Jump to content

a.securing-request.com Trojan


Recommended Posts

Hi, 

I will be helping and guiding you, going forward.

We need to get additional  information from this machine in order to have the proper detail to help you forward.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

    Download Malwarebytes Support Tool
    
    
    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support-1.4.0.615.exe to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.

 

Link to post
Share on other sites

Thank you for running the support tool.  The reports show that Windows does need one Reboot so that it can finish pending file rename operations   & this system has been on for nearly 4 days.

Please take a few minutes, and do one Windows Restart.     thanks.

 

Please know that the website protection of Malwarebytes ( on this trial install) is keeping your pc safe.

The website block notices do not mean necessarily that there is a malware here.

.

The website block events appear to happen just when either Google Chrome or SRWare Iron Chrome are in use.

For the time being, lets use a different browser   and not use those other  two.

.

I would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner.

 

 

Please download the current release for Malwarebytes AdwCleaner from here:
https://downloads.malwarebytes.com/file/adwcleaner

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.

 

You should then see a screen showing "Scan results".

Review what is listed. If something is listed that you know for sure is safe, then for that line, click the check-box on the left so that it is un-checked.

(NOTE, clicking the small right pointed little arrow, will cause the screen to refresh & show all line items . )

 

When ready, click on the button "Clean and repair".

If prompted to restart then click on "Clean & Restart Now".

 

When You see screen with "Your cleanup is complete", click on the View Log file button.

It should then show as a open window in your text editor ( normally Notepad).

Do a File >> Save As, given it a unique name and Save to your Desktop or some other permanent folder.

 

Kindly provide a copy of that run report. Attach it with reply.

 

When done with Adwcleaner, click the X button to Exit out.

Thank you.

 

Link to post
Share on other sites

Hi,

I did overlook that you had indeed run Adwcleaner.

As to a trojan, the fact that there are website block notices is not a indicator of the presence of a trojan onboard the machine.

There is some condition or combination of factors that tries to access "securing-request" when Chrome is in use.

The website protection of Malwarebytes is keeping the pc safe.

.

For Your Information:

The website Block message indicates that a potential risk was blocked by the malicious website protection. 

The Malwarebytes web protection, by default, will always show each IP block occurrence.

The Malwarebytes Webs protection feature will advise customers when a known or suspected malicious IP is attempted to be reached (outgoing) or is trying access your PC.

 

See our info page https://www.malwarebytes.com/lp/ip-blocking/?ipblock=true

 

Incoming threats can be ignored, our software is blocking the attack and there is nothing more that can be done.

On Outbound blocks, any connection was stopped.

No action is required unless you’re there are multiple (different) IPs (ex;123.23.34 and 4.44.56).

.

.

You may do some browser "strengthening" to help in general  to reduce unwanted ads.

beef up each web browser ( put an ad block extension).
Malwarebytes has a browser extension for Chrome & a separate one for Firefox browser.

 

See this article on our Malwarebytes Blog
How to tighten security and increase privacy on your browser

.

Look at the following Malwarebytes Blog article and scroll down to the section marked *Clear your browser's cache* 
and do that for each of your web browser programs.
https://blog.malwarebytes.com/puppum/2017/04/adware-the-series-part-1/

.

Look at the following Blog article & turn off push notifications for Chrome, Firefox, Edge, Opera
https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

.

 

Link to post
Share on other sites

you think its not a trojan? without Malwarebytes my browser gets redirected to spamsites. With Malwarebytes those redirections are blocked (see image). But after the real time protection runs out today, it will be as before. 

The maleware that causes those redirects should be removed. 

blocks.png

Link to post
Share on other sites

The block message STOPPED an  attempted access to a-securing-request.com

It is important to keep that foremost in mind.   The attempt was stopped.   There is no infection on the machine itself.

The format shown by that message box was never intended to be a finding of infection on the machine itself.

The Chrome browser on this machine does have a extension add-on named Vimeo Video Downloader

 

Just cleared a case much like yours.  The OP uninstalled Vimeo Video Downloader & his issue has cleared away.  No more block notices.   The source of all the trouble was that add-on.

Start Chrome.

Look on the upper top right and click on the 3 dots ( or dashes) menu icon of Chrome ( top bar). 

Then click on More Tools > then click on EXTENSIONS.

 

Look for Vimeo Video Downloader

then if you see on its right a blue color slider, click or slide it to the left so that it is dimmed to grey color ( turned off)

Then click on REMOVE with your mouse.

 

That ought to take care of it

Cheers

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.