Infection date and initial symptoms
Random IP
Current issues and symptoms
When the IP is 195.195.x.x, ports 80 & 443 are open. Today this was the IP & on browsing got captcha page. Restarted router & IP changed & on browsing no captcha page & normal.
Steps taken in order to remove the infection
Dont know infection or not. But tried Bitdefender Free AV full scan, Comodo AV full scan, Comodo Cleaning Essentials full scan, HitmanPro & Malwarebytes full scan & no infection found.
Comodo Killswitch showed no suspicious/unknown processes.
Comodo Quick Repair showed no criticial system changes.
Comodo Autorun Analyzer showed no malware/suspicious/unknown entries.
All the above 3 are part of Comodo Cleaning Essentials.
D

Deleted member 2913

My IP usually starts with 210.x.x.x
Sometimes IP is assigned as 195.195.x.x. When this IP is assigned ports 80, 443 are open & rest closed. This happens with both direct connection (without router) & with router.
If I restart the system the usual IP is assigned 210.x.x.x & no probs.

Today when I started system IP was assigned as 195.195.x.x.
When I tried to browse, I got the captcha page.
I restarted the system & the usual IP was assigned 210.x.x.x & no probs.

Dont know why sometimes 195.195.x.x. is assigned?
As you can see above it seems dangerous as ports 80 & 443 open. And today got the captcha page.

Any info?
Is something fishy/malicious here?

Windows 7 64
 
  • Like
Reactions: LabZero
D

Deleted member 2913

Hey,
I was in a hurry & forgot to greet you.
Thanxx for the support & time.
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
PC seems clean. We will just perform some maintenance:


Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on
    icon and select
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

Attachments

D

Deleted member 2913

Hey,

The fix changed quite a few things.
My ISP DNS from adapter properties were removed so net was not working.
Changed internet explorer home page & search back to default.
Anyway I made the necessary changes.

Thanxx for the support & time.

Regards
Yesnoo