Jump to content

Reoccurring Outbound Block from Explorer.exe


Go to solution Solved by Maurice Naggar,

Recommended Posts

Hi, @SteveDoyle:welcome: My name is Maurice. I will guide you.

  • Removing pesky malware can be an involved set of tasks over separate runs. Have much patience. Follow my directions. 
  • Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Only run the tools I guide you to.
  • Do not run online games while case is on-going. Do not do any free-wheeling web-surfing.
  • The removal of malware isn't instantaneous, please be patient.
  • Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure.
  • Please stick with me until I give you the "all clear".
  • If your system is running Discord, please be sure to Exit out of it while this case is on-going.

    Do these 2 steps so that ALL folders & Files are set to SHOW, plus also, Turn OFF Windows Fast start.
    Show-Hidden-Folders-Files-Extensions
    https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/

    Disable-Fast-Startup
    https://forums.malwarebytes.com/topic/299350-disable-fast-startup/

  • I will have a further reply for you, after I have sufficient time to look at and digest your reports. Have plenty of patience,

  • Also, be aware, that the "block notices" mean any potential threat was "stopped". It means Malwarebytes is protecting the system.

Link to post
Share on other sites

Perform a Clean Boot in Windows 11 to Troubleshoot Software Conflicts
See this link
This machine seems to have lots of games. We need to not have "games" auto-started each time that Windows is started. Same thing for any application that is not a must have, at each Windows launch. Let us keep it basic with just Norton, Malwarebyes, the necessary network & security apps. By setting a clean boot startup we can eventually isolate the source of potential conflict. Let me know when this is done.

Link to post
Share on other sites

  • Solution

Please run the following custom script. Read all of this before you start. The meaning of the "Fix button" operation here is just to run a custom script just for this particular machine.

NOTE-1:  This custom fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It insures that any leftover of the rogue "SystemSecurity" task is removed. It will attempt to clear Cache files of web browsers.  It will attempt to clear temporary file areas. It rebuilds the Winsock. Depending on the speed of your computer this fix may take 50-55 minutes or more.

Please Close all open work before you actually do begin this run.

 FRSTENGLISH,exe  program location:   Downloads folder. The tool is already on system. That is what we will use.

Please download the attached fixlist.txt file and save it to Downloads folder

Fixlist.txt <- < - - - -

NOTE. It's important that both files, FRSTENGLISH, and fixlist.txt are in the same location or the fix will not work.

Right-click with your mouse on  FRSTENGLISH and select "Run as Administrator" and reply Yes and allow it to proceed when prompted. That is important.

next, press the Fix button just once and wait.

You will see a green-color scroll display while FRST is running.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Downloads folder (Fixlog.txt) . Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

The system will be rebooted after the fix has run. Attach FIXLOG.txt with next reply.

NOTICE: For potential outside readers,  This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause harm.

Link to post
Share on other sites

The custom-run is good. The Windows System File Checker has made some corrections.

Windows Resource Protection found corrupt files and successfully repaired them.
This last run has completed what was originally intended. 

For when you have some quiet time. Open an elevated Command window i.e. run Command Prompt as an administrator .

On the Taskbar Search box, type in

cmd.exe


click the line for "run as administrator"


It is best to use the Windows Copy ( CTRL+ C )  and paste  ( CTRL+V )  for the whole line, as-is
On that Command prompt,  Copy & Paste this command

DISM.exe /Online /Cleanup-image /restorehealth

press Enter-key on keyboard   and watch & write down the result

Link to post
Share on other sites

  • 1 month later...

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.