Jump to content

Multiple outbound malicious connections

tgoodmannz
 Share

Recommended Posts

tgoodmannz

tgoodmannz

Posted
Posted

I am seeing multiple outbound connections - it looks like my system is attempting to run portscans across remote IPs

I have run a full scan and rootkit scan.  No threats detected.  What should the next steps be?

  

  <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:20:50.288293+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="47aedc03-f5ed-4239-8e20-bf30c5f1c7b8" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.202" malwaretype="Domain" port="61599"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:24:52.259133+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="0940493e-ae5d-49f3-b9ae-f2e4b79b3325" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.78" malwaretype="Domain" port="61735"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:24:52.342138+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="7cdb4f2b-98af-454c-be8e-2428aa4ada55" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.78" malwaretype="Domain" port="61736"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:28:54.990017+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="b2e8e491-c3cc-4e60-ab40-fb96fe805a2e" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="61926"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:28:55.073021+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="65148a09-e3ed-454a-9aa1-39bc2ea8a999" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="61926"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:28:55.152026+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="11963d81-3aad-464b-a85a-37431c60f131" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="61927"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:32:56.907853+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="9f8a1f88-10cb-4891-9f03-b45d50da9dce" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="62074"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:32:56.988858+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="01ab7f86-4add-4f78-ac19-83ae4b3ac7e4" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="62075"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:37:00.000758+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="89f58441-0c83-4abc-951d-28c7a813ddbb" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="62298"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:37:00.097763+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="2b9d5290-5edd-4a7a-a004-082ef288f4a3" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="62299"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:41:02.393622+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="2ac2244c-c628-4785-93fc-f8170f21728f" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="62583"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:41:02.480627+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="7fe0bc7c-46dc-4394-9b62-73f0bf3327c1" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="62584"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:45:05.118505+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="66a8ca6d-bbbc-4834-bc9c-4a88c6e746e1" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="62755"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:45:05.206510+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="8f90062c-d591-4f99-a7cd-eaccf10943b8" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="62756"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:49:07.087345+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="027338bc-4b8f-4626-931d-449a138065c7" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="63132"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:49:07.209351+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="c268128f-e60b-4f4e-ae39-d08e4427cb46" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="63133"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:53:09.576214+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="f5122888-4f5f-499c-bec6-18f92a2ab91f" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="63622"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:53:09.659219+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="a3ddb89e-bb66-4155-80ef-e35e676341db" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="63623"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:57:12.607115+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="19f61446-c782-42a7-ab35-879620c59611" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64152"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:57:12.728122+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="6772870b-96dd-4330-aac0-2d89f46149d7" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64153"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:01:15.648016+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="752c98c9-5986-42fe-ad94-405855f4b729" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="64431"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:01:15.730020+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="70ed405f-afd4-45de-89ab-4c28dd56fbfb" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="64432"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:05:19.180945+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="262dac3e-7d9d-440c-8770-81ea3fbda66d" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="64655"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:05:19.261950+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="ceaa34d1-952f-4e68-b63e-ad40565139be" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="64656"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:09:21.752819+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="ec3b7e79-2597-4eb2-9ee6-d025c5a53d41" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="64784"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:09:21.834824+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="5e04c93e-59d4-497e-b4ca-cc583cf22574" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="64785"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:13:24.776720+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="fab91f69-fe89-449e-abfd-4c64195d3faf" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64934"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:13:24.872725+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="e31f3963-683f-4507-a5c3-77ed01fd5c1a" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64935"></record>
   <record severity="debug" process="C:\Program Files (x86)\Skype\Phone\Skype.exe" LoggingEventType="0" datetime="2016-06-03T07:14:03.403929+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="4da33b34-d2be-41d2-bb78-1e68dc57040a" subtype="Malicious Website Protection" direction="Inbound" domain="" ip="200.57.102.162" malwaretype="IP" port="16962"></record>
   <record severity="debug" process="C:\Program Files (x86)\Skype\Phone\Skype.exe" LoggingEventType="0" datetime="2016-06-03T07:14:03.484934+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="deeed605-ee6c-4df6-9ac3-c9b5b0c6cd17" subtype="Malicious Website Protection" direction="Inbound" domain="" ip="200.57.102.162" malwaretype="IP" port="16962"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:17:27.955629+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="85a5f4df-c07e-4ece-91cb-ae0c2c4e5053" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="65275"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:17:28.049634+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="a3b8d290-ac03-42ab-bc8b-cba3945ff5dd" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="65276"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:21:33.073649+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="4d15414d-8a55-4ba9-8e66-12607337677b" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="49390"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:21:33.186655+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="2a849eaf-aa47-4772-96f3-184f028a1cff" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="49391"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:25:34.826476+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="601b6091-7220-458e-bab9-cbf3be5ac644" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="49523"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:25:34.915481+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="6f8cf652-94cf-4755-88d5-6fa5a62c32a0" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="49524"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:29:37.555359+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="60a76bc2-aebe-4186-82e9-902b50cc55a4" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.142" malwaretype="Domain" port="49842"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:29:37.648365+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="e162022b-c59c-4772-b5d9-ee6724e6d3ab" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.142" malwaretype="Domain" port="49843"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:33:40.229239+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="6b68f1bf-d497-488e-b049-5af1a5f06d03" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="50001"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:33:40.311244+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="5199c3fc-1d71-4c4d-8a2b-b6de3a34d238" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="50002"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:37:41.954065+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="72d1f8b6-7b12-408e-b165-8115d73611c6" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="50231"></record>
   <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:37:42.037070+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="19478a2b-09b9-4bde-ac49-ee5d29d70af5" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="50232"></record>

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.