Jump to content

constantly diesplay malicious website


Pcafe

Recommended Posts

Hi, I use Malwarebytes Anti-Malware and have the problem with constantly  display successfully blocked access to a malicious website. I knew this is a known problem. I also read other same questions and following the helps but it did not work for me.

regards

 

Link to post
Share on other sites

Hello Pcafe and welcome to Malwarebytes,

Open Malwarebytes, select > Reports > then checkmark (tick) most recent "Website Block" entry > then select "View Report" > "Export" > Text File (*.txt) name and save that file to Desktop or somewhere of your choice, attach to your reply... Repeat that for last three blocks..

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Post those logs to your reply..

Thanks,

Kevin

Link to post
Share on other sites

I want to see Website Block logs, not full protection logs..

Quote

Open Malwarebytes, select > Reports > then checkmark (tick) most recent "Website Block" entry > then select "View Report" > "Export" > Text File (*.txt) name and save that file to Desktop or somewhere of your choice, attach to your reply...

 

The result from VirusTotal for "UniKeyNT.exe" confirms is malicious, did you download that yourself, what is it used for....?

The majority of blocks in full protection logs are for Paltalk, do you know and trust that program...?

Other Block entries are for Chrome, I want specific block log as they may show domain concerned. Full protection logs do not...

Link to post
Share on other sites

1) I use the Malwarebytes version 1.8xx and do not have the tab Reports

Malwarebytes Anti-Malware (Corporate) 1.80.2.1012
www.malwarebytes.org

Database version:
  main:    v2018.01.27.10
  rootkit: v0000.00.00.00

2) I have used UniKeyNT.ext for years, it is a keyboard map program allowing typing vietnamese language

Paltalk is a voice forums , I downloaded it from original website. Trust it ? I do not know !!

Oh now  I regconize the Malwarebytes does not pop up any messages more !!! 

 

Link to post
Share on other sites

I will try to uninstall paltalk and reboot the PC.

**************************************

S60HC    Trinh    MESSAGE    Starting protection
2018/02/01 09:54:51 +0100    DESKTOP-F1S60HC    Trinh    MESSAGE    Protection started successfully
2018/02/01 09:54:52 +0100    DESKTOP-F1S60HC    Trinh    MESSAGE    Starting IP protection
2018/02/01 09:54:53 +0100    DESKTOP-F1S60HC    Trinh    MESSAGE    IP Protection started successfully
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58476, Process: chrome.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58477, Process: chrome.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58478, Process: paltalk.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58479, Process: paltalk.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58481, Process: chrome.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58482, Process: paltalk.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58483, Process: paltalk.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    178.249.97.70 (Type: outgoing, Port: 58486, Process: chrome.exe)
2018/02/01 09:55:00 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58485, Process: chrome.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58499, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58500, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58502, Process: chrome.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    151.101.114.2 (Type: outgoing, Port: 58171, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.62.216.166 (Type: outgoing, Port: 57830, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    172.217.16.166 (Type: outgoing, Port: 58147, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58505, Process: chrome.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58506, Process: chrome.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58507, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58508, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58510, Process: paltalk.exe)
2018/02/01 09:55:08 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58511, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58536, Process: chrome.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58537, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58538, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    172.217.16.166 (Type: outgoing, Port: 58392, Process: chrome.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.41.211 (Type: outgoing, Port: 58540, Process: chrome.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58541, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58542, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58544, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58545, Process: paltalk.exe)
2018/02/01 09:55:16 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58547, Process: chrome.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58559, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58560, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58562, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58563, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58565, Process: chrome.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58566, Process: chrome.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58567, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58568, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58570, Process: chrome.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58571, Process: paltalk.exe)
2018/02/01 09:55:24 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58572, Process: paltalk.exe)
2018/02/01 09:55:32 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58581, Process: chrome.exe)
2018/02/01 09:55:32 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58582, Process: paltalk.exe)
2018/02/01 09:55:32 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58583, Process: paltalk.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58585, Process: paltalk.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58587, Process: paltalk.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58588, Process: chrome.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58591, Process: chrome.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58592, Process: chrome.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58595, Process: paltalk.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58596, Process: paltalk.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58598, Process: paltalk.exe)
2018/02/01 09:55:33 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58599, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58616, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58617, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58619, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58620, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.41.203 (Type: outgoing, Port: 58622, Process: chrome.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58623, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58624, Process: paltalk.exe)
2018/02/01 09:55:41 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58626, Process: chrome.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58647, Process: chrome.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58648, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58649, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58651, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58652, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58654, Process: chrome.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58655, Process: chrome.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58656, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58657, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58659, Process: chrome.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58660, Process: paltalk.exe)
2018/02/01 09:55:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 58661, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58669, Process: chrome.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58670, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58671, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58673, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58674, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58676, Process: chrome.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58677, Process: chrome.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58680, Process: chrome.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.84 (Type: outgoing, Port: 58681, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.84 (Type: outgoing, Port: 58682, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.84 (Type: outgoing, Port: 58684, Process: paltalk.exe)
2018/02/01 09:55:57 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.84 (Type: outgoing, Port: 58685, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.84 (Type: outgoing, Port: 58714, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.84 (Type: outgoing, Port: 58715, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58717, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58718, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58720, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58721, Process: paltalk.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58723, Process: chrome.exe)
2018/02/01 09:56:05 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58724, Process: chrome.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58741, Process: chrome.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58742, Process: chrome.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58743, Process: paltalk.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58744, Process: paltalk.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58746, Process: paltalk.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58747, Process: paltalk.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58749, Process: chrome.exe)
2018/02/01 09:56:13 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58750, Process: chrome.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58765, Process: chrome.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58768, Process: chrome.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58769, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58770, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58772, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58773, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58775, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58776, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58778, Process: paltalk.exe)
2018/02/01 09:56:21 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58779, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58794, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.211 (Type: outgoing, Port: 58795, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58801, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58802, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58804, Process: chrome.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58805, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 58806, Process: paltalk.exe)
2018/02/01 09:56:29 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58808, Process: chrome.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58819, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58820, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58822, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58823, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58825, Process: chrome.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58826, Process: chrome.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58827, Process: chrome.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58828, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58829, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58831, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58832, Process: paltalk.exe)
2018/02/01 09:56:37 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58834, Process: chrome.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58842, Process: chrome.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58845, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58846, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58848, Process: chrome.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58849, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58850, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58852, Process: chrome.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58853, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58854, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58856, Process: paltalk.exe)
2018/02/01 09:56:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 58857, Process: paltalk.exe)
2018/02/01 09:56:53 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.64.189.238 (Type: outgoing, Port: 58880, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58882, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58883, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58885, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58886, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58888, Process: chrome.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58889, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58890, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58892, Process: chrome.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58893, Process: paltalk.exe)
2018/02/01 09:56:54 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.82 (Type: outgoing, Port: 58894, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58914, Process: chrome.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58915, Process: chrome.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58916, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58917, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58919, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58921, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58922, Process: chrome.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58923, Process: chrome.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58924, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58925, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58927, Process: chrome.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58928, Process: chrome.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58929, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.219 (Type: outgoing, Port: 58930, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58932, Process: paltalk.exe)
2018/02/01 09:57:02 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 58933, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58946, Process: chrome.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58949, Process: chrome.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58950, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58951, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58953, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58954, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58956, Process: chrome.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58957, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58958, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58960, Process: paltalk.exe)
2018/02/01 09:57:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 58961, Process: paltalk.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 58983, Process: paltalk.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 58984, Process: paltalk.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 58986, Process: paltalk.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 58987, Process: paltalk.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58988, Process: chrome.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58994, Process: chrome.exe)
2018/02/01 09:57:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 58995, Process: chrome.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 59016, Process: paltalk.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 59017, Process: paltalk.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59019, Process: chrome.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 59021, Process: paltalk.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 59022, Process: paltalk.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59024, Process: chrome.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 59025, Process: paltalk.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.138 (Type: outgoing, Port: 59026, Process: paltalk.exe)
2018/02/01 09:57:26 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.41.207 (Type: outgoing, Port: 59028, Process: chrome.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59038, Process: chrome.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59041, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59042, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59044, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59045, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59047, Process: chrome.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59048, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59049, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59051, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.145 (Type: outgoing, Port: 59052, Process: paltalk.exe)
2018/02/01 09:57:34 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59057, Process: chrome.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 59071, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.139 (Type: outgoing, Port: 59072, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59074, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59075, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59077, Process: chrome.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59078, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59079, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59081, Process: chrome.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 59084, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 59085, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 59087, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.66 (Type: outgoing, Port: 59088, Process: paltalk.exe)
2018/02/01 09:57:42 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59090, Process: chrome.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59099, Process: chrome.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59100, Process: paltalk.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59101, Process: paltalk.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59103, Process: paltalk.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.152.66.136 (Type: outgoing, Port: 59104, Process: paltalk.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59106, Process: chrome.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 59107, Process: paltalk.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.93.0.68 (Type: outgoing, Port: 59108, Process: paltalk.exe)
2018/02/01 09:57:50 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    188.92.40.78 (Type: outgoing, Port: 59110, Process: chrome.exe)

**************************************

Link to post
Share on other sites

the logs after uninstalled Paltalk and reboot the PC

2018/02/01 12:21:39 +0100    DESKTOP-F1S60HC    (null)    MESSAGE    Starting protection
2018/02/01 12:21:39 +0100    DESKTOP-F1S60HC    (null)    MESSAGE    Protection started successfully
2018/02/01 12:21:39 +0100    DESKTOP-F1S60HC    (null)    MESSAGE    Starting IP protection
2018/02/01 12:21:40 +0100    DESKTOP-F1S60HC    (null)    MESSAGE    IP Protection started successfully
2018/02/01 12:21:55 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.48.81.162 (Type: outgoing, Port: 49716, Process: svchost.exe)
2018/02/01 12:21:56 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.48.81.253 (Type: outgoing, Port: 49720, Process: svchost.exe)
2018/02/01 12:22:04 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.48.81.162 (Type: outgoing, Port: 49726, Process: svchost.exe)
2018/02/01 12:22:04 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    185.48.81.253 (Type: outgoing, Port: 49727, Process: svchost.exe)
2018/02/01 12:22:44 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49752, Process: avp.exe)
2018/02/01 12:22:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49754, Process: avp.exe)
2018/02/01 12:22:45 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49755, Process: avp.exe)
2018/02/01 12:22:53 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49757, Process: avp.exe)
2018/02/01 12:23:01 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49760, Process: avp.exe)
2018/02/01 12:23:17 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49761, Process: avp.exe)
2018/02/01 12:23:49 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49769, Process: avp.exe)
2018/02/01 12:24:53 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49804, Process: avp.exe)
2018/02/01 12:25:10 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    191.232.139.2 (Type: outgoing, Port: 49805, Process: svchost.exe)
2018/02/01 12:25:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    191.232.139.2 (Type: outgoing, Port: 49807, Process: svchost.exe)
2018/02/01 12:25:18 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    191.232.139.2 (Type: outgoing, Port: 49808, Process: svchost.exe)
2018/02/01 12:25:51 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    131.253.61.66 (Type: outgoing, Port: 49817, Process: svchost.exe)
2018/02/01 12:25:51 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    131.253.61.70 (Type: outgoing, Port: 49818, Process: svchost.exe)
2018/02/01 12:25:51 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    131.253.61.64 (Type: outgoing, Port: 49819, Process: svchost.exe)
2018/02/01 12:27:03 +0100    DESKTOP-F1S60HC    Trinh    IP-BLOCK    168.63.17.64 (Type: outgoing, Port: 49828, Process: avp.exe)
 

Link to post
Share on other sites

Thanks for the log, avp,exe is from Kaspersky, svchost.exe could be software you have installed trying to call home, see if you can run the following and locate what is making the calls out:

You could try "CurrPorts" and monitor what is happening yourself, it is a portable tool no installation necessary. Download from the following link and unzip the contents to your Desktop.

http://www.nirsoft.net/utils/cports-x64.zip <------ 64 bit

http://www.nirsoft.net/utils/cports.zip <------32 bit

Read the contained instructions for a basic understanding, it is very easy to use..... Right click on the tool and select "Run as Administrator"

When opened you will see your network activity. The easiest way to check what is happening is to "Right click" direct anywhere in the field and select "HTML report - All Items"
That will open the report in an easier to read fomat, have a look at the connections check the "Established" entries, are any suspicious and not known or recognized by your self.
Make a note of any unusual or suspicious IP addresses, you can send in reply for me to check or check them yourself at the following link:

http://whois.domaintools.com/

Does that help, is anything obvious found with currports....
Edited by kevinf80
Link to post
Share on other sites

Thanks for the update, if no remaining issues or concerns run the following to clean up:

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we may have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.