Unusual network pop up


Recommended Posts

xMorpheousx416

I have yet to see this before. 

 

It just appeared onscreen out of nowhere.. and since all AV scans are zip, and the only useful thing I could find out about it is "make sure it's coming from the System32 folder".. and it is.

 

So.. question remains, what would cause this to suddenly appear?

Untitled.png

Link to post
Share on other sites
+Dick Montage

Any new RDP software? 

Link to post
Share on other sites
Matthew S.
1 hour ago, xMorpheousx416 said:

I have yet to see this before. 

 

It just appeared onscreen out of nowhere.. and since all AV scans are zip, and the only useful thing I could find out about it is "make sure it's coming from the System32 folder".. and it is.

 

So.. question remains, what would cause this to suddenly appear?

Untitled.png

A quick google of the name "gigajew" and i found a github repo of a "retired" malware author.

Link to post
Share on other sites
Circaflex

Yup, that's malware. Any odd entries under startup? What about the startup folder? What scans have you run so far?

Link to post
Share on other sites
xMorpheousx416

I appreciate the replies... I'll go back and restart some scans again.

From what I read, it's supposed to be in the System32 folder, and it is. If it comes from any other location it's more than likely malware... but, I digress.

 

Once I figure out why the latest patch Tuesday has all kinds of "in your face" bugs. Recycle bin disappearing, icons in Explorer are white/blank now... have to refresh the desktop just to see any icons.

 

I seriously mistrust any QA dept that misses something that effects the desktop.. I mean, it's literally In. Your. Face.

On 07/03/2021 at 18:13, Dick Montage said:

Any new RDP software? 

No.

 

On 07/03/2021 at 21:16, Circaflex said:

Yup, that's malware. Any odd entries under startup? What about the startup folder? What scans have you run so far?

Unconfirmed. Malwarebytes shows nothing, their adware companion shows nothing.

 

However, I will start all this fresh once I figure out what's causing my icon issues now that I've updated to .867.

Link to post
Share on other sites
+warwagon

Open process explorer 

 

https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

 

Then click on the bullseye icon (The one to the right of the binoculars) image.png.ebcab683757a7789b334ff538a4d583d.png

 

Then drag it over that window and it should tell you the executable in question. Once you know the name of the program then you can use a program such as autoruns to find it's startup entry in the system. It could also be setup as a task.

 

https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

 

Once you find the executable look at the date of the file and see when it arrived on your system. Then possibly do a system restore back about a month.

  • Like 1
Link to post
Share on other sites
Elliot B.
39 minutes ago, xMorpheousx416 said:

I appreciate the replies... I'll go back and restart some scans again.

From what I read, it's supposed to be in the System32 folder, and it is. If it comes from any other location it's more than likely malware... but, I digress.

 

Once I figure out why the latest patch Tuesday has all kinds of "in your face" bugs. Recycle bin disappearing, icons in Explorer are white/blank now... have to refresh the desktop just to see any icons.

 

I seriously mistrust any QA dept that misses something that effects the desktop.. I mean, it's literally In. Your. Face.

No.

 

Unconfirmed. Malwarebytes shows nothing, their adware companion shows nothing.

 

However, I will start all this fresh once I figure out what's causing my icon issues now that I've updated to .867.

I doubt it's the updates causing those issues.

Link to post
Share on other sites
Brandon H
1 minute ago, Elliot B. said:

I doubt it's the updates causing those issues.

agreed; sounds like you're facing system file corruption somewhere and that could be causing your main issue as well.

 

might want to run an SFC disk check and DISM health check or think about reinstalling soon

  • Like 1
Link to post
Share on other sites
shockz

I'd honestly wipe and reinstall. You don't know what it is, it's not a Microsoft process, googling it shows it to be malware.... time to start fresh. I'd have started fresh as soon as you started having the other system issues. 

Link to post
Share on other sites
xMorpheousx416
Posted (edited)

Thanks for the replies.

 

I cannot find anything on Google any more. The first time it popped up, I read an article saying it's legit, if it's in the System32 folder. 

 

However, I can now no longer find this on the system at all... any where. All scans showed negative except for some WinMonitor-7977.. and again, nothing on Google about that. 

 

Malwarebytes removed it, and after a 2 hr long heuristics scan, nothing else was found.

 

3 hours ago, shockz said:

I'd honestly wipe and reinstall.

May be. But that's not going to happen until the final round.

 

I will scan, fix, repair, and troubleshoot to the end. I don't use System Restore, so if and if it ever comes to that, I'll reinstall Windows alone before I go about wiping the system.  On my 1TB NVMe boot drive, 600GB of that is Windows and app installs... it takes a long time to get it to that state installing everything from scratch.

 

I did that when I was forced to after upgrading just a couple months ago... and that was from a system that went from XP to 7 to Win 10 thru upgrades and stayed stable the entire time. 

 

Besides,... like I tell everyone.. unless you know what caused the problem, you're likely to hit it head on again. ;)

 

As far as the issues I had with the updates, those went away after a scannow and a reboot. (so far)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.