Jump to content

Search the Community

Showing results for tags 'outbound'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hi, I have received a few reports of Trojans on my computer (See report below), I think linked to Microsoft Outlook. Is this a virus on my computer or is it something I am doing. Is it something I need to worry about and get rid of? Many thanks. Paul Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 14/04/2021 Protection Event Time: 16:26 Log File: cb067d28-9d35-11eb-8248-7085c2f36b61.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1249 Update Package Version: 1.0.39401 Licence: Premium -System Information- OS: Windows 10 (Build 19042.867) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: advicesinhealth.com IP Address: Port: 80 Type: Outbound File: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe (end)
  2. MalBytes keeps giving me multiple "inbound" and "outbound" trojan notices usually in "bursts" only minutes apart. Two of the most recent: -------------------------------------------------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/20 Protection Event Time: 12:24 PM Log File: 514d7710-2e56-11ea-8896-000272c7c0d0.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.785 Update Package Version: 1.0.17183 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 176.113.161.71 Port: 49161 Type: Outbound File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (end) -------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/20 Protection Event Time: 12:20 PM Log File: c88c3dd1-2e55-11ea-8ea3-000272c7c0d0.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.785 Update Package Version: 1.0.17183 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 176.113.161.91 Port: 49161 Type: Inbound File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (end) ----------------------------------------------------------------------- I have quite a lot more if needed.
  3. New Member Members 1 post Report post #1 Same as previous post. Over past 2 weeks Malwarebytes flags Plex. I don't recall ever going on the internet archive for any reason. Log details almost the same as previous poster. Staff response was that block will be removed. Did this ever happen?? Log Details- 8/17/20 11.31am Log file 6CA29466-E029-11EA-B775-00FFD37E66C5JSON -Software Information- Version: 4.1.2.73 Components Version: 1.0.1003 Update Package Version: 1.0.28583 License: Premium -System Information- OS: Windows 10 (Build 19041.450) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Phishing Domain: ia902800.us.archive.org IP Address: 207.241.232.100 Port: 443 Type: Outbound File: C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
  4. Hi Everyone, An online steam game I play called "Conan Exiles" has been blocked by malwarebytes from making an outbound connection to a different IP address from the game server I connect to. I am however able to connect to the online server and play the game all OK. I am running both Malwarebytes and McAfee Total Protection together. I ran a full Malwarebytes scan yesterday on both hard drives with scan for rootkits enabled = nothing found. Malwarebytes Version: 4.1.2.73 Update package version: 1.0.26759 Component package version: 1.0.979 Last updated: 13/07/2020 09:36 Malwarebytes has updated since then but the above is the versions it reported just before I scanned yesterday. The server I connect to, to play the game is 176.57.178.33:28000 Below are the 3 reports of outbound blocked. *****************************************REPORT 1*********************************************** Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 27/06/2020 Protection Event Time: 17:53 Log File: befddd34-b896-11ea-aea0-10bf48e37924.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.955 Update Package Version: 1.0.26081 Licence: Premium -System Information- OS: Windows 10 (Build 18362.900) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , D:\Games\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 185.137.233.239 Port: 8889 Type: Outbound File: D:\Games\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe (end) *****************************************REPORT 1 END****************************************** *****************************************REPORT 2*********************************************** Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 01/07/2020 Protection Event Time: 20:04 Log File: a7a90520-bbcd-11ea-a8f7-10bf48e37924.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.972 Update Package Version: 1.0.26253 Licence: Premium -System Information- OS: Windows 10 (Build 18362.900) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , D:\Games\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 185.137.233.239 Port: 7778 Type: Outbound File: D:\Games\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe (end) ****************************************REPORT 2 END******************************************* *****************************************REPORT 3*********************************************** Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 14/07/2020 Protection Event Time: 16:00 Log File: be1120bc-c5e2-11ea-a173-10bf48e37924.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.979 Update Package Version: 1.0.26817 Licence: Premium -System Information- OS: Windows 10 (Build 18362.900) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , D:\Games\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 185.137.233.239 Port: 8889 Type: Outbound File: D:\Games\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe (end) ***************************************REPORT 3 END******************************************** NOTE: I played the game yesterday too but there is no report for an outbound connection being blocked yesterday. I have no idea what IP address 185.137.233.239 is or why the game would be trying to connect there. I have this evening performed a scan with both Malwarebytes(rootkit scan not enabled) and McAfee on just the following location D:\Games\Steam\steamapps\common\Conan Exiles\ and neither detected anything. I'll run a full scan with McAfee overnight. Is my PC likely infected? Please can anyone advise what other steps I can take and if I should be worried about this? Thanks.
