Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Always after start Windows10 Malwareby informs me


jimaul
 Share

Recommended Posts

Every time I start, Windows informs me about a blocked outgoing connection
I delete these folders, from the Temp folder by the program itself by Malwarebyte
I cannot understand if this is some kind of false positive or if I have a virus
If a virus, why isn't it removed by Malwarebyte?

If I mistaked of topic , plz remove to correct area 

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/12/21
Protection Event Time: 11:40 AM
Log File: 2f8ebcc5-5b27-11ec-aea2-18c04d293087.json

-Software Information-
Version: 4.4.11.149
Components Version: 1.0.1513
Update Package Version: 1.0.48492
License: Trial

-System Information-
OS: Windows 10 (Build 19043.1348)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Temp\is-52DNK.tmp\CheckUpd.tmp, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Trojan
Domain: s1.easy-tracker.net
IP Address: 83.97.20.254
Port: 443
Type: Outbound
File: C:\Temp\is-52DNK.tmp\CheckUpd.tmp

(end)

Always after start Windows10 Malwarebyte    informs me about a blocked outbound connection

 

 

 

-Log Details-
Protection Event Date: 12/12/21
Protection Event Time: 11:44 AM
Log File: a8862626-5b27-11ec-9aaf-18c04d293087.json

-Software Information-
Version: 4.4.11.149
Components Version: 1.0.1513
Update Package Version: 1.0.48492
License: Trial

-System Information-
OS: Windows 10 (Build 19043.1348)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: RiskWare
Domain: windowsbulletin.com
IP Address: 104.21.53.74
Port: 80
Type: Outbound
File: C:\Program Files\Google\Chrome\Application\chrome.exe

(end)

 

 

 

 

 

 

 

 

Link to post
Share on other sites

Hello @jimaul and :welcome:

 

My name is MKDB and I will assist you.

 

  • Please follow the steps in the given order and post back the logs as an attachment when ready. Thank you very much for your cooperation.
  • Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans are completed.
  • Temporarily disable Microsoft SmartScreen to download software below if needed. Make sure to turn it back on once the scans are completed.
  • As English is not my native language, please do not use slang or idoms. It may be hard for me to understand.

 

 

Step 1

  • Please download the Malwarebytes Support Tool (MBST).
  • Run MBST.
  • In the left navigation pane of MBST, click Advanced.
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine.
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply.

Thank you!

Link to post
Share on other sites

Hi @jimaul,

thank you very much for your logfiles.

 

 

It seems that your adobe products are illegal.

We will not support customers trying to steal software. We will help you remove the software and possibly other infections it may have downloaded on its own.

Playing with cracked software is a lot more dangerous than it used to be. There are many people that have lost all their data due to an encryption attack on all their data.

Please uninstall these adobe software products first.

---

The software CleanMyPC is no longer supported/developed, you should uninstall it as well.

---

Please report back when uninstall is complete.

 

 

 

 

After that, we need to run FRST again... your system is indeed infected with malware.

 

Why was FRST run vom C:\Temp\mwb2B1.tmp\ ?

Please run FRST again, now from desktop (C:\users\SiG\desktop\).

 

Step 1

Please download the suitable version of Farbar Recovery Scan Tool (FRST) and save it to your desktop: 32bit | 64bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Check the box in front of Shortcut.txt.
  • Press the Scan button.
  • FRST will create three logs (FRST.txt + Addition.txt + Shortcut.txt) in the same directory the tool is run.
  • Please attach these logfiles to your next reply.

 

Edited by MKDB
Link to post
Share on other sites

Hi @jimaul,

the temp-folder was just one thing...  what about all the other instructions? 🙂

 

Please report back when you have uninstalled the mentioned software and run FRST from desktop. Include all logfiles as well with your next answer.

We could be further in the cleaning process, it doesn't work without your cooperation... so go ahead!

Edited by MKDB
Link to post
Share on other sites

I didn't talk about free Adobe Reader, but your illegal Adobe Cloud products.

A restore from Backup or a new clean installation are probably the best decision here @jimaul.

It's a shame that I wasn't allowed to help you.

 

 

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection.

Thank you.

 

 

As this topic seems to be solved, I do not follow it any longer.

Take care!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.