Concerned about logs.kslogs.ru

[Comet]

Lately I have noticed a message pop up in my Edge browser's bottom activity bar when certain websites are loading. It says "Waiting on logs.kslogs.ru.." At first I though it was a specific site, then I started noticing it on other sites as well. I wondered if it was an issue with a plug-in, so I ran Firefox in troubleshoot mode, went to those same websites, and didn't see that message pop up. I then reviewed my plug-ins, and found that I had installed these:

• Privacy Badger
• HTTPS Everywhere
• uBlock Origin
• AutoPlay Stopper
• F.B.Purity
• Google Docs Online
• RegretsReporter
• Tampermonkey
• Image dowloader

I decided to start uninstalling plugins to see if that would cause the message to disappear. The first one I uninstalled was Image downloader, and the post-uninstall tried to bring me to a web page that was marked as dangerous. After I uninstalled this extension, I again visited those same websites and checked for the "Waiting for logs.klogs.ru.." message, but did not see it. I then went to the extension's entry on the Chrome webstore, as I have it installed on Chrome as well, 

https://chrome.google.com/webstore/detail/kdbfjpagopjjaiofmgodphiklmjhcnok

and it is no longer there. There is an "Image Downloader" extension on the Chrome web store but this is at a different link

https://chrome.google.com/webstore/detail/image-downloader/cnpniohnfphhjihaiiggeabnkjhpaldj

 

So, my question is: How concerned should I be about all this? Was "logs.klogs.ru" collecting sensitive information about me? Is it time to start changing passwords? Any information will be appreciated.

• Microsoft Edge Version 105.0.1343.42 (Official build) (64-bit)
• Microsoft Windows 10 Home Version 10.0.19043 Build 19043

Thanks.

 

 

 

 

Edited September 23, 2022 by AdvancedSetup
Disabled live hyperlink

[1PW]

Hello @Comet and :

Before your question can be best answered, please allow the forum experts to see some logs:

1. Download the Malwarebytes Support Tool.
2. Typically downloaded to your Downloads folder, open the mb-support-x.x.x.xxx.exe file.
3. In the User Account Control pop-up window, click Yes to continue the installation.
4. Run the MBST Support Tool.
5. In the left navigation pane of the Malwarebytes Support Tool, click Advanced.
6. In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine.
7. A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file in your next reply.

Thank you.

[Comet]

Here are the logs. Thanks.

mbst-grab-results.zip

[AdvancedSetup]

Hello @Comet

I'm not seeing an immediate issue. Please run the following

 

 

Please download and run the following Kaspersky Virus Removal Tool 2020 and save it to your Desktop.

(Kaspersky Virus Removal Tool version 20.0.10.0 was released on November 9, 2021)

Download: Kaspersky Virus Removal Tool

How to run a scan with Kaspersky Virus Removal Tool 2020
https://support.kaspersky.com/15674

How to run Kaspersky Virus Removal Tool 2020 in the advanced mode
https://support.kaspersky.com/15680

How to restore a file removed during Kaspersky Virus Removal Tool 2020 scan
https://support.kaspersky.com/15681

 

Select the     Windows Key and R Key together, the "Run" box should open. Drag and Drop KVRT.exe into the Run Box. C:\Users\{your user name}\DESKTOP\KVRT.exe will now show in the run box. add -dontencrypt   Note the space between KVRT.exe and -dontencrypt C:\Users\{your user name}\DESKTOP\KVRT.exe -dontencrypt should now show in the Run box.   That addendum to the run command is very important, when the scan does eventually complete the resultant report is normally encrypted, with the extra command it is saved as a readable file. Reports are saved here C:\KVRT2020_Data\Reports and look similar to this report_20210123_113021.klr Right-click direct onto that report, select > open with > Notepad. Save that file and attach it to your reply. To start the scan select OK in the "Run" box. A EULA window will open, tick all confirmation boxes then select "Accept" In the new window select "Change Parameters" In the new window ensure all selection boxes are ticked, then select "OK" The scan should now start... When complete if entries are found there will be options, if "Cure" is offered leave as is. For any other options change to "Delete" then select "Continue" When complete, or if nothing was found select "Close" Attach the report information as previously instructed...   Thank you

 

 

[Comet]

Here is the log file. I skilled deletion of the two detections to make sure they were not part of my workplace VPN. They were not, so I deleted them.

report_2022.09.28_09.36.36.klr.txt

[AdvancedSetup]

Yes, those are not infections. Just possible risk if you were not aware of  them. All good

It looks like you'll need to do a very thorough cleaning of MS Edge to remove this entry. We can do some automated clean up but it may not find and remove that entry.

Please go through ALL the settings in MS Edge and clean up cookies, cache, history, etc then retest and see if having the issue. @Comet

 

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you