Jump to content
Marcin_

Website blocked due to trojan?.. Outbound connection in different ports

Recommended Posts

Hello, Ron.

Sorry for a late response, but there was a horror in my job during last two weeks.

Date & time are correct. Please, be aware that I live in UTC+01:00 time zone. ;)

Today before I used KVRT few events happened during standard everyday scannings by F-Secure and MB. Nexo (old HR & payroll software) installer and an old Gimp installer have been treated by F-Secure as threat and removed. Few seconds later the similar procedure was done by MB. Moreover I found out that F-secure blocked one uknown website many times at the beginning of the month. I don't know if it has anything to do with my notification problem but I decided to inform you. Please, find the screens below.

After that I used KVRT and the result is: no threat found. By the way, during scanning the computer by Kaspersky tool I saw  any "Opera\stable" files but I couldn't to see the whole path. Maybe they are still somwewhere on my computer but I have no clue where to find them. Maybe it was visible in the FRST logs or maybe the remnants of Opera are still in the system. But I removed the browser properly I guess.

MB notifications due to Toya website still appear but not often and of course the web is still being blocked by MB. Maybe I should just exclude the website from scanning and blocking and problem will be resolved. What you think?.. 

Anyway I will have to do that in this weekend, because I need to pay my bill. I get the bills for internet to my account on toya.net.pl (sorry,  I'm not going to pay the interest for late payment).

 

Best regards.

F-Secure rep.jpg

MB event.jpg

Kaspersky rep.jpg

Share this post


Link to post
Share on other sites

The domain toya.net.pl is currently blocked due to a Trojan. I'm working with our internal team to take another look at this as we should not block the entire domain. For now, yes, please ignore if you can or add it as an exclusion until we get this resolved.

Yes, the computer had some threats to remove but the initial block is not due to the onboard infection stuff. Hopefully, we can get this resolved soon.

Ron

 

Share this post


Link to post
Share on other sites

Please run Malwarebytes and check for updates. Then let me know if you're still getting this block alert. The block should be removed now.

 

Share this post


Link to post
Share on other sites

Hi, Ron.

The update's working. I removed the exclusion and there are no notifications and the access to Toya web is not being blocked.

Thank you very much!

Share this post


Link to post
Share on other sites

You're quite welcome.

 

Help Secure your browsers

Please install uBlock Origin for your browsers to better protect your system

FireFox, ChromeOpera , SafariMicrosoft Edge
AdBlock for Internet Explorer

Follow-up Reading

Everything you need to know about cybercrime
10 easy ways to prevent malware infection 
Keep your data backed up

 

Thank you for choosing Malwarebytes
 

Ron

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.