  5. Malwarebytes flags plex. I don't download from non legal sites, so I don't know what is happening. I don't recall ever going on the internet archive for any reason. I do download album covers from the web to update my media with. Could one of those pictures of album covers be causing this? Log Details- Protection Event Date: 7/3/20 Protection Event Time: 3:21 AM Log File: d8b48f14-bcfd-11ea-a281-3417ebb098fd.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.972 Update Package Version: 1.0.26335 License: Premium -System Information- OS: Windows 10 (Build 19041.329) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Phishing Domain: ia902800.us.archive.org IP Address: 207.241.232.100 Port: 443 Type: Outbound File: C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
  6. -Website Data- Category: Trojan Domain: pool.minexmr.com IP Address: 94.130.164.163 Port: [49788] Type: Outbound File: C:\Windows\explorer.exe explorer.exe restart randomly in every 20-25 minutes
  7. Dear Support Team, MWB have blocked some suspicious outbound connections (Related logs attached, I don't know how to provide a global log of all threats). After doing some research it seems that the responsible is a malware that got into the system after the execution of MCLeaksAuthenticator.exe. Could you please support me to get rid of it? FRST and Addition log attached too. Furthermore, I deleted the executable file and haven't tried to execute or download it again ever since. Thanks! Addition.txt FRST.txt MWBLog.txt MWBLog2.txt MWBLog3.txt MWBLog4.txt MWBLog5.txt
  8. Hi ,I have an outbound alert that keep's popping up,if anyone could help it would be appreciated thanks. Malwarebytes -Log Details- Protection Event Date: 2/15/20 Protection Event Time: 7:33 PM Log File: 00039234-5054-11ea-a22d-3c9180843fcc.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.823 Update Package Version: 1.0.19264 License: Trial -System Information- OS: Windows 10 (Build 18362.657) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Fraud Domain: api-spotify.net IP Address: 69-666-420-911 Port: 80 Type: Outbound File: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (end)
  9. Hi I have an outbound connection that keep's getting picked up,if someone could help me figure this out I would appreciate it. Malwarebytes -Log Details- Protection Event Date: 2/15/20 Protection Event Time: 7:33 PM Log File: 00039234-5054-11ea-a22d-3c9180843fcc.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.823 Update Package Version: 1.0.19264 License: Trial -System Information- OS: Windows 10 (Build 18362.657) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Fraud Domain: api-spotify.net IP Address: Port: 80 Type: Outbound File: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (end)
  10. Hey all. For weeks now, Malwarebytes has been warning me that chrome has outbound adware that it is blocking. The program is techsuperb.biz. I can't find how to remove it. Malwarebytes AdwCleaner hasn't found it either. Any help?
  11. I keep getting this popup every 15 seconds, saying: Website blocked due to Trojan The IP it's trying to connect to is: 37.97.195.205 The port keeps changing on every popup. Type is: Outbound Connection. Category: Trojan Domain: nnnnmm.com Is this something serious? It says it is due to chrome.exe Any help would be appreciated. FRST_17-03-2019 23.55.00.txt Addition_17-03-2019 23.55.00.txt
  12. I installed Malwarebytes due to some suspicion that I was infected and ran it. Clearly there was something going on and Malwarebytes did some cleaning. After it was done, I keep getting this popup every 15 seconds, saying: Website blocked due to Trojan The IP it's trying to connect to is: 66.42.80.240 The port keeps changing on every popup. Type is: Outbound Connection. Category: Trojan I even added an Outbound and Inbound firewall rule in Windows Defender Firewall blocking this IP address, but the popups wont stop. Is this something serious? I've seen many topics on this forum, but none of them have a solution. Help would be appreciated.
