Jump to content

Outbound Connection (Trojan) blocked Website


Recommended Posts

Hello! I received a notification that  one website were blocked during an outbound connection.

 
I had not previously gone to these website and am wondering if my computer has a virus that would try to connect to a website.


I check up the IP address; using https://whatismyipaddress.com/ip-lookup.


And realized that it's from China.

 
As mentioned, I have not click on the website. However, I did access to another China website around the timing the block notification states. I'm not sure if this relates to each other.

 
I am using Google Chrome.  I did a scan of my system, everything is fine.  And I have yet to update my Windows.

I have also attached the report 

Thanks in advance for the help!
 

Report.txt

Link to post
Share on other sites

Hello.      :welcome:   @xTosca

My name is Maurice.  I will guide you.  Let me know what name you prefer to go by.

I will guide you along on looking for potential malware. Lets keep these principles as we go along. I need more detail from Malwarebytes logs + some details on Chrome browser. For the time being, try only using EDGE browser instaed until we clear this case.

  • Removing malware can be unpredictable
  • ...things can go very wrong!
  • Backup
  • any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a USB-storage drive or flash/thumb drive
  • Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Only run the tools I guide you to.
  • Do not run online games while case is on-going. Do not do any free-wheeling web-surfing.
  • The removal of malware isn't instantaneous, please be patient.
  • Please stick with me until I give you the "all clear".

Your topic will be closed if you haven't replied within 4 days!
If I have not replied to your last post after 36 hours, please then send me a P M.

 

The first thing I need is to get a set of reports & logs.

 

That is the first step.  I will then review and use that to guide us along.

Please  set File Explorer to SHOW ALL folders, all files, including Hidden ones.  Use OPTION ONE or TWO of this article

https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html

 [   2    ]

I would like a report set for review.   This is a report only.

Please download MALWAREBYRES MBST Support Tool

Once you start it click Advanced >>> then   Gather Logs

 Have patience till the run has finished.

Upload an archive once it is done. Attach the mbst-grab-results.zip from the Desktop.

 

  • Please attach  mbst-grab-results.zip    to your reply , like displayed here.

To send  ( upload)   attachments please click the "ADD Files"  link . Then browse to where your file is located and select it and click the Open button.

 

_mb_attach.jpg

 

The set of data from the report will provide much needed information.

Please always attach reports as we go along.

Cheers.

Link to post
Share on other sites

By the way, the "block notice" from Malwarebytes' real-time web protection does not mean nor indicate presence on your machine of a infection.
IF it (Malwarebytes) were to detect a actual malware, the presentation notice would be distinct and NOT a block.
The "block event" is a courtesy notice. It does mean that the Malwarebytes is protecting your pc from potential harm from the outside.
This block is about a specific URL / specific IP address
Domain: opencdn00.jomodns.com
IP Address: 111.174.9.35
This could be the result of malvertising or a bad link on a site you visited.

Link to post
Share on other sites

Hey Maurice, 

Thanks for the reply =) 

I have attached the mbst-check-results.  

Unfortunately, I can't start saving my files to a external drive or a USB-storage drive or flash/thumb drive till tomorrow. 

I don't have one now. And all the shops are closed. 

Also, thank you for letting me know that the "block notice" from Malwarebytes does not mean that my laptop is infected! I was soooo worried. 

Again, thank you! 

- Sally

 

 

mbst-check-results.txt

Link to post
Share on other sites

  • 3 weeks later...

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.