TechSpot

213.163.89.104/6 pop ups & win explorer restarts/hangs when right clicked

By crowbar84
May 25, 2010
  1. crowbar84

    crowbar84 TS Rookie Topic Starter

    now my IE keeps having error..n restarting..so annoying
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    The IP in the URL you left, IP 199.80.55.19, belongs to:
    OrgName: WZ Communications Inc.
    OrgID: WZCOM
    Address: 110 E.Broward blvd
    Address: Suite 1700
    City: Fort Lauderdale
    StateProv: FL

    If you want us to check the system for malware, please follow the steps HERE and leave the logs for our review.

    Please describe this :213.163.89.104/6 pop ups - what it looks like and what it says.
     
  3. crowbar84

    crowbar84 TS Rookie Topic Starter

    ive managed to remov d rootkit..
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Then you no longer need help- is that correct?
     
  5. crowbar84

    crowbar84 TS Rookie Topic Starter

    i still need help..apparently its bck,,Malwarebytes seems to be saying..it blocked intrusion from 213.163.89.106. i followed d steps and i gt kaspersky to scan it was removed...bt apparently i juz the intrusion again. pls help
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I think you still don't understand the block: IF a security program blocks a site, usually giving an Alert flash saying the site is bad, then it's a good thing. Millions of scan go on daily as normal internet traffic, looking for unprotected systems. Sometime a security program will block a site, sometime it's the firewall.

    A Rootkit doesn't get removed in 3 posts. If you want me to review the system, please follow the steps in out Preliminary Virus and Malware Removal thread HERE.

    When you have finished, please paste all of the logs in your next reply and I will review them and instruct you accordingly.
     
  7. crowbar84

    crowbar84 TS Rookie Topic Starter

    i cant upload d gmer log as its size is larger then permitted.
     

    Attached Files:

  8. crowbar84

    crowbar84 TS Rookie Topic Starter

    juz to clarify, malwarebytes, blocked the intrusion. but i did not access any sites
     
  9. crowbar84

    crowbar84 TS Rookie Topic Starter

    any help pls..
     
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Bumping threads after a few hours is frowned upon.

    The GMER log can be split if needed and included over 2 replies. Did you do this?
    Please explain clearly what problems you're having related to malware. Do you understand the difference between a security program, a firewall or a browser blocking an unsafe site?

    You are running multiple security programs that double up at least on the antrivirus programs: You should have one software firewall, one antivirus program and 2 or more antimalware programs. Please uninstall the following to get down to this, depending on the versions you have of each and what they contain:
    Avira
    Eset Smart Security
    Zone Alarm


    Please download ComboFix from Here and save to your Desktop.

    • [1]. Do NOT rename Combofix unless instructed.
      [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3].Close any open browsers.
      [4]. Double click combofix.exe & follow the prompts to run.
    • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
      [5]. If Combofix asks you to install Recovery Console, please allow it.
      [6]. If Combofix asks you to update the program, always allow.
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      [7]. A report will be generated after the scan. Please post the C:\ComboFix.txt in next reply.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when you're done with Combofix..

    Run Eset NOD32 Online AntiVirus Scanner HERE
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    Please leave these new logs in your next reply.

    Do not use any other cleaning programs or scans while I am helping you unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
     
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Due to inactivity this thread is being closed.

    If you need it reopened, please send a message to your helper.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...