cxaaaa.cn

1- hi dun know wt's is this sh*t , i am on a wireless lan , and i am usin Ad Block Plus .. It's Blocks Something called "cxaaaa . cn" in every site i visit i c this , it's un allowed from ad block plus , but alot of sites pages wont load after this happend , i was usin KIS 2009 , Now iam usin Avira Antivir Premium + Windows Firewall , Anybody know wt is that ?, am i infected ?? is there a cure ... for now and for future , plz some 1 help , tnx .
i have knew somethin maybe it will help in this , when i unplug the switch wire from router , everything works good ... is it kinda of rerouting for the router ?

2- BTW , iam using Vista x64 SP1 , I also need a help for a good security setup for Vista X64 (SandBoxie ,OA Firewall) Doesn' Work ... I use computer for playin games , watchin movies , browsing , downloading ... any idea ?

 

That URL wont resolve for me but it sounds like you are infected with something Avira missed. I would do the standard thing and do a scan with some online scanners eset/kaspersky/drweb and try download Malware Bytes/Super AntiSpyware.

 

Sounds a lot like ARP poisioning...are you on a network...like a uni campus or something?

 

nope , iam usin it @ home wiz some neighbors , i dun think it's ARP Attack , cuze after i unplug the cable for a while , some sites n pages sill not loads too , from about a year i got the same prob. but wiz a different name not cxaaa ? , is there a recommendation for a security setup for Vista X64 ?

 

Did you follow my advice?

 

elapsed , yea i have do all wt u have say , SuperAntispyware Detect 5 files , but it's still on the ad block :S any help ?

 

So I assume SAS removed those 5 files? Also, MBAM detected nothing? The online scanners detected nothing?

 

MBAM dun work @ my vista x64 , online scanner doesn't catch anything too :S , so where the problem :S , is it only rerouting for router and it doesn't affect me ?

 

You can always wipe and reinstall.

 

Hy guys, I have the same s**t in my pc,
1/22/2009 3:57:34 PM HTTP filter file [noparse]hxxp://mk.cxaaaa.cn/flash.htm[/noparse] JS/TrojanDownloader.Iframe.NBK trojan connection terminated - quarantined
but i cant get off this trojan
any new ideeas?
i reinstal win a few times, etc but nothing...

 

any experts know anything about this problem :S ?

 

It's loading scripts for that website on every website?

Try this beta online scanner.

 

yea in every website except those who workin in SSL Mode , After Searchin i've found this , maybe it will works , anyone have same prob try this : http://www.discreteguidepost.in/web-security/xss-attack-using-iframes-cxaaaacn-zaqaabcn.html