Muraly
-
Posts
1 -
Joined
-
Last visited
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Malicious Website Blocked
in Website Blocking
Posted
Hello Guys,
I'm receiving pop up message as shown below in my windows server 2012 machine.
Logs :
Detection, 5/31/2016 8:09 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 208.100.26.234, ns2.honeybot.us, 64571, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.221, 65180, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.221, 63706, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.36, 65180, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.36, 64807, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 8:10 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.36, 63706, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 8:11 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 94.242.206.221, 64807, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:04 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63902, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:04 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63902, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:05 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63306, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:13 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 49287, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:25 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Domain, 89.145.103.61, ns2.gwesystems.com, 64752, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:25 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Domain, 89.145.103.61, ns2.gwesystems.com, 64752, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:25 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Domain, 89.145.103.61, ns2.gwesystems.com, 63713, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:29 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 65177, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:45 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 65089, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:47 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 64221, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 9:47 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 64019, Outbound, C:\Windows\System32\dns.exe,
Update, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Scheduler, IP Database, 2016.5.27.3, 2016.5.30.1,
Update, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Scheduler, Domain Database, 2016.5.29.1, 2016.5.30.3,
Update, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Scheduler, Malware Database, 2016.5.30.4, 2016.5.30.7,
Protection, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Protection, Refresh, Starting,
Protection, 5/31/2016 9:51 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Stopping,
Protection, 5/31/2016 9:52 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Stopped,
Protection, 5/31/2016 9:52 AM, SYSTEM, PKSHQINF01, Protection, Refresh, Success,
Protection, 5/31/2016 9:52 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, Started,
Detection, 5/31/2016 9:56 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 80.77.81.89, 64421, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 10:03 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 109.163.226.148, 64209, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 10:04 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 64135, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 10:05 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 148.81.111.111, sinkhole.cert.pl, 63241, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 10:09 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 64386, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 10:09 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 63591, Outbound, C:\Windows\System32\dns.exe,
Detection, 5/31/2016 10:11 AM, SYSTEM, PKSHQINF01, Protection, Malicious Website Protection, IP, 122.228.198.140, 63450, Outbound, C:\Windows\System32\dns.exe,
How do i solve this issue ?
Please assist,
Rgds,
Muraly
30 May Daily Protection Logs.txt
31 May Daily Protection Logs.txt