Valenstar

So far, so good. I noticed I have not been one during the periods the connection attempts usually occurred, so will endeavor to do so today. We have been having severe thunderstorms where our power goes off and on, so i have been disconnected late afternoon. I realized I did log into my google account long enough to set up an app password, but I did not sync. Can you a virus, if one is there, by simply logging into Chrome if you do not Sync? Lets say it is the Google account and I did sync, and the virus was there. I installed chrome clean twice, and this install 100% has not been synced. If i log in to my account and sync, i assume I get the virus again. Sooner or later, at sometime, on one of my computers, i will need to sync again. Will I then get the virus? If so, how do i reset the sync without doing it on this computer? If I sync on one of my less expensive computers and then reset the sync as per instructions you gave me, will it then be cleaned up for all new connections, or will the virus always be there? Thank again, a million times over! I'll check back tomorrow and let you know how it goes.

I have a question: I did not log into Google or utilize sync on this install because I thought it might have something to do with the issue. The only thing i did was import bookmarks. Does that exclude Google Sync from being the issue? I'll follow this guide with computers that ARE logged into my email that I was suspicious of and reset Chrome sync, just to be sure about this, but it would not make sense for being the issue on this computer. I have several questions related to the resetting of Chrome sync: I have two email accounts that I have used that may be the in question. I have switched out which one I use a couple times, so should I do this with both accounts? Will this reset my app passwords? I need them to keep my emails working in Outlook. Also, I have a pc that is overheating so fast I can't get into it, so I can't log out of whichever Google account is on that machine. I therefore cannot use this method to reset Chrome sync on it. How does that affect this overall scenario? Assuming that Chrome Sync is not the issue since it was never used on this build, I still need the method of delivery to 3 different installs on two different SSD drives. I did log into the same Hotmail account each time, as it is the one I use for this computer for the Microsoft account logged into Windows. I also log into another Hotmail account when using office, which is then connected to my OneDrive. I uninstall OneDrive as I prefer Dropbox, but there is still some sort of connection to my pc, as Word and Excel keep trying to save to OneDrive and I have files available which say they are on OneDrive. Is there a way to virus scan files contained solely on the cloud? Like the Dropbox folders I keep offline only, or OneDrive? Sorry to be so lengthy in my observations and questions, I just want to make sure this will not reoccur. Thanks for your patience.

So far, so good, however the RTP outbounds that Malwarebytes caught happened twice a day, so lets see what happens tomorrow, although I personally think we got it. Thank you so much! I was feeling pretty hopeless when i decided to come here to try this forum as Malwarebytes was catching the attempts. As for my myriad questions I asked with my last post, can you help me with them at all? Especially the questions about the restore points although I am curious about the possibility of OneDrive or something else being infected. I am just at a loss. Thanks once again! I am really excited that the virus was found. I'll let you know about what happens over the next day to see where it all ends up. I bet it ends up clean!

Well, DR. Web Cureit! found a virus. It says it "moved" it. I am quite curious as to where! Here are the logs. Will this Virus be in my restore points? And could it have gotten into Dropbox, or my OneDrive? I am curious as to how it got into two different SSD Drives. This drive was a clean install and I did not download anything I did not know what it was. I have mot yet completed all installs onto the drive, that is how fresh it is. The only commonalities are a windows 10 USB install drive, a windows 11 USB install drive, Dropbox and OneDrive. I did do a fresh install on the first drive and it was contaminated as well, and i barely had anything installed. I am so totally baffled. Unless it was in the installer for the program files it was found in, which I would be quite surprised at. I did not find it in my Dropbox folders, but not all folders were kept on the drive. Thank you for finding this virus. I am assuming there might be more steps, so what is next? cureit.log Fixlog.txt

When you say to close al running programs, does this include my virus scanner? I don't mind doing it, but wanted to be sure as I will be leaving my computer unprotected I also have many commitments, but i will do my best to respond quickly as I am the one with the compromised system! Thank you for your time and effort, it is greatly appreciated.

Here are the requested files. I have severe ADHD and got a little confused with AdwCleaner and did it more then once. I had read over the directions, so know idea there. Anyway, all reports were gathered and now delivered. Thank you for taking the time to help with my issue, I really appreciate it. Addition.txt AdwCleaner[C04].txt AdwCleaner[S04].txt FRST.txt Malwarebytes Scan Report 2024-07-14 135648.txt

Update: issued occurred this afternoon: Malwarebytes Website Blocked Report 2024-07-13 171831.tx I also am having to disconnect the Malwarebytes Privacy VPN to post - it keeps telling me i cannot post due to wording that is consistent with spam. Not an issue, its just amusing. I turn the VPN off, i can post.

Greetings! I am having an RTP Connection issue that is outbound to a specific IP. When the issue started, i ran Malware Bytes Advanced scan, AVG Deep Scan, NPE and MSERT. No virus. The issue persisted, so I reformatted and reinstalled. The issue returned, same IP address. I got irritated, grabbed another SSD I had, and reformatted and reinstalled. The issue returned. On this SSD with Windows 11 installed I have run all the same scans listed previously. MSERT found the VirTool:Win32/DefenderTamperRestore. That did not seem related, but I thought I would wait and see. It didn't take long, the RTP Issue occurred again. So I ran MSERT again. No Virus. I decided to FULLY uninstall Chrome and try AVG Secure Browser. The issue reoccurred. I removed that browser - and the issue occurred citing that browser, even though it was not there! I went back to Chrome since I prefer it. Of course, issue reappeared. It does not happen constantly, only twice a day. Hasn't yet today. A couple Notes: I changed the Admin name, admin password and the SSID name and password on my router after the final install of Windows. I did a lot of cut and paste to not have to type that information in. We have 2 laptops. They are suddenly, as of three days ago, overheating, so I can't get Malwarebytes on to see if they have the issue. My BIOS does need upgraded, i am just nervous about flashing it. I use Malwarebytes Privacy VPN, and I change location a lot for added safety. Malwarebytes Website Blocked Report 2024-07-02 212536.txt Malwarebytes Website Blocked Report 2024-07-04 200428.txt Malwarebytes Website Blocked Report 2024-07-11 000906.txt Deep scan.txt aswBoot.txt