Jump to content
DingusD

I keep getting weird trojan/phishing warnings.

Recommended Posts

Here are a few log details of the popups i keep getting. When i try to scan it says im all good,

-Log Details-
Protection Event Date: 11/26/19
Protection Event Time: 7:59 PM
Log File: 87ab9b08-10b9-11ea-811e-d050999d5ba5.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.750
Update Package Version: 1.0.0
License: Trial

-System Information-
OS: Windows 10 (Build 18362.476)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Phishing
Domain: launchpage.org
IP Address: 107.182.226.40
Port: 61373
Type: Outbound
File: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

(end)

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/26/19
Protection Event Time: 10:02 AM
Log File: 22fa4b58-1066-11ea-8dc5-d050999d5ba5.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.750
Update Package Version: 1.0.0
License: Trial

-System Information-
OS: Windows 10 (Build 18362.476)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain:
IP Address: 37.49.227.202
Port: 5353
Type: Inbound
File:

 

(end)

 

 

I get one or two of these warnings a day

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please post the logs for my review.

Wait for further instructions
====

Please let me know which browser you are using when you get this notification.
 

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

How to stop them, https://support.google.com/chrome/answer/3220216?co=GENIE.Platform%3DDesktop&hl=en
CHR Notifications: Default -> hxxps://addgeeks.com; hxxps://forums.pixeltailgames.com; hxxps://moat.gg; hxxps://www.faceit.com; hxxps://www.riff.tv; hxxps://www.youtube.com

One of these Notifications links could be the culprit. Check the non obvious ones to your eyes.
----

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and you are Syncing Firefox it with other Devices reset it.

Navigate to this page and Remove it as suggested.

https://support.mozilla.org/en-US/kb/remove-synced-device-firefox-accounts

When done restart the computer normally.

If all is well.

Return to your Firefox Account and Click the Connect button.

Reset the sync.

Restart the computer normally.
<<<>>>

Let me know if your problem is solved.

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Share this post


Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.