Windows 10: infection? outbound localhost.world to ip 69.197.188.122

Page 1 of 2 12 LastLast
  1.    24 Oct 2015 #1

    infection? outbound localhost.world to ip 69.197.188.122


    Got an email from someone that reported a antimalware program was reporting outbound localhost.world to ip 69.197.188.122.

    The warning came when using browsers or some other programs that connected to the net, any idea what this is?
      My ComputerSystem Spec


  2. Posts : 11,224
    W10Prox64
       24 Oct 2015 #2

    Hi Cixoos.
    I think localhost.world is possibly a redirect from a botnet (possibly Zeroaccess rootkit). 69.197.188.122 is Wholesale Internet out of Kansas.

    If you think you have an infection or rootkit: Please download TDSSKiller and run it.

    What antivirus do you have on your system?
      My ComputerSystem Spec

  3.    24 Oct 2015 #3

    It was malwarebytes that reported it i found out.

    I have now tested the machine with eset antivirus, nothing.
    Then tdsskiller and notjing
    Then housecall online and nothing
    roguekiller- Deleted some registry entries, but nothing serious
    zhpcleaner, found some stuff and cleaned.

    Then I blocked the ip in eset firewall with popup notification. It says asus printer utilities are trying constant outbound to 69.197.188.122
      My ComputerSystem Spec


  4. Posts : 11,224
    W10Prox64
       24 Oct 2015 #4

    That is the first time I've ever heard of this!

    Want to try one more thing?

    aswMBR
    aswMBR Download
      My ComputerSystem Spec

  5.    24 Oct 2015 #5

    strange thing indeed, if 69.197.188.122 is blocked with firewall, it is impossible to log in to router on local ip 192.168.1.1.
      My ComputerSystem Spec


  6. Posts : 11,224
    W10Prox64
       24 Oct 2015 #6

    Cixoos said: View Post
    strange thing indeed, if 69.197.188.122 is blocked with firewall, it is impossible to log in to router on local ip 192.168.1.1.
    Now I'm really confused....that makes no sense to me.
    If you unblock, and access router, can you check for firmware updates on it?
      My ComputerSystem Spec

  7.    24 Oct 2015 #7

    I'm having this issue as well. I'm on my laptop with a clean install of Windows 10 and an unfortunate "accident" in which I had to go back to a restore point because I became infected with multiple rootkits and viruses.

    Malwarebytes keeps indicating it is blocking localhost.world at that same ip address listed above. I've run

    *Hijackthis
    *Hitman Pro
    *Emsisoft Emergency Kit

    I removed a few entries with Hijackthis related to BHO search stuff in ie, I've also reset both browsers, and other scanners didn't find anything of note, but I'm still getting the blocking notification.

    Eager to see what else you've found out!

    T.
      My ComputerSystem Spec


  8. Posts : 11,224
    W10Prox64
       24 Oct 2015 #8

    Tsidhu said: View Post
    I'm having this issue as well. I'm on my laptop with a clean install of Windows 10 and an unfortunate "accident" in which I had to go back to a restore point because I became infected with multiple rootkits and viruses.

    Malwarebytes keeps indicating it is blocking localhost.world at that same ip address listed above. I've run

    *Hijackthis
    *Hitman Pro
    *Emsisoft Emergency Kit

    I removed a few entries with Hijackthis related to BHO search stuff in ie, I've also reset both browsers, and other scanners didn't find anything of note, but I'm still getting the blocking notification.

    Eager to see what else you've found out!

    T.
    Hi Tsidhu and welcome to Tenforums.

    Please try TDSSKiller and aswMBR in my posts above and report back the results.
      My ComputerSystem Spec

  9.    25 Oct 2015 #9

    Tsidhu said: View Post
    I'm having this issue as well.

    T.
    Are you using an asus router?
      My ComputerSystem Spec


  10. Posts : 615
    Windows 10 Enterprise x64 (build 10586)
       10 Nov 2015 #10

    I found a post on Malwarebytes mb constant stopping 69.197.188.122, localhost.world - Website Blocking - Malwarebytes Forum The person has a similar problem with the ip being blocked by Malwarebytes while it was attempting to go outbound, originating from different programs (including legitimate ones). He had an ASUS router (I'm not sure if that's what Cixoos is going with this). Then a Malwarebytes employee commented "The block is being removed." This may imply that it is a false positive, but the meaning is unclear. If your router is infected with fake firmware (ASUS specifically had a vulnerability in routers), you can usually fix it by resetting the router using a reset pin on the back of it, or unplugging it from the mains for a few minutes. Then, install the latest firmware from the manufacturer.
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Google redirection localhost.world in AntiVirus, Firewalls and System Security
I have Windows 10 . And sometime i have a cmd popup show and close my chrome browser. After if i do a search on google, it's redirect to a fake google. I go to internet option, connection, network configuration, i have this: 43714 I...
Hi there Edge has been modified so you CAN set it to access local host type of sites (at least in build 10240). This was mentioned a while ago but just as a reminder -- many people have servers etc that have a web interface with a localhost or...
Solved Taobao infection in AntiVirus, Firewalls and System Security
Color me embarrassed but I seem to have picked up ........... something. As you can see from my screenshot my Browser has gotten a .....visitor and I can't seem to make it leave. It seems to be a shortcut to Taobao. I've tried scans with...
Loopback/localhost acces in apps in Software and Apps
This is aimed at Win 8, but should be the same for 10 As some of us have found out, modern apps such as Edge are not allowed to send network traffic to the local host, so things like media servers and routers do not work I have just been...
Read more: Microsoft updates Windows Defender to remove Superfish infection | ZDNet
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 04:03.
Find Us