Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 378
  • Last Modified:

Google Chrome accesses an IP on startup, malwarebytes flags as malicious..

On one of my machines – Windows 7 Pro 64 bit svc pack 1. Every time Google Chrome starts malwarebytes Pro blocks access to ip 128.204.198.67 on random ports like 49497, 63718, etc. On a full scan Malwarebytes pro comes up clean. I cannot find anything that is set for an initial page to load and I've tried uninstalling and re-installing Chrome, running tdsskiler, hitman, adwcleaner and it still persists. Should I just ignore it? Thanks!
0
Alan_Gould
Asked:
Alan_Gould
2 Solutions
 
clintonpubliclibraryCommented:
Sounds like you may have a root kit.   Those programs you described are the common tools I use to remove them. I would assume the computer is compromised. You may just need to format and install a new OS from scratch.

I'm not too familiar with Chrome.  Is there a feature in Chrome that you must have?  Try Fire Fox and install ad block plus and flash block.  Chrome is like having the Eye of Soron installed on your computer.
0
 
Dave BaldwinFixer of ProblemsCommented:
128.204.198.67 belongs to "Snel Internet Services B.V. assigned to server #330".  They're located in the Netherlands.
0
 
jcimarronCommented:
Alan_Gould--
Put 128.204.198.67 into your HOSTS file.

http://www.mvps.org/winhelp2002/hosts.htm
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
Dave BaldwinFixer of ProblemsCommented:
ComboFix from Bleeping computer might fix it.  It goes deeper into your system than just about anything else.  http://www.bleepingcomputer.com/download/combofix/
0
 
Alan_GouldAuthor Commented:
Combofix came up clean.. ugh I think the hosts file is my best choice.. My guard is up for CryptoLocker
Thanks!
0
 
jcimarronCommented:
Alan_Gould--You are welcome!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now