Jump to content

How to know what process is generating the malicous website request

gutterboy
 Share

Recommended Posts

gutterboy

gutterboy

Posted
Posted

Hello,

 

I just updated MalwareBytes and also am on the free trial and I am getting a bunch of those "Malicous Website Notifications"; now I'm trying to work out if I am infected somehow or if they are coming from a legit program such as Skype, uTorrent or something else.

 

Is there a way to find out what process generated the request to the website?

 

Thanks!

Link to post
Share on other sites
gutterboy

gutterboy

Posted
  • Author
Posted

Here you go:

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 2/03/2015 3:00:24 PM, SYSTEM, MOO, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 2/03/2015 3:00:33 PM, SYSTEM, MOO, Manual, Rootkit Database, 2014.3.27.1, 2015.2.25.1,
Update, 2/03/2015 3:01:39 PM, SYSTEM, MOO, Manual, Malware Database, 2014.5.5.7, 2015.3.2.1,
Update, 2/03/2015 3:02:16 PM, SYSTEM, MOO, Manual, program, 2.0.1.1004, 2.0.4.1028,
Protection, 2/03/2015 3:03:15 PM, SYSTEM, MOO, Protection, Malware Protection, Starting,
Protection, 2/03/2015 3:03:15 PM, SYSTEM, MOO, Protection, Malware Protection, Started,
Protection, 2/03/2015 3:03:15 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Starting,
Protection, 2/03/2015 3:03:19 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Started,
Update, 2/03/2015 3:03:40 PM, SYSTEM, MOO, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 2/03/2015 3:03:41 PM, SYSTEM, MOO, Manual, Rootkit Database, 2014.11.18.1, 2015.2.25.1,
Update, 2/03/2015 3:04:30 PM, SYSTEM, MOO, Manual, Malware Database, 2014.11.20.6, 2015.3.2.1,
Protection, 2/03/2015 3:04:30 PM, SYSTEM, MOO, Protection, Refresh, Starting,
Protection, 2/03/2015 3:04:30 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Stopping,
Protection, 2/03/2015 3:04:30 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Stopped,
Protection, 2/03/2015 3:04:39 PM, SYSTEM, MOO, Protection, Refresh, Success,
Protection, 2/03/2015 3:04:39 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Starting,
Protection, 2/03/2015 3:04:43 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Started,
Detection, 2/03/2015 3:10:55 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 3:10:58 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 3:11:04 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Update, 2/03/2015 3:17:54 PM, SYSTEM, MOO, Scheduler, Malware Database, 2015.3.2.1, 2015.3.2.2,
Protection, 2/03/2015 3:17:54 PM, SYSTEM, MOO, Protection, Refresh, Starting,
Protection, 2/03/2015 3:17:54 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Stopping,
Protection, 2/03/2015 3:17:54 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Stopped,
Protection, 2/03/2015 3:18:07 PM, SYSTEM, MOO, Protection, Refresh, Success,
Protection, 2/03/2015 3:18:07 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Starting,
Protection, 2/03/2015 3:18:11 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Started,
Scan, 2/03/2015 3:28:28 PM, SYSTEM, MOO, Manual, Start:2/03/2015 3:07:07 PM, Duration:10 min 6 sec, Threat Scan, Completed, 0 Malware Detections, 4 Non-Malware Detections,
Protection, 2/03/2015 3:28:28 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Stopping,
Protection, 2/03/2015 3:28:29 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Stopped,
Protection, 2/03/2015 3:28:29 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Starting,
Protection, 2/03/2015 3:28:33 PM, SYSTEM, MOO, Protection, Malicious Website Protection, Started,
Detection, 2/03/2015 3:41:04 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 3:41:07 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 3:41:13 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 3:42:00 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:42:03 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:42:09 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:48:18 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:48:21 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:48:27 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:52:04 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:52:07 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:52:13 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:55:12 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:55:15 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 3:55:21 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 4:01:13 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 4:01:16 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 4:01:22 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 94.102.63.18, 0, Outbound,
Detection, 2/03/2015 4:12:13 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 4:12:16 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,
Detection, 2/03/2015 4:12:22 PM, SYSTEM, MOO, Protection, Malicious Website Protection, IP, 192.162.100.180, 0, Outbound,

(end)

Link to post
Share on other sites
LiquidTension

LiquidTension

Posted
Posted

Hello, 

 

In this case, it's difficult to say. A hidden process that the web blocker is unable to see may be responsible for making those outbound calls. 

Do the blocks occur with no programmes open? 

 

It may well be related to torrent usage, but I would still recommend seeking help in the Malware Removal Help section. Please refer to I'm infected - What do I do now? before posting. 

 

Link to post
Share on other sites
gutterboy

gutterboy

Posted
  • Author
Posted

Hello, 

 

In this case, it's difficult to say. A hidden process that the web blocker is unable to see may be responsible for making those outbound calls. 

Do the blocks occur with no programmes open? 

 

It may well be related to torrent usage, but I would still recommend seeking help in the Malware Removal Help section. Please refer to I'm infected - What do I do now? before posting. 

 

 

Since I have closed uTorrent I haven't seen any more of them, so I assume it was coming from that. I will reopen it and see if they come back.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.