AllanR Posted May 8, 2021 Author ID:1455551 Share Posted May 8, 2021 ok so my pc got faster I checked if there was a driver update I check everyday and there was one today and it think it fixed it and also I was checking the curr ports and found a suspicous ip connected to port 80 I know thats a common port to connect to but I found it suspicous because of what it was connecting to I forgot the name but this is the ip I did some looking up and found a website that detected it as a proxie 72.21.81.200 but i was wondering if you could check it out but other than that im all good pc running fine and thanks for reashuring me I was all good and should I delete the stuff I downloaded or should I keep it for future problems? Link to post Share on other sites More sharing options...
Solution kevinf80 Posted May 8, 2021 Solution ID:1455557 Share Posted May 8, 2021 Hello AllanR, The IP address you list is clean, nothing sinister... IP Location United States Of America Los Angeles Verizon Communications Inc. ASN AS15133 EDGECAST, US (registered Mar 19, 2007) Whois Server whois.arin.net IP Address 72.21.81.200 To clean up do the following: Delete the following: C:\Users\yee94\OneDrive\Desktop\RogueKiller_portable64.exe Plus its folder C:\Prgram Data\RogueKiller Next, Delete KVRT.exe from your Desktop. Also navigate to and delete C:\KVRT_Data folder Next, Right click on FRST here: C:\Users\yee94\OneDrive\Desktop\FRST.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator" If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST to uninstall That action will remove FRST and all created files and folders... Next, Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2 Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/ Condsider the following: Disable Remote Desktop: https://www.tenforums.com/tutorials/92433-enable-disable-remote-desktop-connections-windows-10-pc.html Disable Windows Telemetry: https://helpdeskgeek.com/windows-10/how-to-disable-windows-10-telemetry/ Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/ Malwarebytes Browser Guard (Free) for Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Will also work for Opera and Edge.. PatchMyPC, keep all your software upto date - https://patchmypc.com/home-updater#download From there you should be good to go... Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful....Answers to Common Security Questions and best PracticesDo I need a Registry Cleaner? Take care and surf safe Kevin... Link to post Share on other sites More sharing options...
AllanR Posted May 9, 2021 Author ID:1455655 Share Posted May 9, 2021 Ok I deleted everything but before I deleted rouge killer I accidently started a scan again because I was curious if it was a one time use but I let it run like why not and it found something it suprised me but its probably a armoury crate entry because I deleted it yesterday at night but just to make sure here is the results. RogueKiller.txt Link to post Share on other sites More sharing options...
AllanR Posted May 9, 2021 Author ID:1455658 Share Posted May 9, 2021 Fresh logs incase you need them and one thing frst62 didnt want to update it said failed (3) and just ran the scan. FRST.txt Addition.txt Link to post Share on other sites More sharing options...
kevinf80 Posted May 9, 2021 ID:1455664 Share Posted May 9, 2021 Hello AllanR, RogueKiller has identified defunct Firewall rules, they are not malicious entries. You can remove or add firewall rules as and when you deem it to be necessary.... https://www.tenforums.com/tutorials/70903-add-remove-allowed-apps-through-windows-firewall-windows-10-a.html I`ve checked your FRST logs, there is no evidence of any malware or infection... Regards, Kevin... Link to post Share on other sites More sharing options...
AllanR Posted May 9, 2021 Author ID:1455668 Share Posted May 9, 2021 Ok thanks that’s what I suspected because I deleted armourycrate but I had to make sure and thank you very much for helping me out again. Link to post Share on other sites More sharing options...
kevinf80 Posted May 9, 2021 ID:1455669 Share Posted May 9, 2021 You`re very welcome..... Link to post Share on other sites More sharing options...
kevinf80 Posted May 9, 2021 ID:1455806 Share Posted May 9, 2021 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts