close

Privacy guaranteed - Your email is not shared with anyone.

AVAST - media9s.com - Virus - help...

Discussion in 'Tech Talk' started by inthefrey, Jun 15, 2010.

  1. inthefrey

    inthefrey Moved on...

    Joined:
    Jul 3, 2009
    Messages:
    6,647
    Likes Received:
    1,693
    Location:
    Western Pennsylvania
    Okay,

    Here's what has done nothing to stop this::steamed:

    AVAST
    malwarebytes
    SpyBot
    OldTimer
    Norman Malware Cleaner

    About to try Emsisoft

    Anyone else fighting this ?

    AVAST catches it before it can "phone home" but I cannot find out what process is causing it and AVAST (forums) doesn't know either. It hits about every 30-45 minutes no matter if IE is running or not but it's using IE to try and get home with whatever it has collected. AT least Avast is stopping the communications.

    Here's what the logs look like:
    08.06.2010 03:56:00 Network Shield: blocked access to malicious site 88.80.7.152/cgi/dtiyodt.php?otc=67340145x044452x<x5x04=2x=1x [ C:\Program Files\Internet Explorer\iexplore.exe ( 856 ) ]
    08.06.2010 07:41:52 Network Shield: blocked access to malicious site media9s.com/cgi/ncmm.php?mm=67340145x044452x<x5x04=2x=1x [ C:\Program Files\Internet Explorer\iexplore.exe ( 212 ) ]
    08.06.2010 07:41:52 Network Shield: blocked access to malicious site nopagency.com/cgi/ajj.php?jjj=67340145x044452x<x5x04=2x=1x [ C:\Program Files\Internet Explorer\iexplore.exe ( 212 ) ]
    08.06.2010 07:41:53 Network Shield: blocked access to malicious site 88.80.7.152/cgi/peeuujjz.php?peukz=67340145x044452x<x5x04=2x=1x [ C:\Program Files\Internet Explorer\iexplore.exe ( 212 ) ]
    08.06.2010 15:22:22 Network Shield: blocked access to malicious site media9s.com/cgi/zen.php?tiy=67340145x044452x<x5x04=2x=1x


    Any help appreciated!
     
  2. Sgt. Schultz

    Sgt. Schultz Annoying Member

    Joined:
    May 21, 2004
    Messages:
    2,196
    Likes Received:
    8
    Location:
    West Columbia, South Carolina
    Have you run these in safe mode?
     

  3. inthefrey

    inthefrey Moved on...

    Joined:
    Jul 3, 2009
    Messages:
    6,647
    Likes Received:
    1,693
    Location:
    Western Pennsylvania
    Doh! :brickwall:I ran AVAST boot scan but not the others. I will try now.
     
  4. inthefrey

    inthefrey Moved on...

    Joined:
    Jul 3, 2009
    Messages:
    6,647
    Likes Received:
    1,693
    Location:
    Western Pennsylvania
    okay - Ran Malwarebytes in safe mode - found nothing.

    Avast is still catching it but not stopping it. Going back to the AVAST forum and see if anyone has found what it is yet.
     
  5. IndyGunFreak

    IndyGunFreak

    Joined:
    Jan 26, 2001
    Messages:
    26,589
    Likes Received:
    1,830
    Location:
    Indiana
    Did you run Avast in safe mode?

    IGF
     
  6. GIockGuy24

    GIockGuy24 Bring M&M's

    Joined:
    Jul 14, 2005
    Messages:
    4,037
    Likes Received:
    5
    Location:
    With Amber Lamps
    The Avast boot scan is pretty much like safe mode. It scans before any other programs are started.
     
  7. GIockGuy24

    GIockGuy24 Bring M&M's

    Joined:
    Jul 14, 2005
    Messages:
    4,037
    Likes Received:
    5
    Location:
    With Amber Lamps
  8. GIockGuy24

    GIockGuy24 Bring M&M's

    Joined:
    Jul 14, 2005
    Messages:
    4,037
    Likes Received:
    5
    Location:
    With Amber Lamps