syllinx

SecurityCheck.txt

It may be out of the system. I'm not sure yet. Two reboots and it did not come back. I uninstalled Bluestacks(gaming app) which has always been fine till about last week I guess. After uninstalling bluestacks it is not making that registry key.

msert.log Nothing good was found I guess.

Thank you. I'm running the full scan now. If I can't figure it out by tonight I will restore my system to the week before this started and hope I'm good. Scan is running on NVME and SSD drives so it might be faster.

Fixlog.txt Still not fixed. I really think this happened cause I tried some new Video card drivers and I was too sleepy to check if It was from the right site. Even the installer not listed as having anything bad in it.

I'm still at work so going back and forth. Yes the Key comes back after every reboot. I deleted all startup items as a test and it comes back.

If it is not an easy fix I will go back to my image of my system from last month and see what happens.

mbst-grab-results.zip

I see now. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/12/21 Protection Event Time: 11:14 AM Log File: 0da2bfe6-43dc-11ec-831d-00ffb93d1ffd.json -Software Information- Version: 4.4.10.144 Components Version: 1.0.1499 Update Package Version: 1.0.47144 License: Premium -System Information- OS: Windows 11 (Build 22000.318) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\SysWOW64\dllhost.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: charlie.mail-input.info IP Address: 104.21.74.22 Port: 80 Type: Outbound File: C:\Windows\SysWOW64\dllhost.exe (end) Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 11/12/21 Scan Time: 12:40 PM Log File: f70269e2-43e7-11ec-90a8-00ffb93d1ffd.json -Software Information- Version: 4.4.10.144 Components Version: 1.0.1499 Update Package Version: 1.0.47148 License: Premium -System Information- OS: Windows 11 (Build 22000.318) CPU: x64 File System: NTFS User: DESKTOP-76UU6FO\Dad -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Cancelled Objects Scanned: 177252 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 0 min, 35 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 1 Backdoor.Remcos.E, HKU\S-1-5-21-795674982-3824527390-2081722903-1001\SOFTWARE\Remcos-MA40C8, Quarantined, 3807, 953056, 1.0.47148, , ame, , , Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)

I don't have the options like the old version does.

Malwarebytes will quarantine it each time but does not block it. I will need to try and see if it originates from an excluded folder.

I will as soon as I can. I rebooted my computer and started The Avast boot-time scan to see what it finds. I have Team Viewer installed but that never triggered anything.

Does anybody know how to get rid of this since Malwarebytes doesn't seem not block it?

I will try soon. I'm working all day. Luckily others are posting about this too. This is happening to me on a fresh install of Windows with all Windows updates provided and only Malwarebytes installed. It happens to the other 6 computers I have up now but they have all kinds of junk installed. Thanks for helping.

The system would not let me edit my post. All four of my AMD computers are not usable with Malwarebytes after this months feature update. I can try to open task manager but it takes almost 5 minutes to get it open.