Jump to content

Recommended Posts

Hi, all,

I opened Chrome today and Malwarebytes notified me that it blocked an outboud Malicious Website Protection, Domain, to docs.ironbeast.io

I've never heard of this website/service and it only happens when I use Chrome. It just started about a few hours ago after booting my computer. I've tried many things to fix this and the problem only occurs with Chrome. Here's what I've done:

  • Uninstalled Chrome
  • Ran scans with Malwarebytes (treat detections as malware and with rootkits) and my AV protection
  • Ran and used Rkill (?), Adwcleaner, and JRT following another post on weird outbound Chrome
  • Set my DNS to Google (yet another post from a different article on here)

AV and Malwarebytes did not detect any infections and the Adw cleaner, etc., removed some old registry values that were not associated with Chrome.

After all this, I reinstalled Chrome and went to a website and the same message appeared docs.ironbeast.io was blocked.

I've attached the Malwarebytes log file. Researching around, it seems the outbound IPs associated with this are through Amazon..http://www.techsupportforum.com/forums/f320/malware-suspicious-site-1054890.html -- the IPs in the log are apparently associated with Amazon.

Any thoughts or solutions? Is this unsafe? Not a computer expert, but I won't use Chrome for now.

log.txt

Link to post
Share on other sites

So, I ran another JRT scan with Chrome installed and this is provided log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64
Ran by Gabriel (Administrator) on Sat 11/26/2016 at  6:46:26.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


File System: 1

Successfully deleted: C:\WINDOWS\prefetch\TOOLBARNATIVEMSGHOST.EXE-7AF699E4.pf (File)

 

Registry: 0

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/26/2016 at  6:50:17.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Link to post
Share on other sites
On 11/26/2016 at 8:28 AM, moondane said:

Following this thread. I am also getting this blocked but it happens only when I open a specific game on Facebook, not when I open Chrome.

It happens after I open Chrome and go to a website, too.

UPDATE: I uninstalled Chrome, removed Google's folders from AppData and the registry. Reinstalled and the problem seems to be gone..... Still wonder how and why this happened.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.