Hi,
out website https://basicland.cz/ shows that we have trojan. Could you tell us, what can we do? I do not know about anything bad at our website.
There are logs.
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum události ochrany: 08.10.20
Čas události ochrany: 21:41
Logovací soubor: 3e685d08-099e-11eb-bc50-5404a63b9d82.json
-Informace o softwaru-
Verze: 4.2.1.89
Verze komponentů: 1.0.1061
Aktualizovat verzi balíku komponent: 1.0.30996
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 19041.508)
CPU: x64
Systém souborů: NTFS
Uživatel: System
-Podrobnosti o zablokovaném webu-
Škodlivý web: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Zablokováno, -1, -1, 0.0.0, ,
-Údaje o webu-
Kategorie: Trojský kůň
Doména: basicland.cz
IP Adresa: 104.28.22.29
Port: 443
Typ: Odchozí
Soubor: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(end)
10/08/20 " 21:41:22.033" 1513515 15e8 07ac INFO MwacLib MwacLibImpl::InvokeBlockCallback "mwaclibimpl.cpp" 1097 "Connection blocked! ProcessId=10288 ProcessPath=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Domain=basicland.cz Address=104.28.22.29 Port=443 Category=Trojan Direction=Outbound ReportOnly=0 ListName=domainblocklist"
10/08/20 " 21:41:22.034" 1513515 15e8 07ac INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InvokeBlockNotificationCallback "mwaccontrollerimplhelper.cpp" 2181 "Block notification callback 'basicland.cz' '104.28.22.29' 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe'"
10/08/20 " 21:41:22.034" 1513515 15e8 07ac INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InvokeBlockNotificationCallback "mwaccontrollerimplhelper.cpp" 2182 "AppDetectionNotification=F, BlockNotification=T"
10/08/20 " 21:41:22.158" 1513640 15e8 07ac INFO MWACControllerCOM CMWACController::WebsiteBlockedNotificationCallback "mwaccontroller.cpp" 1574 "Malicious Website Protection, domainblocklist, 104.28.22.29, basicland.cz, 443, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
10/08/20 " 21:41:22.158" 1513640 15e8 22cc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InvokeBlockNotificationCallbackImpl "mwaccontrollerimplhelper.cpp" 2284 "Block notification callback impl 'basicland.cz' '104.28.22.29' 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe'"
10/08/20 " 21:41:22.163" 1513640 15e8 22cc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::GetDetectedFileDetails "mwaccontrollerimplhelper.cpp" 2268 "White list disposition (0) for 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe'"
10/08/20 " 21:41:22.417" 1513890 15e8 22c8 INFO MWACControllerCOM CMWACController::TelemetryDataCallbackV3 "mwaccontroller.cpp" 2013 "Successfully sent the block event data to telemetry server."
10/08/20 " 21:41:27.848" 1519328 15e8 20bc WARNING HttpConnection mb::common::net::HttpConnection::SendRequest "httpconnection.cpp" 409 "HTTP POST - SSL error"
10/08/20 " 21:41:27.848" 1519328 15e8 20bc WARNING HttpConnection mb::common::net::HttpConnection::LogExceptionDetails "httpconnection.cpp" 1768 "Exception details: text=SSL connection unexpectedly closed"
10/08/20 " 21:41:27.849" 1519328 15e8 20bc WARNING TelemCtrlImpl TelemetryControllerImpl::SendTelemetryRecord "telemetrycontrollerimplhelper.cpp" 2088 "Problem sending JSON data to DSE stream [mwac] - server returned: -8"