Jump to content

PvdElst

Members
  • Content Count

    7
  • Joined

  • Last visited

About PvdElst

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi Maurice, The server is in a cloud. I've contacted the cloud provider, but it's not possible to boot from ISO o.i.d. I think my next step is a complete wipe of the disk and to start over. Kind regards, Paul
  2. Hi Maurice, Safety Scanner didn't find any threats, see attached log. Kind regards, Paul msert.log
  3. Hi Maurice, I don't think they are real threats: ESET found 3, see attached log. Kind regards, Paul 20191211 ESET.txt
  4. Hi Maurice, Thanks for your help. I've performed the steps. No threats where found, see attached log. However, what bothers me is that these incoming connections, all targeting port 445 (SMB), keep getting through the firewall. I'm positive that Malwarebytes is blocking them, but I don't understand how these connection even get to Malwarebytes. I've verified that my firewall blocking rules contain the ip addresses you mentioned: 37.52.9.2, 81.18.134.18, 201.24.82.11, so I would think they won't get through and Malwarebytes would never see these incoming trojan connections. Kind regards, Paul 20191210MWBScanReport.txt
  5. Hi Maurice, I'v attached the zip file, but I have to tell you that I already used mb-support-1.5.3.749.exe last week, and I than did use "Start Repair". But the trojans keep coming. Over the past months Malwarebytes found 49 different ip addresses from which these trojans originated. These ip addresses are in firewall block rules. Thanks in advance for your help, Paul mbst-grab-results.zip
  6. Hi Malwarebytes, I'm keep getting Malwarebytes popup's about RTP detection on Trojans. I'v tried about everything, including putting all ip addresses noted by Malwarebytes in firewall block rules, both incoming and outgoing. I've run adwcleaner_8.0.0.exe which found 2 PUP entries: PUP.Optional.Legacy izito.nl and PUP.Optional.SofTonicAssistant Softonic NL. Both where removed by adwcleaner, but the somehow come back. I've also run HitmanPro but it shows tracking cookies only. And still Malwarebytes reports incoming Trojans. All reported Trojan inbound connections target port 445 (SMB), see attached log. On the system we're using Malwarebytes Premium 4.0.4 How is it even possible that these connection get through the firewall?? Any thoughts anyone? Cheers, Paul MBAMSERVICE.LOG
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.