Mysterious Connection to Internet Requests

[gmosley]

Every day I encounter a similar popup message from my Firewall. A Windows something (i.e. Company: Microsoft) is trying to connect to the internet. The source executable, while usually different each day, is always located in C:\Users\Me\AppData\Local\Temp.
Since it's Microsoft, I assume it has something to do with Windows 7 so I click "Allow". Anybody know if this is risky or not? Is there any way I canavoid these daily prompts?

 

[zigzag3143]

Every day I encounter a similar popup message from my Firewall. A Windows something (i.e. Company: Microsoft) is trying to connect to the internet. The source executable, while usually different each day, is always located in C:\Users\Me\AppData\Local\Temp.
Since it's Microsoft, I assume it has something to do with Windows 7 so I click "Allow". Anybody know if this is risky or not? Is there any way I canavoid these daily prompts?

Be cautious. Any file can claim to be microsoft. The location of that file (in temp) and the fact that it changes makes me suspicious.

I would run a thorough anti virus scan.


Ken

 

[severedsolo]

without some more info on whats requesting access i cant say if its safe or not, but if you want to stop it then just tell your firewall to deny it access (this varies from firewall to firewall but it is usually found under an option similar to Program Control or Outbound Rules)

 

[richc46]

You have been given excellent advice. Zigzag's suggestion should be taken immediately, to avoid bigger problems. In addition, I would suggest that you download and use this software Malwarebytes.org. It is the free version, which can be used to scan your computer for nasties, which may not be a virus but other malware. I have suggested this to many posters and they have reported back that they did find malware on their computer which was removed, by malwarebytes.

In addition to malwarebytes, I use software know as Win Patrol, uses little resources and works quietly in the background. It is different from other protection software as it takes a picture of your HD, when installed, and will notify you of any changes, if unautorized you can investigate and take protective action. I, as all the members, wish you happy and safe surfing.
BillP Studios - WinPatrol 2010

 

[Lordbob75]

There are 2 details to this that make me pretty sure it is a malicious software:
1) It comes from the Temp Folder
2) It is different every day

I would immediately purge your temp file then empty your recycle bin. Run Malwarebytes (as suggested above) and any other AV software you have. Clean it out good.
Since there is no knowing what the software was intended to do, changing your passwords on any and all important or financial sites/programs.

This very well could have compromised all your data.

~Lordbob

 

[Bare Foot Kid]

There are 2 details to this that make me pretty sure it is a malicious software:
1) It comes from the Temp Folder
2) It is different every day

I would immediately purge your temp file then empty your recycle bin. Run Malwarebytes (as suggested above) and any other AV software you have. Clean it out good.
Since there is no knowing what the software was intended to do, changing your passwords on any and all important or financial sites/programs.

This very well could have compromised all your data.

~Lordbob

That is a dead giveaway.

 

[motc7]

There are 2 details to this that make me pretty sure it is a malicious software:
1) It comes from the Temp Folder
2) It is different every day

I would immediately purge your temp file then empty your recycle bin. Run Malwarebytes (as suggested above) and any other AV software you have. Clean it out good.
Since there is no knowing what the software was intended to do, changing your passwords on any and all important or financial sites/programs.

This very well could have compromised all your data.

~Lordbob

Dead on. Upped rep. Anything trying to execute everyday from the temp folder no matter where on the HD is a flag saying "Come disinfect me I have interwebz disease."

 

[Lordbob75]

That is a dead giveaway.

Dead on. Upped rep. Anything trying to execute everyday from the temp folder no matter where on the HD is a flag saying "Come disinfect me I have interwebz disease."

Thanks for the rep.

That wasn't so much a red flag as it was like:
View attachment 1268509433

~Lordbob

 

[motc7]

That is a dead giveaway.

Dead on. Upped rep. Anything trying to execute everyday from the temp folder no matter where on the HD is a flag saying "Come disinfect me I have interwebz disease."

Thanks for the rep.

That wasn't so much a red flag as it was like:
View attachment 1268509433

~Lordbob

yep. this guy knows about traps.

 

[Jacee]

Good advice Lordbob75

 

[Lordbob75]

Good advice Lordbob75

Thanks Jacee

~Lordbob

 

[hackerman1]

i agree with the advice above, but i suggest to also get a-squared FREE:
a-squared Free - Free of charge Anti-Virus, Anti-Trojan, Anti-Spyware, Anti-Dialer and Anti-Worm Software - Freeware!

it has better detection rate then malwarebytes, so run both and see what they find.

 

[Lordbob75]

i agree with the advice above, but i suggest to also get a-squared FREE:
a-squared Free - Free of charge Anti-Virus, Anti-Trojan, Anti-Spyware, Anti-Dialer and Anti-Worm Software - Freeware!

it has better detection rate then malwarebytes, so run both and see what they find.

Microsoft Security Essentials would be a good choice as well.

~Lordbob

 

[Bare Foot Kid]

If the first removes the evilware then it won't be there for the second to find.

 

[Lordbob75]

If the first removes the evilware then it won't be there for the second to find.

No harm in scanning again and again!

~Lordbob

 

[Bare Foot Kid]

If the first removes the evilware then it won't be there for the second to find.

No harm in scanning again and again!

~Lordbob

Yeah I thought about scanning only and not "fixing" the first go around after I posted that.

 

[Lordbob75]

If the first removes the evilware then it won't be there for the second to find.

No harm in scanning again and again!

~Lordbob

Yeah I thought about scanning only and not "fixing" the first go around after I posted that.

Well, even if you fix it the first time, a second scan is good in case of some really nasty malware that moves itself around and refuses to be deleted (have seen it happen)

~Lordbob

 

[gmosley]

Thanks, all. Deleted all Temp folders and ran Malware program as suggested - reported 7 hits which I deleted. Also removed a suspicious entry from my Firewall permissions.
Now, we'll see...

 

[Bare Foot Kid]

Are you going to try a second AV scanner?

 

[Lordbob75]

Thanks, all. Deleted all Temp folders and ran Malware program as suggested - reported 7 hits which I deleted. Also removed a suspicious entry from my Firewall permissions.
Now, we'll see...

Good to hear, and thanks for the update.

May want to run another scan to see if its still there.

~Lordbob