the tool..
  • When done, DDS will open two logs (DDS.txt and Attach.txt).
  • Save both reports to your desktop.

Please include the contents of DDS.txt in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please download Rootkit Unhooker and save it to your Desktop

  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth Code and uncheck the rest
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop

Copy the entire contents of the report and paste it in a reply here.

Note - you may get this warning it is ok, just ignore: "Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.