Jump to content

Can someone please help me identify what is triggering these alerts?


Recommended Posts

Hello MalwareBytes community, Chris here... programmer.

I'm new into MalwareBytes, and I need to identify which mechanisms are triggering these alerts:

I'm using a computer... a network actually, which is partially facing internet. Firewalls and strong end point monitoring + cloud backup syncronization tools... Windows 11 Pro, Windows 10... some Debian. All the LAN is managed with whitelist and strong encryption.

________________________________________________________________________________

These particular alerts are comming from a new, fresh nvme, Windows 11 Home unactivated. Could you please adivice how to see the packet? or gather more information in these events? Any additional detection / security capabilities?

________________________________________________________________________________

image.png.7c1abdc7835cd9b5bfa9341b8aaf8dc8.png

________________________________________________________________________________

image.png.45e70a4e499624110eddffff335203f2.png

________________________________________________________________________________

image.png.47f28270e0b03e85b40586a78d449e6f.png

________________________________________________________________________________

Could you recommend any tool or MalwareBytes function in order to expand the details of these detection patterns? What exactly is happening?

We used Wireshark to monitor all traffic over that network, and we filtered the detected IPs, some kind on SYN packet from Italy was observed with some anomalies, but no further exploration was conducted.

Any help would be appreciated!!

Kind regards;

Chris

image.png.47f28270e0b03e85b40586a78d449e6f.png

Link to post
Share on other sites

@chrusso

Let's get the info to get the process started. Be aware it will take many steps and scans to fully remove pesky malware.

Please respond to all future instructions from your helper in a timely manner.

Please do the following so that we may take a closer look at your system for any possible infections.

Do these 2 steps FIRST so that files and folders are set to SHOW, plus also, Turn OFF Windows Fast Start.
Show-Hidden-Folders-Files-Extensions
https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/

Disable-Fast-Startup
https://forums.malwarebytes.com/topic/299350-disable-fast-startup/

Then please restart the computer and do the following.

WARNING: Do Not click the Repair option under Advanced unless requested by a Malwarebytes support agent or authorized helper

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool. The tool also downloads and runs a file called FRSTEnglish. Please allow it to run.
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • image.png.79d4442a821713608fa60808a98c2e69.png
  • image.png.98d86a6c3017d2bbba48877ea4f6ba45.png
  • A zip file named mbst-grab-results.zip will be saved to the Desktop or on the hidden Public desktop (usually C:\Users\Public\Desktop), please upload that file on your next reply

    Then be patient for the next expert to take your case.

Thank you

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.