User349103 Posted April 17, 2020 ID:1373842 Share Posted April 17, 2020 Dear Support Team, MWB have blocked some suspicious outbound connections (Related logs attached, I don't know how to provide a global log of all threats). After doing some research it seems that the responsible is a malware that got into the system after the execution of MCLeaksAuthenticator.exe. Could you please support me to get rid of it? FRST and Addition log attached too. Furthermore, I deleted the executable file and haven't tried to execute or download it again ever since. Thanks! Addition.txt FRST.txt MWBLog.txt MWBLog2.txt MWBLog3.txt MWBLog4.txt MWBLog5.txt Link to post Share on other sites More sharing options...
nasdaq Posted April 17, 2020 ID:1373857 Share Posted April 17, 2020 Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Two program are suspicious on your logs. They will be sent to VirusTotal for investigation. A report will be shown in the Fixlog. Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The Computer will restart when the fix is completed. It will create a log (Fixlog.txt) please post it to your reply. === Please post the Fixlog.txt and let me know what problem persists. fixlist.txt Link to post Share on other sites More sharing options...
User349103 Posted April 17, 2020 Author ID:1373865 Share Posted April 17, 2020 Hi Nasdaq, Thank you for your support. I successfully completed the steps and hereby I attach the Fixlog.txt. Please give me a couple of days to check if the problem persist. Best, Fixlog.txt Link to post Share on other sites More sharing options...
User349103 Posted April 17, 2020 Author ID:1373867 Share Posted April 17, 2020 I would also like to ask if it is advisable to use Malwarebytes Browser Guard if I already use the following extensions for Chrome and Edge (Chromium): Ublock Origin: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Ublock Extra: https://chrome.google.com/webstore/detail/ublock-origin-extra/pgdnlhfefecpicbbihgmbmffkjpaplco Privacy Badger: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp Https Everywhere: https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp No Script: https://chrome.google.com/webstore/detail/noscript/doojmbjmlfjjnbmnoijecmcbfeoakpjm Decentraleyes: https://chrome.google.com/webstore/detail/decentraleyes/ldpochfccmkkmhdbclfhpagapcfdljkj Canvas Defender: https://chrome.google.com/webstore/detail/canvas-defender/obdbgnebcljmgkoljcdddaopadkifnpm Would it make sense to add MB Guard to this mix? Best, Link to post Share on other sites More sharing options...
nasdaq Posted April 17, 2020 ID:1373927 Share Posted April 17, 2020 HI, Looking good. No harm in adding MB Guard. If by any chance you computer is slower then one of the extensions may be interferring. Test it. Link to post Share on other sites More sharing options...
User349103 Posted April 19, 2020 Author ID:1374519 Share Posted April 19, 2020 Hi Nadaq, Thank you for the advise. I can confirm that the suspicious outbounds stopped. Thank you for the support! This thread may be closed. Link to post Share on other sites More sharing options...
nasdaq Posted April 20, 2020 ID:1374758 Share Posted April 20, 2020 Glad we could help. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted May 4, 2020 Root Admin ID:1378610 Share Posted May 4, 2020 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts