Results 1 to 4 of 4

Thread: Help, Something is calling home.

  1. #1
    Junior Member
    Join Date
    Dec 2015
    Posts
    2

    Default Help, Something is calling home.

    Hi, first post, Malwarebytes Pro has just started "stopping" an item from sending something outbound. (XMl.clk1013.com) I did complete scans and also scanned the folder MB told me that the item lived in. Scans found no threats. I will enclose the MBs log from today for further help. The item originated in the Mozilla Firefox folder at C/Program Files (86)/Mozilla Firefox /Mozilla firefox exe. and the MB warning, shows up whenever FF starts. I looked there and also found nothing but I don't know anything. Google found the item "xml.clk1013.com" and it looks like malware/adware. Something call "UnHackMe" was recommended and it did nothing except confuse me and cause me to uninstall/reinstall FF. it also said that programs I've had and used for years were dangerous. I use a new up to date PC with Win 10 pro and FF as my browser of choice, AV is Win Defender and Malwarebytes Pro and Anti Exploit. I would appreciate any help anyone on this forum can give. Thank you, S Rubin

    Here is a Google directed site that came up for xml.clk1013.exe

    http://greatis.com/blog/search-redirecting-11/remove-xml-clk1013-com-2.htm



    see below for today's MB log:

    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Protection, 8/12/2016 5:23 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malware Protection, Starting,
    Protection, 8/12/2016 5:23 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malware Protection, Started,
    Protection, 8/12/2016 5:23 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Starting,
    Protection, 8/12/2016 5:23 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Started,
    Update, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Manual, Domain Database, 2016.8.11.2, 2016.8.11.11,
    Update, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Manual, Malware Database, 2016.8.11.9, 2016.8.12.4,
    Protection, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Refresh, Starting,
    Protection, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Stopping,
    Protection, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Stopped,
    Protection, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Refresh, Success,
    Protection, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Starting,
    Protection, 8/12/2016 5:33 AM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Started,
    Protection, 8/12/2016 1:09 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malware Protection, Starting,
    Protection, 8/12/2016 1:09 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malware Protection, Started,
    Protection, 8/12/2016 1:09 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Starting,
    Protection, 8/12/2016 1:09 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, Started,
    Detection, 8/12/2016 1:10 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, IP, 174.137.155.139, xml.clk1013.com, 50126, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 8/12/2016 1:10 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, IP, 174.137.155.139, xml.clk1013.com, 50126, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 8/12/2016 1:10 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, IP, 174.137.155.139, xml.clk1013.com, 50130, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 8/12/2016 1:17 PM, SYSTEM, DESKTOP-2DCTIB3, Protection, Malicious Website Protection, IP, 174.137.155.139, xml.clk1013.com, 50434, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Scan, 8/12/2016 1:42 PM, SYSTEM, DESKTOP-2DCTIB3, Context, Start:8/12/2016 1:42 PM, Duration:0 min 11 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
    Scan, 8/12/2016 1:43 PM, SYSTEM, DESKTOP-2DCTIB3, Context, Start:8/12/2016 1:43 PM, Duration:0 min 9 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

    (end)

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello rubinontheroad,

    To request assistance in the malware removal forum please see the FAQ which includes instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

    http://forums.spybot.info/showthread.php?t=288

    Once you provide the logs in this topic I will remove my post and merge yours, unless a helper responds beforehand.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  3. #3
    Junior Member
    Join Date
    Dec 2015
    Posts
    2

    Default

    Quote Originally Posted by tashi View Post
    Hello rubinontheroad,

    To request assistance in the malware removal forum please see the FAQ which includes instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

    http://forums.spybot.info/showthread.php?t=288

    Once you provide the logs in this topic I will remove my post and merge yours, unless a helper responds beforehand.

    Best regards.
    Team Spybot, The first response came from Major Geeks and at present I am following a list of actions and sending the logs back to that (those) guy (s). They asked and I agree, it would not be fair to you or another forum's group of helpers, to not bother you and or duplicate any of the action that I'm working on now. Again thank you and will close this thread until further notice. If problems persist I will again contact you all and ask for your help. Thanks again, S Rubin

  4. #4
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello rubinontheroad,

    From our FAQ:

    • Posters who start topics at multiple sites for their PC problem waste valuable volunteer resources as our analysts assist people at several forums. Worse scenario would be to run fixes given at one site unbeknown to the person helping the same user elsewhere. If you have already requested help at another site choose where you wish to continue and advise all parties.
    Thank you for informing us. Topic archived.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •