Jump to content
feche90

Website Blocked due to Trojan - SysWOW64 rundll32

Recommended Posts

Hello,

Recently I had an attack of many viruses and malware, after running Malwarebyte scan and Windows Defender scan my computer keeps popping up a message from Malwarebyte saying "Website Blocked due to Trojan" and it says that the file is C:\Windows\SysWOW64\rundll32.exe. 

Do I have malware still on my computer? No matter how many times I run a full Scan, this warning keeps coming. Can somebody please help me to solve this? 

I will really appreciate your help.

The complete report says the following:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/16/19
Protection Event Time: 9:17 PM
Log File: b120947a-a7c3-11e9-97b0-309c23919715.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11578
License: Trial

-System Information-
OS: Windows 10 (Build 17763.615)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Trojan
Domain: update.adsppx.ru
IP Address: 104.31.70.232
Port: [49759]
Type: Outbound
File: C:\Windows\SysWOW64\rundll32.exe

 (end)

Report.txt

Share this post


Link to post
Share on other sites

Hi,  @feche90 

My name is Maurice. I will be helping and guiding you, going forward on this case.

The website block is on update.adsppx.ru   .   That is a courtesy notice message. It does not mean to indicate a actual onboard infection.

The web protection in Malwarebytes is keeping the pc safe.


We need to get information from this machine in order to have the proper detail to help you forward.
 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

    Download Malwarebytes Support Tool
    
    
    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support-1.4.0.615.exe to run the report
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
        
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"

    Do NOT use the button “Start repair” !
    Click the Advanced tab on the left column
    
    Click the Gather Logs button
    
    A progress bar will appear and the program will proceed with getting logs from your computer
   
    Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK
    Please attach the ZIP file in your next reply.

 

Thank you.

 

Share this post


Link to post
Share on other sites

Hello Maurice,

First of all I want to thank you for taking the time to give me a detailed answer. 

The truth is that 2 days ago I suffered a virus infection on my laptop, as I stated before. After running Makwarebytes full scan the report said that some DNS changer malware was found, among 60 other potential threats. Long story short they stole my credentials somehow and managed to empty my PayPal account (around USD 400). 

In order to be sure I did a fresh installation of windows and change all my passwords. 

Just wanted to share my experience in case this can help somebody. 

Thanks for your help and great support. 

Share this post


Link to post
Share on other sites

Hi,

I regret to learn you were robbed of your Paypal.

I understand you to say you did a wipe of the system and new Windows install & change your passwords.

Be sure to notify all your financial institutions of the theft of your identity  and information.

Be sure you report the incident to your state's attorney general.    also to the FBI  ( if you are in US )    https://www.ic3.gov/default.aspx

 

Let me know if you need other help at this point.

If I may, I would suggest that you insure to have Malwarebytes for Windows Premium on your Windows and other devices to beef up security.

Also, Backup is your best friend.   Be sure you keep current backups of this system.

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Safer practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Free games & free programs are like "candy". We do not accept them from "strangers".


Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.


Check in at http://windowsupdate.microsoft.com 
Windows Update and install any Important Updates offered.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq




Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

.

Let me know if you need something at this point.

Sincerely,

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.