Connection Blocked But No Infection?

Hey there,

Need to pick some brains regarding a problem I'm having. Every few minutes, NOD32 flashes up a warning message in the corner, stating it's blocked an address.

Url: "mmslive.info/task.php?id=RSA0D583A8B228B30FE..."
IP Address: "91.213.174.117:80"

I performed a scan, found a couple of infected files, one listing the above address inside it. I used NOD32 to delete the files, performed another scan, which threw up nothing. However, I'm still getting the warning message every few minutes, even though NOD tells me my computer is clean. Also, the address block isn't logged by NOD, as when I checked the logs, they were empty. I've googled the address and found a trojan (http://www.sophos.com/security/analyses/viruses-and-spyware/trojagentnqs.html) which has the address listed as one it will connect to, but none of the files that are listed as the potential trojan are found on my computer, nor can I find any programmes running in the background that are unusual. Any suggestions? I'm stumped.

 

Hi, I have exactly the same problem. Also, my web browsing has become excruciatingly slow whenever I'm on a site that requires login, such as email, banking, etc. Especially the latter makes me worried that this virus is trying to collect passwords and relay it via http. Any advice will be appreciated.

 

Please create a log from SysInspector, upload it to a file sharing service or ftp and PM me the link.

 

I've solved it - NOD updated today and I ran another scan - that picked up a file in my "startup" folder and deleted it - no further problems.

 

Hello

I have the exact same problem, but my NOD doesn't find anything on my system, can u tell me at least what is the name of the file u eliminated so i can search for it??

Does anyone has any other ideia to clean this up?

Ty alot be well..

 

Create a log from SysInspector which will help you or ESET personnel identify the suspicious file. If you subsequenly submit the file to ESET per the instructions here detection will be added.

 

i can't send u a pm, can i send u the Sysinspector log in any other way so u can check it?

 

hi i have the same problem i use eset smart security i update always and i have ran scan after scan trying to find this blocked address mmslive.info/task.php?id thing and eset cant find it, i have no threats yet since this kept popping up i have noticed my laptop running very slow on certain things, my internet wifi signal had dropped very low (im bemused by this) and when trying to stream videos like 4od it stops,starts,stops,starts, i also have super anti spyware pro and ccleaner to delete unwanted registries. i cant get on sysinspector as it comes up there is no server, again when i try and run an ONLINE eset scan the same notice appears and i cant get on the site. to my right there it has once again popped up while writing this thread that a website has been blocked...mmslive thing. please please help, im a novice at this kind of thing which is why i invested in heavy reputable programmes. any advice, esp why i cant get on sysinspector would be much appreciated, thanku guyz

 

can you access any other AV site? If not there might be malware on the machine blocking it. Follow steps listed
https://www.wilderssecurity.com/showpost.php?p=1533481&postcount=3

 

hi i have just done a system restore to 27 july... now its restored i was able to access sysinspector and have now downloaded it, i have been online for couple of hours now and beforehand i was getting address blocked pop up about every 15 mins, it has not popped up since so i do think it was blocking me from accessing those sites, even eset online scan, thank you for your help but i do believe a simple system restore will fix the little blighter!

 

Hello rebellfoxx!

Read this post and perform the additional scans to make sure your computer is clean and information safe

 

hey thx 3g downloading now and oh i love demonoid