  13. any help with this?! Advanced report from Malwarebytes -Log Details- Protection Event Date: 11/15/18 Protection Event Time: 10:38 PM Log File: 2ab35018-e927-11e8-8370-d8cb8a5d0f39.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.482 Update Package Version: 1.0.7865 License: Premium -System Information- OS: Windows 10 (Build 17134.407) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: cdn.immereeako.info IP Address: 52.85.51.187 Port: [53393] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  14. I have same problem is that any way to solve?
  15. Hello, I'm new to the forum, but already had Malwarebytes Premium (and thank God for that!). Here's my sad story. My Windows 7 Professional 64-bit computer had been connected to a LinkSys AC1200+ wireless router, which was connected to a 3com OfficeConnect hub/switch, which was connected via the uplink to a gateway provided by TimeWarner/Spectrum Business Class. But the other night, the hub/switch failed, and I couldn't get on the Internet. For a while, I connected the computer directly to the gateway, via one of its four ports on the back. (I reconfigured the computer's IP and DNS to a fixed IP address.) It probably was this way for less than a day. I suddenly noticed, though, some strange things: (*) McAfee LiveSafe (which I had in addition to Malwarebytes Anti-Malware Premium, because it came with the computer) was trying to register new. It appears that something took it out. (*) I started getting messages, seemingly one every 5 to 10 minutes, from the real-time protection from Malwarebytes that it was blocking various attacks. I then realized that being connected directly to a port on the "Wild Internet" was really dangerous. So I pulled the plug. At this point, my Wifi finally came alive (honestly, I had never figured out how to force it to do that when connected via Ethernet, but the cable being plugged in seems to have prevented that---I never thought of that!). I'm now connected through the LinkSys AC 1200+ wireless router. The Wireless connection is configured for DHCP, so I should be safe from picking up any new infections?? (At least, that's the way it was before. The LinkSys wireless router is sitting on the Wild Internet, but it is password protected with a good strong password---NOT admin!) I have been alarmed at some of the threats that have been blocked, as they are outbound attempts to connect to a site in Russia at a single IP address, attempting the connection through many different obscure port numbers. The site's two variations are either wmi(dot)my0115(dot)ru or down(dot)my0115(dot)ru and the IP address is 78(dot)142(dot)29(dot)114. There seem to be three executablea that were blocked from connecting, one classified as RiskWare, and the others as Unspecified. The RiskWare is coming from C:\Windows\System32\lsass.exe. The Unspecified are the following: C:\Windows\System32\wbem\scrcons.exe and C:\Windows\System32\svchost.exe. The odd thing is that my Malwarebytes Anti-Malware Premium scan comes up clean, even though I'm still getting messages every so often that another attempt has been blocked! Does this indicate that something is masquerading as a system (whitelisted) program?? (If this is the case, then would running a threat scan in safe mode pick it up?) Here are some miscellaneous things that may be additional infections or part of the same: (*) There were two files that were caught and quarantined: 1) First was "Backdoor Zegost" at C:\adg.exe; 2) Second was "RansomWannaCrypt" at C:\Windows\mssecsvc.exe" Microsoft Security Center says that this file should not be allowed to run, associated with ransomware I think. (*) While backing up some files to DVD-ROM, I noted an odd file in the Documents directory. It is called adxloader.log, and when I opened it with Notepad, it looks as though it was loading things into the Registry maybe. Since I noticed it, it had been modified to a later date, but maybe this happened as a result of opening the file with Notepad. Maybe it's something legit, but I don't recall ever seeing it before. And the stuff inside it looks pretty malicious if it isn't something legit. (*) There is one other thing---maybe it's normal, or maybe not. When I went to try to retrieve the log file from Malwarebytes Threat scan the Documents and Settings folder shows with a padlock icon over it, and says "Access Denied" when I click on it, EVEN WHEN RUNNING WINDOWS EXPLORER