dfantum
-
Posts
3 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by dfantum
-
-
Inserted & attached.
It includes my attempts to start & stop protection to see what was going on.
Detection, 8/18/2016 4:37 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, xtscorp.com, 53813, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:37 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, xtscorp.com, 53813, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:37 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, xtscorp.com, 53812, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Update, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Manual, Rootkit Database, 2016.8.9.1, 2016.8.15.1,
Update, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Manual, IP Database, 2016.8.11.1, 2016.8.18.1,
Update, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Manual, Malware Database, 2016.8.15.8, 2016.8.18.9,
Update, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Manual, Domain Database, 2016.8.15.5, 2016.8.18.9,
Protection, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Protection, Refresh, Starting,
Protection, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Stopping,
Protection, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Stopped,
Protection, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Protection, Refresh, Success,
Protection, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Starting,
Protection, 8/18/2016 4:38 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Started,
Detection, 8/18/2016 4:39 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, www.xtscorp.com, 54156, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:39 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, www.xtscorp.com, 54156, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:39 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, www.xtscorp.com, 54157, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:40 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, www.xtscorp.com, 54164, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:40 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, www.xtscorp.com, 54163, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,
Detection, 8/18/2016 4:40 PM, SYSTEM, KE-SRVR01, Protection, Malicious Website Protection, Domain, 127.42.0.0, www.xtscorp.com, 54164, Outbound, C:\Program Files (x86)\Internet Explorer\iexplore.exe,(end)
-
xtscorp.com (173.201.63.128) is blocked on a machine at one site
If I try from my machine it lands at the site.
If I try the remote machine malwarebytes blocks it.
Both machines are running the same version and have the same updates.
Any clue as to why this is happening.
173.201.63.128
in Website Blocking
Posted
Had to purge DNS after first detection as the cache for xtscorp.com was set to the loopback (127.42.0.0).
Again, from my desktop I don't get blocked.
Finally had to exclude the ip (172.201.63.128) to get it to work on the remote system.
Very confusing...