Jump to content

svchost.exe trying to send an outbound connection (riskware)


Recommended Posts

Question. At the moment of the block notice, what program was in use them. ( Or last one actively being used ) ?

Were you using a web browser, yes or no?  If yes, which one ?

And or, were you reading Email ?

Were you maybe on Facebook ?

The domain / URL that was Blocked is fbk.xiaomishop.me

 

Be real sure to advise me which web browser you use the most + the one in use at that block notice.

Edited by Maurice Naggar
Link to post
Share on other sites

Your BRAVE web browser as well as Edge browser can each use the Malwarebytes Browser guard mentioned in my link below.

Do all steps. Just also install the Browser Guard on each of Brave & Edge.

Ps. There will be more to do later.

These are not a one-shot do it all quick fix.

.

Know that the "block" notices mean that Malwarebytes is keeping your pc safe. For now, I would suggest that you do  steps like on this one post of mine 

 

https://forums.malwarebytes.com/topic/270892-when-searching-things-on-googlecom-i-get-trojan-alert-for-addedprintcom/?do=findComment&comment=1440523

 

Attach the report from Adwcleaner back here.  We will do more later. 

Link to post
Share on other sites

Note of strong caution.

It looks like AVIRA antivirus is running & monitoring this system.

Is it the one you have settled on for use on ongoing basis ?

There are mentions of TWO other antivirus.  Bullguard + Avast.

We will need to get 2 of those 3 uninstalled & run the vendors Cleanup uninstall utility.

More than one installed antivirus does lead to deadlocks & conflicts.

Link to post
Share on other sites

Hello. Thanks. A excellent result from Adwcleaner.

Now a scan with a different tool.

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

On the Scan Options, select "FULL" scan.

Have lots of patience. The run may take a few hours.

Let me know the result of this.

The log is named MSERT.log  

the log will be at  

C:\Windows\debug\msert.log

Please attach that log with your reply.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...

Hi.  I have not heard back from you in several days.  I am relaying additional advice & then will close out this topic case.

 

Keep always in mind, that Block notices (website blocks / I P blocks) from Malwarebytes for Windows are courtesy notices that the real-time protections of the Premium is keeping the pc safe from potential threats.  It does not necessarily indicate that there is a actual onboard infection.  The potential threats are external - - - - out on the web.

What needs to be done is to strenghthen your safety practices and all apps.   

Another thing you can do is to see about adding the Malwarebytes Browser Guard to those of your browsers that can handle it.

See https://support.malwarebytes.com/hc/en-us/articles/360038520374-Install-Malwarebytes-Browser-Guard

 

Other best practices / safety tips.

[ BEST PRACTICES ]

Backup is your best friend. Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

 

 

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Best practices & malware prevention:

  • Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
  • First rule of internet safety: slow down & think before you "click".
  • Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).
  •  
  • Free games & free programs are like "candy". We do not accept them from "strangers".
  •  
  • Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
  • Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.
  • Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
  • Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".
  •  
  • Use a Standard user account rather than an administrator-rights account when "surfing" the web.
  • See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
  • Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.
  •  
  • Do a Windows Update.
  •  
  • Make certain that Automatic Updates is enabled.
  • https://support.microsoft.com/en-us/help/12373/windows-update-faq
  •  
  • Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.
  •  
  • For other added tips, read "10 easy ways to prevent malware infection"

https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/

:cool:

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.