Prochedary
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Prochedary
-
-
Hi,
out website https://basicland.cz/ shows that we have trojan. Could you tell us, what can we do? I do not know about anything bad at our website.
There are logs.
Malwarebytes www.malwarebytes.com -Podrobnosti logovacího souboru- Datum události ochrany: 08.10.20 Čas události ochrany: 21:41 Logovací soubor: 3e685d08-099e-11eb-bc50-5404a63b9d82.json -Informace o softwaru- Verze: 4.2.1.89 Verze komponentů: 1.0.1061 Aktualizovat verzi balíku komponent: 1.0.30996 Licence: Zkušební -Systémová informace- OS: Windows 10 (Build 19041.508) CPU: x64 Systém souborů: NTFS Uživatel: System -Podrobnosti o zablokovaném webu- Škodlivý web: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Zablokováno, -1, -1, 0.0.0, , -Údaje o webu- Kategorie: Trojský kůň Doména: basicland.cz IP Adresa: 104.28.22.29 Port: 443 Typ: Odchozí Soubor: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) 10/08/20 " 21:41:22.033" 1513515 15e8 07ac INFO MwacLib MwacLibImpl::InvokeBlockCallback "mwaclibimpl.cpp" 1097 "Connection blocked! ProcessId=10288 ProcessPath=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Domain=basicland.cz Address=104.28.22.29 Port=443 Category=Trojan Direction=Outbound ReportOnly=0 ListName=domainblocklist" 10/08/20 " 21:41:22.034" 1513515 15e8 07ac INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InvokeBlockNotificationCallback "mwaccontrollerimplhelper.cpp" 2181 "Block notification callback 'basicland.cz' '104.28.22.29' 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe'" 10/08/20 " 21:41:22.034" 1513515 15e8 07ac INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InvokeBlockNotificationCallback "mwaccontrollerimplhelper.cpp" 2182 "AppDetectionNotification=F, BlockNotification=T" 10/08/20 " 21:41:22.158" 1513640 15e8 07ac INFO MWACControllerCOM CMWACController::WebsiteBlockedNotificationCallback "mwaccontroller.cpp" 1574 "Malicious Website Protection, domainblocklist, 104.28.22.29, basicland.cz, 443, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 10/08/20 " 21:41:22.158" 1513640 15e8 22cc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::InvokeBlockNotificationCallbackImpl "mwaccontrollerimplhelper.cpp" 2284 "Block notification callback impl 'basicland.cz' '104.28.22.29' 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe'" 10/08/20 " 21:41:22.163" 1513640 15e8 22cc INFO MwacControllerImpl mb::mwaccontrollerimpl::MwacControllerImpl::GetDetectedFileDetails "mwaccontrollerimplhelper.cpp" 2268 "White list disposition (0) for 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe'" 10/08/20 " 21:41:22.417" 1513890 15e8 22c8 INFO MWACControllerCOM CMWACController::TelemetryDataCallbackV3 "mwaccontroller.cpp" 2013 "Successfully sent the block event data to telemetry server." 10/08/20 " 21:41:27.848" 1519328 15e8 20bc WARNING HttpConnection mb::common::net::HttpConnection::SendRequest "httpconnection.cpp" 409 "HTTP POST - SSL error" 10/08/20 " 21:41:27.848" 1519328 15e8 20bc WARNING HttpConnection mb::common::net::HttpConnection::LogExceptionDetails "httpconnection.cpp" 1768 "Exception details: text=SSL connection unexpectedly closed" 10/08/20 " 21:41:27.849" 1519328 15e8 20bc WARNING TelemCtrlImpl TelemetryControllerImpl::SendTelemetryRecord "telemetrycontrollerimplhelper.cpp" 2088 "Problem sending JSON data to DSE stream [mwac] - server returned: -8"
False positive
in Website Blocking
Posted
Oh, ok. I removed it. It will be ok now?