Jump to content

Trojaner ? outgoing connection from /temp/ and random name like xkns2df3.tmp

Recommended Posts

Guest Tmpoo


i have outgoing connections from a generic "sa7d21.tmp" file. It is located at windows/temp/.
The name of that .tmp is changing. 
I'am using training mode on eset. I have checked the whois Ip and it's pointed to cloudflare. (i will post the next ip and port)

So i'am using NordVpn and there is sometimes a combination, if i start nordvpn and a new .tmp file rule.

This is weird, it looks like nordvpn is spying on me but i cant find anything on google for that.

So this is for sure a trojaner/spyware or not ?

best regards



Link to comment
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...