Jump to content

One website blocked - do I need to do something?

sande005

By sande005
in Resolved Malware Removal Logs

 Share
Go to solution Solved by kevinf80,

Recommended Posts

sande005

sande005

Posted
Posted

MWB Premium.  One particular website is consistently blocked due to outbound trojan.  Have not encountered warning anywhere else.  Full scan has not reveled any threats.  Also ran adwcleaner, which did quarantine 18 items.

Do I just not trust that particular site, or are there additional items I should proceed on to do?  Unclear as to how concerned/unconcerned I should be about an "outbound" trojan.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello sande005 and welcome to Malwarebytes,

Can you post the three RTP detection logs please...

Open Malwarebytes....
 
  • Click on the Detection History tab > from main interface.
  • Then click on "History" that will open to a historical list
  • Double click on the RTP Detection log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Text file (*.txt), then name the file and save to a place of choice, recommend "Desktop" then attach to reply

Thanks,

Kevin

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hiya sande005,

From that log its seems to indicate Chrome browser has been compromised. Use the instructions from the following link to reset Chrome..

https://forums.malwarebytes.com/topic/258886-chrome-secure-preferences-detection-always-returns/

Let me know if the blocks cease after following those instructions...

Thank you,

Kevin.

Link to post
Share on other sites
sande005

sande005

Posted
  • Author
Posted

No go on clearing Chrome sync data and restarting, if I go to the single site, I still get the block notice. (http://modelairplanenews.com/)  This is a site for a commercial magazine.  (MWB even hates that I pasted the link here!)

I ran FRST64, and it shows Defender entries for Trojan:Win32/Woreflint.A!cl and Win32/Wacatac.DD!ml.  These are located in files downloaded a few days ago.  But the website problem has been happening for much longer,  So there may be multiple things at the same time - older, and new recent ones.

MWB does not report the above 2 Trojans.  Defender quick scan does not show them either.  I'm running a Defender complete scan now, but it still says many, many hours to go....

Attached is the latest MWB log (after the Chrome reset), as well as the most current FRST64 reports.

sande005 log 2-2.txt FRST 2-2.txt Addition 2-2.txt

Link to post
Share on other sites
  • Solution
kevinf80

kevinf80

Posted
  • Solution
Posted

Hiya sande005,

Your issue is trying to connect with website hxxp://modelairplanenews.com/ with your Browser, that is an outbound call, Malwarebytes alerts to that website and blocks the outbound call.

If you are allowed to make connection with that website, information then flows both ways. Your connection is outbound, the website back to you is inbound. If the website is exploited and therefore malicious your Security will flag that website either way..

The Trojan explanation is used because what appears to be normal acceptable data travelling back to you maybe loaded with hidden malicious extras, as in Trojan Horse...

If you know and trust that website you could seek help at the false positive section.. https://forums.malwarebytes.com/forum/123-website-blocking/

Does that help...?

Thank you,

Kevin..

 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.