Results 1 to 10 of 23

Thread: Something's Trying to Get Out 2

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Aug 2018
    Posts
    26

    Default Something's Trying to Get Out 2

    My earlier thread is closed.

    I have not used this PC much since we finished that thread about 5 days ago.

    Tonight I got a pop-up from K9 that it had blocked outgoing traffic of some sort. These are tough to catch because the behavior gets blocked, I see a pop-up, and then it goes away. You have to click them fast.

    I clicked this one. I attached a screen capture of the K9 info screen that it took me to. I know nothing of the website listed, and certainly didn't try to go there (and I've barely clicked anything at all since I sat down here a few minutes ago).
    Attached Images Attached Images

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,777

    Default

    Not finding much of anything to say it's actually malicious, which browser was loaded at that time?

    Sometimes these come in as false positives. Not saying thats the case here but we'll do some searching.

    Use your onboard antivirus to do a full scan.
    If anything is found can you post the log from this?
    ~~~
    Next

    Farbar Recovery Scan Tool (FRST) Scan
    • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) andsave the file to your Desktop.
    • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
    • Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
    • Click Yes to the disclaimer.
    • Ensure the Addition.txt box is checked.
    • Click the Scan button and let the programme run.
    • Upon completion, click OK, then OK on the Addition.txt pop up screen.
    • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Aug 2018
    Posts
    26

    Default Will Get Back to You in 48 Hours

    I was running 3 browsers at the time: Firefox, Chrome, and Opera. I will try and not have more than one open at a time for a while, and see if I can isolate these warnings to one of them.

    ********************************

    I will run my antivirus and get back to you.

    I will then run FRST. Do note that we don't have a log from this made after the last round of fixes, only from before.

    The next two days are kind of crazy. No guarantee I will get this done before Thursday evening, but I'll try.

  4. #4
    Junior Member
    Join Date
    Aug 2018
    Posts
    26

    Default One More Thing

    When you said this could be a false positive, do you think that this might be some sort of link to the outside that's activated by just browsing to a certain webpage? And it's caught by K9 because it is on their internal blacklist (or not on their whitelist)?

    I guess what I'm wondering is could I be getting false positives from K9 due to passive rather than active behavior on my part?

  5. #5
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,777

    Default

    Quote Originally Posted by BooBounder View Post
    When you said this could be a false positive, do you think that this might be some sort of link to the outside that's activated by just browsing to a certain webpage? And it's caught by K9 because it is on their internal blacklist (or not on their whitelist)?

    I guess what I'm wondering is could I be getting false positives from K9 due to passive rather than active behavior on my part?
    I will then run FRST. Do note that we don't have a log from this made after the last round of fixes, only from before.
    Yes, I would like to have a fresh log from FRST.

    Heres my thoughts
    You have an application on your computer that reaches out to connect for updates, could be by using an add-blocker could stop it from activating, could be a specific web site with an embedded url.....
    Could be an old outdated list from K9, I just don't know.
    If we run all new/fresh scans and we don't find anything, hate to admit being kinda lost about it.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #6
    Junior Member
    Join Date
    Aug 2018
    Posts
    26

    Default Still Waiting

    I have been running a full scan with Windows Defender. It is taking a long time. I'm being patient with it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •