Windows Powershell - Blocked Website

[AdvancedSetup]

Thank you for those logs @garysl

They look good. AdwCleaner was unable to remove a trace entry in the registry but that's not an issue to worry about.

Please run the following, and let me know if you're still having any signs of an infection or other issues.

 

 

SecurityCheck by glax24              

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

• Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
• If Microsoft SmartScreen blocks the download, click through to save the file
• This tool is safe.   Smartscreen is overly sensitive.
• If SmartScreen blocks the file from running click on More info and Run anyway
• Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
• Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
• You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

 

Thank you

 

 

[AdvancedSetup]

Are you still with us @garysl

Please post a status update

Thanks

 

[garysl]

Sorry,

I didn't receive any notification that you'd posted, for some reason. I checked the site and didn't see any new post because it had gone onto a different page. My apologies. Anyway, I haven't noticed any further signs of infection and I I've attached the security check file.

 

Thanks very much.

SecurityCheck.txt

[AdvancedSetup]

No problem, every once in a while the forum seems to skip a notice. I've missed more than you can imagine. @garysl

 

Please uninstall, update, or otherwise address the following as appropriate for your system.

 

---------------------- [ AntiVirusFirewallInstall ] -----------------------

Malwarebytes version 4.5.13.208 v.4.5.13.208 Warning! Download Update

--------------------------- [ OtherUtilities ] ----------------------------

LibreOffice 7.2.2.2 v.7.2.2.2 Warning! Download Update

calibre 64bit v.6.1.0 Warning! Download Update

 

------------------------------ [ ArchAndFM ] ------------------------------

WinRAR 6.01 (64-bit) v.6.01.0 Warning! Download Update

-------------------------- [ IMAndCollaborate ] ---------------------------

Zoom v.5.5.4 (13142.0301) Warning! Download Update

--------------------------------- [ P2P ] ---------------------------------

qBittorrent 4.4.2 v.4.4.2 Warning! Download Update

-------------------------------- [ Media ] --------------------------------

Audacity 2.4.2 v.2.4.2 Warning! Download Update

--------------------------- [ AdobeProduction ] ---------------------------

Adobe Creative Cloud v.5.6.0.788 Warning! Download Update

 

----------------------------- [ EmailClient ] -----------------------------
Mozilla Thunderbird (x86 en-US) v.91.13.0 Warning! Download Update

 

 

 

Unless you really need it, I would highly suggest uninstall P2P software. Sooner or later it just might bite you when you least expect it.

 

The act of torrenting itself is not illegal. However, downloading and sharing unsanctioned copyrighted material is illegal, and there is always a chance of prosecution if caught by the authorities.
Torrenting non-copyrighted material is perfectly fine and is allowed. However, be aware that we have seen increased malware bundled with software downloads over P2P.

Recent Ransomware infections have been seen to encrypt user data so that no one can decrypt the data without the private key.
When sharing files, please keep in mind that you're increasing your system's attack surface area, which can increase the risk of infection.

Scan all files before running them. https://www.virustotal.com

If you don't need or use the P2P software, you should uninstall it.

Risks of File-Sharing Technology by the Cybersecurity & Infrastructure Security Agency
https://www.cisa.gov/uscert/ncas/tips/ST05-007

 

 

After you've taken care of the other software, please click on START and type in "Check for updates" and allow Windows to scan for and install any updates.

 

Keep me posted

 

Thanks

 

 

[garysl]

Hi,

I've updated and/or uninstalled the applications, as per your list. Everything now appears to be up to date. 

Thanks once again.

[AdvancedSetup]

How is the computer running now? @garysl

Are there any signs of an infection or other issue?

If all is okay now, please run the following

I'm off work until Thursday, but will try to check back on you before then.

 

Let's go ahead and do some clean-up work and remove the tools and logs we've run.

Please download KpRm by kernel-panik and save it to your desktop.

• right-click kprm_(version).exe and select Run as Administrator.
• Read and accept the disclaimer.
• When the tool opens, ensure all boxes under Actions are checked.
• Under Delete Quarantines select Delete Now, then click Run.
• Once complete, click OK.
• A log will open in Notepad titled kprm-(date).txt.
• Please attach that file to your next reply. (not compulsory)

 

1. Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
   https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/
2. Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
3. Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download
4. Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
5. Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ 
6. Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

•   Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee
•   Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser
•   Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/

uBlock Origin

• Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm 
• Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak 
• Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin

 

Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/

Hopefully, we've been able to assist you with correcting your system issues.

Thank you for using Malwarebytes

 

[garysl]

Hi.

All seems fine. No signs of any infection. I've run kprm as you asked and attached the log. 

Thanks

kprm-20220921103800.txt

[AdvancedSetup]

Great, all looks good.

I'll go ahead and close your topic and wish you well.

Take care and stay safe out there. Don't forget your back ups.

Cheers

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you