Undetected Malware Outbound Connections

[User349103]

Dear Support Team,

 

MWB have blocked some suspicious outbound connections (Related logs attached, I don't know how to provide a global log of all threats). After doing some research it seems that the responsible is a malware that got into the system after the execution of MCLeaksAuthenticator.exe. Could you please support me to get rid of it? FRST and Addition log attached too. Furthermore, I deleted the executable file and haven't tried to execute  or download it again ever since. Thanks!

Addition.txt FRST.txt MWBLog.txt MWBLog2.txt MWBLog3.txt MWBLog4.txt MWBLog5.txt

[nasdaq]

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Two program are suspicious on your logs.
They will be sent to VirusTotal for investigation.

A report will be shown in the Fixlog.

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

[User349103]

Hi Nasdaq,

Thank you for your support. I successfully completed the steps and hereby I attach the Fixlog.txt. Please give me a couple of days to check if the problem persist. 

Best,

Fixlog.txt

[User349103]

I would also like to ask if it is advisable to use Malwarebytes Browser Guard if I already use the following extensions for Chrome and Edge (Chromium):

Ublock Origin: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm

Ublock Extra: https://chrome.google.com/webstore/detail/ublock-origin-extra/pgdnlhfefecpicbbihgmbmffkjpaplco

Privacy Badger: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp

Https Everywhere: https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp

No Script: https://chrome.google.com/webstore/detail/noscript/doojmbjmlfjjnbmnoijecmcbfeoakpjm

Decentraleyes: https://chrome.google.com/webstore/detail/decentraleyes/ldpochfccmkkmhdbclfhpagapcfdljkj

Canvas Defender: https://chrome.google.com/webstore/detail/canvas-defender/obdbgnebcljmgkoljcdddaopadkifnpm

Would it make sense to add MB Guard to this mix?

Best,

 

[nasdaq]

HI,

Looking good.

No harm in adding MB Guard.

If by any chance you computer is slower then one of the extensions may be interferring.

Test it.

[User349103]

Hi Nadaq,

 

Thank you for the advise. I can confirm that the suspicious outbounds stopped. Thank you for the support!

This thread may be closed.

 

[nasdaq]

Glad we could help.

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you