Jump to content

Strange loading and connection to internet with Edge.


Go to solution Solved by Maurice Naggar,

Recommended Posts

Hi, so basically, some days ago, I opened an weird .exe file from a just as weird website (i know, i'm not very smart). Since then, some strange things happen to my PC. Like, random and frequently loading from nowhere (the blue ring on the mouse) and Malwarebytes already stopped some outbound connection from Microsoft Edge. With that, i think i might be infected. I linked all necessary files, plus the last etection from Malwarebytes. Thanks in advance, and sorry if I use a broken English, it's not my first language.

Addition.txt FRST.txt Malwarebytes_Log.txt last RTP detection.txt

Link to post
Share on other sites

Hi. :welcome:

My name is Maurice.

Let's start with this.

In Malwarebytes for Windows program, we want to do a special scan.

Click Settings ( gear icon) at the top right of Malwarebytes window. We want to see the SETTINGS window.

 

Then click the Security tab.   

 

Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON 👈

Click it to get it ON if it does not show a blue-color

.

Next, click the small x on the Settings line to go to the main Malwarebytes Window.

 

Next click the blue button marked Scan.

When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

 

You can actually click ( tick ) the topmost left check-box on the very top line to get ALL lines ticked ( all selected). 👈

🔻

Then click on Quarantine selected

Then, locate the Scan run report; export out a copy; & then attach in with your reply.

 

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

We will do more, later. 

 

Link to post
Share on other sites

Note. The Block notice message means that the Malwarebytes app is protecting your Edge browser.

It blocked a outbound attempt to feed-5613.coderformylife.info

Link to post
Share on other sites

When you get caught up & have some quiet time.

Start the Edge browser.

Press the three dot icon in the upper-right. Go to Settings > Privacy... > Choose what to clear. Pick the data and time range. Press Clear now.

To clear on close, press the three dot icon in the upper-right. Select Settings > Privacy... > Choose...clear every time... > Pick what to clear.

 

How to Clear the Cache

To clear the cache in Microsoft Edge, complete the following steps:

Open Microsoft Edge.

Select Settings and more (the icon that looks like three dots

Select Settings.

In the Settings sidebar, select Privacy and services

Under Clear browsing data, select Choose what to clear.

In Clear browsing data, select the check box for each type of data, such as browsing history, you want to clear from the cache.

 

From the Time range list, select how far back Microsoft Edge should empty the cache ( Select  for all time).

 

Select Clear now.

Link to post
Share on other sites
22 hours ago, Maurice Naggar said:

Hi. :welcome:

My name is Maurice.

Let's start with this.

In Malwarebytes for Windows program, we want to do a special scan.

Click Settings ( gear icon) at the top right of Malwarebytes window. We want to see the SETTINGS window.

 

Then click the Security tab.   

 

Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON 👈

Click it to get it ON if it does not show a blue-color

.

Next, click the small x on the Settings line to go to the main Malwarebytes Window.

 

Next click the blue button marked Scan.

When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

 

You can actually click ( tick ) the topmost left check-box on the very top line to get ALL lines ticked ( all selected). 👈

🔻

Then click on Quarantine selected

Then, locate the Scan run report; export out a copy; & then attach in with your reply.

 

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

We will do more, later. 

 



Thanks, I did attach the report in my reply, even if it detected nothing. I didn't understand well the part where you sa

report.txt

Link to post
Share on other sites

Missclick, next part here :  I didn't understand well the part where you said "

22 hours ago, Maurice Naggar said:

When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

 

You can actually click ( tick ) the topmost left check-box on the very top line to get ALL lines ticked ( all selected). 👈

I don't see anything on the left in the scan menu. Do you mean the Detection History ? In the quarantined items ?

Link to post
Share on other sites

Thanks for the scan report. There is Zero flagged.  So what I emphasized about ticking all flagged items ( if any ) does not apply.

This is a good scan result.

Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 342386

Threats Detected: 0

Link to post
Share on other sites

Next thing to be done.

The custom script Fixlist.txt  needs to be saved to the same folder that contains FRST64.exe   /  on Downloads folder

 

The custom script on this post is ONLY for this machine and NO other.   

Please be sure to Close any open work files, documents,  any apps you started yourself  before starting this.

 

If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached,  please disconnect any of those.

The system will be rebooted after the script has run.

 

Please save the (attached file named) FIXLIST.txt   to the  Downloads folder

 

Start the Windows Explorer and then, to Downloads

Do a Right-click with mouse on FRST64 & choose RUN as Administrator & reply Yes to allow to proceed.

IF Windows prompts you about running this, select YES to allow it to proceed.

 

IF you get a block message from Windows about this tool......

click line More info information on that screen

and click button Run anyway on next screen.

 

on the FRST window:

Click the Fix button just once, and wait.

PLEASE have lots  of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.

If you receive a message that a reboot is required, please make sure you allow it to restart normally.

The tool will complete its run after restart.

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

 

Please attach the FIXLOG.txt with your next reply later, at your next opportunity   

 

Please know this will do a Windows Restart.   Just let it do its thing.  

Do let me know how things are overall,  after all this.

Fixlist.txt

Edited by Maurice Naggar
Correction
Link to post
Share on other sites
  • Solution
Posted (edited)

Thank you. That is a very good run.

Since this pc has AVAST antivirus, please do a Scan to check for viruses, if any, at this point.

Keep me advised.

Edited by Maurice Naggar
Correction for Avast
Link to post
Share on other sites

Wait it's done ? already ? I thought it would takes days😃 Welle thank you then, you were really helpful ! And for Avira, i thought it was uninstalled long ago ? Oh Well, thanks a lot !

Link to post
Share on other sites

Very sorry. I should say AVAST.

 

Hi. Please double check your Windows about the resident antivirus.

My notes had mentioned this pc having Avast AV.

You can get into Windows Settings >> Update & Security >> Virus & Threat protection.

.

You should also look on the Windows Start menu programs list & look for Avast.

Edited by Maurice Naggar
Correction
Link to post
Share on other sites

That is fine.

I would like you to run a tool named SecurityCheck to inquire on the current-security-update  status  of some applications.

 

Download SecurityCheck by glax24 from here  https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe

and save the tool on the desktop.

If Windows's  SmartScreen block that with a message-window, then

Click on the MORE INFO spot and over-ride that and allow it to proceed.

This tool is safe.   Smartscreen is overly sensitive.

Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward

Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.

You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.