Jump to content

I'm getting constant RTP-detections


Go to solution Solved by kevinf80,

Recommended Posts

  • Replies 86
  • Created
  • Last Reply

Top Posters In This Topic

1 minute ago, kevinf80 said:

Hiya Landets,

Let me know if you are successful,

Kevin....:)

Hi Kevin

Geek Uninstaller worked flawlessly and managed to remove the Adobe Connect from my PC. Software also found some leftover traces it deleted during the process.

jj.png.fd0bd99d7fb8a94738fd1e7ad062cac9.png

 

-Landets

Link to post
Share on other sites
1 minute ago, kevinf80 said:

Yes is a great tool for uninstalling software, I use it myself... Once that all VOiP software is gone lets see what happens....

Do you think uninstalling Steam is necessary too? After uninstalling should I restart my PC or just keep monitoring this? Also what do you think about the notification I mentioned in my earlier reply:

 

Quote

I was also uninstalling other programs I thought I don't need anymore, and I got an notification from windows that my computer needs a restart because of changes in my motherboards resources. Do you think this is not connected to the block but that I rather uninstalled a software which caused this notification?

I have now uninstalled every VoIP software except Steam, which main purpose isn't VoIP.

-Landets

Link to post
Share on other sites
  • Solution

Hiya Landets,

Thanks for the update, I half expected you to confirm another inbound block. One concolation the blocks are inbound so there is nothing on your PC to attribute the attempted connection to, in other words your system is clean.

Log 6 does show an outbound block from Chrome, fortunately you caused that yourself so no need to look for a reason why.

Malwarebytes is doing a good job of making the blocks, usually these inbound sniffs will eventually clear up on there own. Until then the only fix is to make a note of the IP and Port numbers and block them with your Firewall.

How to block IP connections with the Firewall:   https://www.interserver.net/tips/kb/add-ip-address-windows-firewall/

How to block malicious Ports with the Firewall:  https://thegeekpage.com/how-to-block-ports-in-windows-10-firewall/

Obviously Malwarebytes will continue to keep you safe until the trial ends and it will revert to a free versions which has no real time protection...

Malwarebytes has some good information here: https://www.malwarebytes.com/lp/ip-blocking/?ipblock=true

Let me know your thoughts...

Thank you,

Kevin..

 

Link to post
Share on other sites

Hi Kevin

Thank you again for your time and help. I was expecting the similar results as every VoIP software I use does has a good reputation in general. I will look into blocking the malicious IP-addresses and Ports later tonight. Before that I would like to ask few questions which might sound very stupid because I'm not very tech-savvy person.

1. Do you think the problem I had in Windows Defender Antivirus (see opening post) and this case might be linked? And when you say that these inbound sniffs will eventually clear up on their own, do you mean that my PC might not be infected at all, even if these blocks occur when I'm not surfing web?

2. Do you think it is safe to do things such as use online bank at this PC in this current state?

3. Because of my blunder below, do you think that it would lead to more problems and do I need to something to ensure my PC's security?

44 minutes ago, Landets said:

I also accidentally pasted the latest attack's IP-address to my address bar as I was trying to look where did the attack come from this time, but it was luckily blocked by Malwarebytes. I have attached the log of that incident to this reply:

-Landets 

log 6.txt 722 B · 1 download

If these questions are unnecessary and pointless for you, you don't need to waste your time to them. 

-Landets 

Link to post
Share on other sites

Those latest logs are all related to steam, being outbound they are definitely a cause for concern. Again Malwarebytes does an excellent job..

This might help, clearing this folder will often resolve issues with Steam if outbound connections are attempted.

C:\Users\{your username}\AppData\Local\Steam\htmlcache

Appdata is usually a hidden folder, if so you will need to change to show.... Instructions at following link if required..

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/ same for W8 and W10

reboot when complete, see if the steam issue clears...

Thanks,

Kevin
Link to post
Share on other sites
8 minutes ago, kevinf80 said:

Those latest logs are all related to steam, being outbound they are definitely a cause for concern. Again Malwarebytes does an excellent job..

This might help, clearing this folder will often resolve issues with Steam if outbound connections are attempted.

C:\Users\{your username}\AppData\Local\Steam\htmlcache

Appdata is usually a hidden folder, if so you will need to change to show.... Instructions at following link if required..

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/ same for W8 and W10

reboot when complete, see if the steam issue clears...

Thanks,

Kevin

I will do this immediately. Thank you for your help. When I uninstalled all VoIP software I actually forgot to uninstall Steam and it's games. Because I'm not native english speaker, I'm not sure if you mean that these new blocks are separate problem compared to earlier blocks.

-Landets

Link to post
Share on other sites

I deleted everything from htmlcache -folder, and after that I also deleted them permanently from thrash can. After that I rebooted my PC. After the reboot I had weird files on my desktop, I will attach the screenshot of them to this reply.sss.png.1bcb08283314de8edfd2a5bc1bed1e93.png 

These 3 files/icons appeared to my desktop after the reboot. I have never seen these icons appearing hollow like these 3 do.

 

Link to post
Share on other sites
9 minutes ago, Landets said:

I deleted everything from htmlcache -folder, and after that I also deleted them permanently from thrash can. After that I rebooted my PC. After the reboot I had weird files on my desktop, I will attach the screenshot of them to this reply.sss.png.1bcb08283314de8edfd2a5bc1bed1e93.png 

These 3 files/icons appeared to my desktop after the reboot. I have never seen these icons appearing hollow like these 3 do.

 

What I meant to say that I have never seen any object in desktop with hollow appearance like these 3 new weird objects have. Sorry for my english.

-Landets

Link to post
Share on other sites

Those are ok, you can see them because hidden folder are now on display. I gave you instructions so you could see appdata folder......

Quote

Appdata is usually a hidden folder, if so you will need to change to show.... Instructions at following link if required..

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/ same for W8 and W10

Use those instructions to rehide again...

Has the steam issue cleared...?

Link to post
Share on other sites
3 minutes ago, kevinf80 said:

Those are ok, you can see them because hidden folder are now on display. I gave you instructions so you could see appdata folder......

Use those instructions to rehide again...

Has the steam issue cleared...?

I have had no blocks since I rebooted the PC, but I haven't dared to use Steam or it's games yet. I will now use Steam and launch few games from there and see if I get blocks or not.

Link to post
Share on other sites

Hello Kevin

I just got another outbound block, this time it was a hijack. I have attached a log about it to this reply. When this block happened, I was browsing internet in Google Chrome's incognito mode. The block happened when I entered into this clothing brand's website: https://karhu.com/juoksukengat/ , and I had also local newspaper's article open too https://www.is.fi/kotimaa/art-2000007640893.html .  Before that I was browsing Google Maps and Wikipedia, and I had a Twitch Stream open in normal window when the block happened.

 I haven't used Steam today so I haven't had any blocks from there yet. 

-Landets

log 13.txt

Link to post
Share on other sites

I just launched a game from Steam to test things, and I got another outbound block because of trojan. So removing stuff from htmlcache-folder seems to not have worked. the game I launched was Counter Strike: Global Offensive. The log is attached to this reply. Do you think these outbound blocks are connected to the inbound blocks I got earlier and to my Windows Defender Antivirus's weird malfunction?

log 14.txt

Link to post
Share on other sites
Hiya Landets,
 
Log 13 is related to Chrome, use the instructions in the following link to reset Chrome:

https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/

Log 14 is related to Steam, use the instructions in the two following links to reset Steam:

https://steamcommunity.com/discussions/forum/1/496880203077281805/

https://support.steampowered.com/kb_article.php?ref=3134-TIAL-4638
 
Thanks,
 
Kevin
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.