Constantly seeing website blocked due to malware, cant access sites, chrome

[Netalya]

Constantly seeing website blocked due to malware, cant access most sites on chrome saying that:

Your connection is not private

Attackers might be trying to steal your information from XXXXX

 

This is preventing me from going to most sites. Seems to be a SSL certificate issue?

 

Here is the message i get in malware bytes every 10-30 seconds: 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/16/22
Protection Event Time: 3:59 PM
Log File: 89c7ef28-7d84-11ed-9692-bcaec574bf19.json

-Software Information-
Version: 4.5.19.229
Components Version: 1.0.1860
Update Package Version: 1.0.63489
License: Trial

-System Information-
OS: Windows 10 (Build 19045.2364)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Windows\System32\rundll32.exe, Blocked, -1, -1, 0.0.0, , 

-Website Data-
Category: Malware
Domain: 
IP Address: 51.195.169.87
Port: 8080
Type: Outbound
File: C:\Windows\System32\rundll32.exe

(end)

 

Nothing comes up on a scan.

 

This is greatly affecting my work, and I fear ill have to do a full reinstall? I'd rather not if we can fine a fix.

 

Thank you massively for any assistance!

 

 

Malware bytes log dec 16.txt

[MKDB]

Hello @Netalya  and 

 

My name is MKDB and I will assist you.

 

 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

• Please follow the steps in the given order and post back the log files.
• Please copy and paste all log files into your post.
• Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
• Only run the tools I guide you to. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
• As English is not my native language, please do not use slang or idioms. It may be hard for me to understand.
• If you do not respond within 4 days, your topic will be closed.
• Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also a big source of current trojan infections. If you are running any kin of illegal software on your system, please uninstall them now, before we start the cleaning procedure.

 

 

Step 1

Please download the suitable version of Farbar Recovery Scan Tool (FRST) and save it to your desktop: 32bit | 64bit

• If your computer language is other than English, right click on the FRST icon and rename it to FRST64english.
• Double-click to run it.
• If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option.
• When the tool opens, click Yes to disclaimer.
• Check the box in front of Shortcut.txt.
• Press the Scan button.
• FRST will create three logs (FRST.txt + Addition.txt + Shortcut.txt) in the same directory the tool is run.
• Please attach these logfiles to your next reply.

 

 

 

[Netalya]

Scanned and attached. Thank you so so very much for lending assistance!

 

FRST.txt Shortcut.txt Addition.txt

[MKDB]

Thank you @Netalya.

 

Please run the following fix with FRST and attach the logfile.

Moreover, I would like you to report back if MBAM is still blocking rundll.

 

 

Step 1

• Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\natas\Downloads\ ).

Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

• Close all open programs and save your work.
• Run FRST again.
• Press the FIX button only once and wait. Please be patient and do not interfere, even if FRST does not respond for some time. That's nothing to worry about.
• Please note: This Fix will remove all temporary files and empty recycle bin.
• If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart.
• FRST will create one log now (Fixlog.txt) in the same directory the tool is run.
• Please attach this logfile to your next reply.

 

 

fixlist.txt

[MKDB]

Due to the lack of feedback, I do not follow this topic any longer.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection.

Thank you.