VanillaHaze 0 Posted November 8, 2020 Share Posted November 8, 2020 It started a few days ago when I downloaded a VPN app, where I would get notification intermittently but for the past two hours or so i've been receiving messages continuously, such as in the attached files. I thank eset for blocking these connection (though I dread to think how many haven't been caught out) but what can I do to get rid them once and for all? I know for a fact it started when I downloaded the app as it started shortly after. Additionally i've noticed my laptop getting hot and power being used more quickly than usual, not sure if that's anything to do with this but how can I get rid of this from the root of the problem? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,404 Posted November 9, 2020 Administrators Share Posted November 9, 2020 All domains seems to be ad-related and the actual domain registrant is unknown (Registrant Organization: GLOBAL DOMAIN PRIVACY SERVICES INC). Do you use a free VPN that might deliver ads? Link to comment Share on other sites More sharing options...
VanillaHaze 0 Posted November 9, 2020 Author Share Posted November 9, 2020 33 minutes ago, Marcos said: All domains seems to be ad-related and the actual domain registrant is unknown (Registrant Organization: GLOBAL DOMAIN PRIVACY SERVICES INC). Do you use a free VPN that might deliver ads? I forgot to add - downloaded the free VPN app about 4/5 days ago... then I uninstalled it 3 days ago when this annoyance that came with it became more prominent. But these suspicious outbound connections never stopped. I imagine there's some hidden file they've left behind on my system. I've used this app before on a vm and the same thing happened then but gave them a benefit of a doubt as i wasn't certain, now i know it's the source. Besides eset scan, I tried using superantispyware, hitman pro and malwarebytes to try and clear out the gunk. Sadly none of them worked, so I don't know what to try next. My main concern is assessment of something more nefarious like a keylogger Link to comment Share on other sites More sharing options...
Administrators Marcos 5,404 Posted November 9, 2020 Administrators Share Posted November 9, 2020 Please provide logs collected with ESET Log Collector. Link to comment Share on other sites More sharing options...
itman 1,786 Posted November 9, 2020 Share Posted November 9, 2020 14 hours ago, VanillaHaze said: Additionally i've noticed my laptop getting hot and power being used more quickly than usual, Open Window Task Manager or Process Explorer if you have downloaded it previously. Keep an eye on your CPU usage %; especially when you have a browser open. Possibly, whatever you downloaded previously VPN wise might have installed a coin miner. Link to comment Share on other sites More sharing options...
VanillaHaze 0 Posted November 9, 2020 Author Share Posted November 9, 2020 12 hours ago, Marcos said: Please provide logs collected with ESET Log Collector. OK I have done that. Am I supposed to send the log to the technical support now? Link to comment Share on other sites More sharing options...
VanillaHaze 0 Posted November 9, 2020 Author Share Posted November 9, 2020 (edited) 6 hours ago, itman said: Open Window Task Manager or Process Explorer if you have downloaded it previously. Keep an eye on your CPU usage %; especially when you have a browser open. Possibly, whatever you downloaded previously VPN wise might have installed a coin miner. I don't understand how my browser is using so much memory on an 8gb system. I have one window and 4 tabs open, so I don't get why there are 11 open connections. Like is pic 1 Also whilst on the subject of logs, I checked a normal scan on eset and i'm getting a lot of entries on the log saying that certain items can't be opened Is this normal? Edited November 9, 2020 by VanillaHaze Link to comment Share on other sites More sharing options...
itman 1,786 Posted November 9, 2020 Share Posted November 9, 2020 (edited) 4 hours ago, VanillaHaze said: I don't understand how my browser is using so much memory on an 8gb system. I have one window and 4 tabs open, so I don't get why there are 11 open connections. Like is pic 1 I also have 8GB memory installed on a very old system. Below is what FF uses with 4 tabs open: So you're using approx. double the amount of memory I am. However, note that FF memory usage is dependent upon what those tabbed web pages are displaying. 4 hours ago, VanillaHaze said: Also whilst on the subject of logs, I checked a normal scan on eset and i'm getting a lot of entries on the log saying that certain items can't be opened Is this normal? Yes. I also see from your screen shot that AntiLogger is running. There could be real-time scanning conflicts with it and Eset. Additionally, it appears MalwareBytes real-time scanning is also running. There are known conflicts with it and Eset real-time scanning. Bottom line - your system resources might be depleted from all the additional security software you are running. Edited November 10, 2020 by itman Link to comment Share on other sites More sharing options...
Administrators Marcos 5,404 Posted November 10, 2020 Administrators Share Posted November 10, 2020 You can upload ELC logs here. Only ESET staff can access attachments. As itman correctly pointed out, uninstall Malwarebytes or keep it as a second-opinion on-demand scanner without real-time protection and other drivers. Link to comment Share on other sites More sharing options...
Recommended Posts