AS ADMIN. Is this normal? Maybe this is for safety?? I was able to view the required logs and save them elsewhere, so not critical, but thought I'd ask. I will attach the following files to this post: 1) The MalwareBytes Threat Scan Log (which found nothing), which I called MalwareBytesThreatScanLog.txt; 2) The FRST scan log, FRST.txt; 3) the Addition.txt log; 3) Samples of the MalwareBytes blocked threat reports from the Russian site: They are called MalwarebytesBlocked_1.txt, MalwarebytesBlocked_2, MalwarebytesBlocked_3, MalwarebytesBlocked_4 and MalwarebytesBlocked_5; 4) the adxloader.log file, re-saved as a text file. I think that's all. Let me know if you need something else. My Windows updates are really out of date, sad to say. The updates got stuck at some point, and HP "Smart Friend" deleted a bunch of stuff, including Malwarebytes Anti-Exploit Premium, and really screwed everything up. They wiped out all of the pending updates. But I've been very ill and haven't had the energy to deal with it. I do have a backup I made when I got Acronis Backup, when the system was fairly new. And of course there faling back to a configuration from a few days ago before the hub started failing is an option. I keep all of my important files on a portable drive, though. I won't do anything at all, such as put in the replacement hub I just got through the mail today, until given the okay. I especially won't restore my direct wired connection yet, as this would require reconfiguring my LAN connection, and I don't want to make anything worse. Thanks for your help. MalwareBytesThreatScanLog.txt FRST.txt Addition.txt MalwarebytesBlocked_1.txt MalwarebytesBlocked_2.txt MalwarebytesBlocked_3.txt MalwarebytesBlocked_4.txt MalwarebytesBlocked_5.txt adxloader.txt
  16. Hey Winterstar, I am having the same issue, started today. I had about 10 notices today all outbound, I am fairly good with computers, and could not find an infection on my machine. I will keep an eye on this post, maybe someone will have an answer.
  17. Hello, I just had a bit of an issue today and on the 4th. Malwarebytes blocked an outbound connection multiple times (Three times today, twice on the 4th). All five times it has happened has been with the same domain and IP address. I'm not very good with computers, so I was wondering am I possibly infected? And if I am, what can I do to fix this? AVG detects nothing wrong with my computer. Thank you for any help! EDIT: I'll just add that I've always gone of the same sites for years and never had any issue with any of them. Today and on the 4th, Malwarebytes blocked the connection pretty much a few minutes after I open Chrome. After that everything seems to be fine. Here is a copy of the most recent blocked connection. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/9/18 Protection Event Time: 5:41 PM Log File: 945b36d2-3c4f-11e8-a005-18dbf2281498.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.342 Update Package Version: 1.0.4670 License: Trial -System Information- OS: Windows 10 (Build 16299.309) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: f1hungary.fw.hu IP Address: 217.65.97.118 Port: [64169] Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)
  18. Hello all, I have been reading through the forum and following the advice of the forum moderators I have decided to create my own topic. Earlier today I upgraded the free version of Malwarebytes to the 14-day premium version. Since the download has been completed, I have been getting non-stop warnings for websites blocked that are being detected as malicious. The ports are constantly changing, but the common theme is that they all come from the same IP address (37.48.125.112), are all outbound, and originate from svchost.exe I have downloaded and ran the programs listed here https://www.bleepingcomputer.com/virus-removal/fix-malicious-web-site-blocked-alert-from-svchost.exe/ but the updates are still occurring. I have also ran Farbar Recovery Scan Tool, and I have attached my FRST and Addition txt files to this post here. If there is anything else I need to add please let me know. FRST.txt Addition.txt
  19. this appears everytime i search up anything that includes "nfscars"
  20. Greetings! If you're in the US, I hope you enjoyed your Thanksgiving. Thanks in advance for your help with this! On 11/20 (sorry I haven't opened a report before this but the holidays are busy) I got a notice on my laptop about a blocked website. The block notices started at 2:33 pm and stopped at 4:32 pm, so roughly 2 hours. I keep Malwarebytes updated and consider myself a savvy web and email user (I work in IT) so I'm very mindful of malware. That said, I also run CCleaner, and a few months ago I downloaded a malware infected update for that software that had been planted on their site. As soon as the malware was detected I cleaned my system (the only infected files found were part of CCleaner). However, as you know that doesn't mean that nothing malicious was installed on my system and just hasn't been detected yet. Anyway, having read the forums about this block notice I have already run the November MS Malicious Software Removal Tool and it reported that there are 0 infected files. Here is the export of the first protection event: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/20/17 Protection Event Time: 2:33 PM Log File: ac6c09d4-ce29-11e7-b41d-00ff8c74eff2.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.236 Update Package Version: 1.0.3304 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: IP Address: 255.255.255.255 Port: [68] Type: Outbound File: C:\Windows\System32\svchost.exe (end) Please let me know if you need additional troubleshooting details and if I have a genuine malware problem or if this is a false positive. Many thanks, happy holidays, April
  21. I am getting a message (every 30 seconds or so) for the CNMNSUT.EXE blocked.What do I do? Add it to the exception list? And Why is happening now? How do I know this is not a MALWARE? PLEASE HELP!!! Domain: IP Address: 255.255.255.255 Port: [53551] Type: Outbound File: C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe -Software Information- Version: 3.2.2.2018 Components Version: 1.0.212 Update Package Version: 1.0.3304 License: Premium -System Information- OS: Windows 10 (Build 15063.726) CPU: x64 File System: NTFS User: System
  22. I have the paid version of 3 on my desktop. I downloaded trial version for my laptop. The trail cleaned a few PUPs out. On Laptop, while while using Windows Explorer, I get MB popups stating that it blocked outbound to such places as "click.smytratrafficfilter.com", "clicksgear.com", "popcash.cnet" and more similar toilet-sites. Details show it to be from "C:\windows\sysWOW64\explorer.exe" each time. I have manually scanned explorer.exe with MB and Norton, both OK. I removed the HDD from the laptop and attached as slave to desktop (yes I can) and scanned it with paid version of desktop MB. Nothing there. Scanned with Norton as well - OK. Any ideas? o
  23. Hi all. My computer is losing space from a virus and I need help cleaning it. I installed a few programs including aswmbr, FRST, JRT, Malwarebytes, adwcleaner, and securitycheck. I ran aswmbr and found an infected file. I'll attach my aswmbr scan below. Thanks. aswMBR.txt
  24. Hello, new to the site and the program. Currently running on a trial version, though really pleased by the program thus far. Anyway, today just past I noticed Malwarebytes was informing me about an ip address getting blocked making both inbound & outbound connections. I checked the logs, it had been doing so since 12:00 am, so far about 50 times, maybe more. at times when I noticed, I tried turning off my browser, and all programs that communicate with the internet, but they continued, so I unplugged my ethernet cable, which stopped it. When I plugged it back in about, it started again about 10 minutes after. I checked the ip addresses, and they show up as coming from various foreign countries. 185.98.24.5:59094 87.116.189.55:59094 185.98.24.5:59094 I tried doing a malware scan with Malwarebytes, which found a bunch of minor stuff, though the problem persisted. Then I reset my ip address and went offline for a few hours, and haven't gotten any blocked connection notifications for about 3 hours now, but I doubt that resolved the problem completely I looked this problem up online, and saw that many people have had the same thing happen to them, though I hadn't been able to find a generalized guide, so I figured i'd seek help here. I've attached the scan by FRST, as suggested in this forum. FRST.txt Addition.txt
  25. After the fiasco yesterday with so many having this issue as per this thread : I am STILL having issues with the popup showing often. Please advise. This is super annoying.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.