Jump to content

tgoodmannz

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

368 profile views
  1. tgoodmannz
    It didn't appear to be. It looked like a one off warning as soon as I visited that page. I won't be using that system for the next week, so I'll review again after then
  2. tgoodmannz
    Interesting. I browsed to www.heraldsun.com.au - immediately got the warning again Goodbye Rupert Murdoch and news limited for now :-) That might explain @NeilH33 getting this issue also
  3. tgoodmannz
    Thanks, Done Although Norton 360 woouldn't let me download Delfix due to WS.Reputation Risk: http://us.norton.com/security_response/writeup.jsp?docid=2010-051308-1854-99 Given I trust MalwareBytes I bypassed it Cheers for the help, I'll drop a coin in the box
  4. tgoodmannz
    No, I've not seen it since I reinstalled Chrome.
  5. tgoodmannz
    OK, I followed your instructions with the one addition The following sub-folder was totally locked: C:\Users\Your user name\Appdata\Local\Google\Chrome\User Data\Default Even as administrator, I was not able to delete it. I needed to use this tool: http://www.askvg.com/add-take-ownership-option-in-file-folder-context-menu-in-windows-vista/ When I booted into Safe Mode, the computer rebooted - Does that indicate a rootkit or some other malware? I was able to delete the locked file a reboot. I've installed the adblocker and AV extensions.
  6. tgoodmannz
    Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 5/06/2016 Scan Time: 7:34 AM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.06.04.05 Rootkit Database: v2016.05.27.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Tim2 Scan Type: Threat Scan Result: Completed Objects Scanned: 572379 Time Elapsed: 28 min, 25 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  7. tgoodmannz
    Thanks @kevinf80 Here are the log files (I have attached the Malwarebytes log, hope that is OK) Rkill.txt MalwareBytesLog.txt FRST.txt Addition.txt
  8. tgoodmannz
    I am seeing multiple outbound connections - it looks like my system is attempting to run portscans across remote IPs on S3 (AWS I have run a full scan and rootkit scan. No threats detected. What should the next steps be? If I close Chrome, then the warnings do not appear. I'm interested in what this threat is doing if anybody has seen it before <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:02:07.920089+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="43a69d78-8058-44ce-8b05-26121a47775a" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="57882"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:02:08.033096+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="470c2d44-a46d-4cca-af87-8f6495272296" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="57882"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:02:08.157103+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="a2f0c128-d7b1-4cdb-87c5-e4f19e4d33a2" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="57883"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:06:10.863985+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="a0b167aa-8c9c-46b6-a8d0-578bbf88905f" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="58056"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:06:10.992992+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="d96983a8-6a81-4ff2-83ea-7ae2db01ae90" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="58057"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:06:11.117999+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="911ce64e-0690-4f69-9f17-dd56c7d47fe0" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="58056"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:10:12.599811+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="15f7fee4-942c-446e-9e08-ac0d6d999c08" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="58211"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:10:12.854826+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="81c50b87-0a6f-462f-8930-957c38cd91f8" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="58211"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:10:12.990834+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="3075f148-237c-45c5-94a4-dd1540737da7" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="58212"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:14:14.480646+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="c89270f6-93cd-4191-90ef-582bcefcce8b" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.206" malwaretype="Domain" port="58355"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:14:14.600653+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="415ef2fa-dd1a-4f1d-92fa-c5252e1b7098" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.206" malwaretype="Domain" port="58355"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:14:14.719660+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="f11dd13e-cd09-4fd5-9646-e64d21d7d741" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.206" malwaretype="Domain" port="58356"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:18:17.430542+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="333bbd4d-443a-4ff0-b8c0-5cd1f0572860" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="58492"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:18:17.559549+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="e654962f-74fb-4153-9435-c59fe51ee215" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="58492"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:18:17.682556+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="5ee51658-f1bb-497e-996f-9f66a996bcb0" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="58493"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:22:19.938413+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="f658f646-13c3-449f-9407-404fc3648063" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.214" malwaretype="Domain" port="58707"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:22:20.059420+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="efa72006-0e44-474c-804a-4557ff67ea84" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.214" malwaretype="Domain" port="58707"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:22:20.185427+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="ae158d8c-3cde-41df-9fea-12eff333116b" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.214" malwaretype="Domain" port="58708"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:26:21.424225+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="c408ed06-c690-4191-8171-c125a42d757d" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.70" malwaretype="Domain" port="58854"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:26:21.543232+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="c252446b-79df-400f-98bf-da1b80517d10" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.70" malwaretype="Domain" port="58854"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:26:21.661238+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="331be198-9ddc-496c-9a06-acb365bbdff9" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.70" malwaretype="Domain" port="58855"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:30:24.497128+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="1b6fad37-ccbe-4685-947e-50aea6f2b56a" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="58985"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T10:30:24.650137+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="55cdd39f-f24c-4ccd-a2da-d9fc02557b9c" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="58986"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:27:36.087347+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="5bb18206-7d57-487a-bcb9-ffcd3d614980" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="59829"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:27:36.328361+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="733a8688-1839-4959-b3aa-56d3ca2b30f3" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="59829"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:27:36.564374+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="cc5c5e05-3aa8-41ae-81d9-465b7c3fb7a1" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="59830"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:29:14.193808+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="21e48d57-7268-4ee0-9346-b3cff5ac1996" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="60403"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:29:14.384819+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="00977b9e-d7b5-494b-8963-350a70170e91" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="60404"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:31:25.371323+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="28845633-8512-4051-a6af-540322621f6b" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="61024"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:31:25.554334+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="7f4f2929-2ba0-4b5a-a0ad-6b7894a4f09b" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="61025"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:35:26.815133+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="68469583-e62d-47ca-b72b-08f80ff28d45" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.214" malwaretype="Domain" port="61425"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:35:26.947141+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="35630c47-f0f0-4c58-a70b-ae577fbd4d22" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.214" malwaretype="Domain" port="61426"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:39:28.692968+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="e1f23d98-1c92-4b2d-9af7-be0fd94f82c0" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="61783"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:39:28.831976+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="b2926f96-8578-4f34-b60b-85b5565d5441" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="61783"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:39:28.960983+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="72654656-72e3-49da-9cbc-1fbe0ae725da" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="61784"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:57:43.376942+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="f1afaf9a-5531-49cc-880b-1e20807dc09f" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="62301"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T11:57:43.670959+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="d1e7b8de-daa4-4ac6-bae3-c03866a94269" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="62302"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T12:01:45.115769+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="c30631bf-39dc-437d-9d8e-dd4b6c351e4a" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.146" malwaretype="Domain" port="62624"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T12:01:45.246776+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="d9208d65-4cbe-4fbe-977a-05a7b3aca074" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.146" malwaretype="Domain" port="62625"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T12:01:45.374784+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="564c5ac7-967a-4fea-a7ae-f9e40f45d0cf" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.146" malwaretype="Domain" port="62624"></record>
  9. tgoodmannz
    I am seeing multiple outbound connections - it looks like my system is attempting to run portscans across remote IPs I have run a full scan and rootkit scan. No threats detected. What should the next steps be? <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:20:50.288293+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="47aedc03-f5ed-4239-8e20-bf30c5f1c7b8" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.202" malwaretype="Domain" port="61599"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:24:52.259133+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="0940493e-ae5d-49f3-b9ae-f2e4b79b3325" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.78" malwaretype="Domain" port="61735"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:24:52.342138+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="7cdb4f2b-98af-454c-be8e-2428aa4ada55" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.78" malwaretype="Domain" port="61736"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:28:54.990017+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="b2e8e491-c3cc-4e60-ab40-fb96fe805a2e" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="61926"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:28:55.073021+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="65148a09-e3ed-454a-9aa1-39bc2ea8a999" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="61926"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:28:55.152026+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="11963d81-3aad-464b-a85a-37431c60f131" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="61927"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:32:56.907853+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="9f8a1f88-10cb-4891-9f03-b45d50da9dce" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="62074"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:32:56.988858+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="01ab7f86-4add-4f78-ac19-83ae4b3ac7e4" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="62075"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:37:00.000758+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="89f58441-0c83-4abc-951d-28c7a813ddbb" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="62298"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:37:00.097763+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="2b9d5290-5edd-4a7a-a004-082ef288f4a3" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.210" malwaretype="Domain" port="62299"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:41:02.393622+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="2ac2244c-c628-4785-93fc-f8170f21728f" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="62583"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:41:02.480627+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="7fe0bc7c-46dc-4394-9b62-73f0bf3327c1" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="62584"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:45:05.118505+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="66a8ca6d-bbbc-4834-bc9c-4a88c6e746e1" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="62755"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:45:05.206510+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="8f90062c-d591-4f99-a7cd-eaccf10943b8" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.130" malwaretype="Domain" port="62756"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:49:07.087345+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="027338bc-4b8f-4626-931d-449a138065c7" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="63132"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:49:07.209351+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="c268128f-e60b-4f4e-ae39-d08e4427cb46" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.194" malwaretype="Domain" port="63133"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:53:09.576214+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="f5122888-4f5f-499c-bec6-18f92a2ab91f" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="63622"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:53:09.659219+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="a3ddb89e-bb66-4155-80ef-e35e676341db" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="63623"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:57:12.607115+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="19f61446-c782-42a7-ab35-879620c59611" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64152"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T06:57:12.728122+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="6772870b-96dd-4330-aac0-2d89f46149d7" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64153"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:01:15.648016+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="752c98c9-5986-42fe-ad94-405855f4b729" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="64431"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:01:15.730020+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="70ed405f-afd4-45de-89ab-4c28dd56fbfb" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.138" malwaretype="Domain" port="64432"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:05:19.180945+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="262dac3e-7d9d-440c-8770-81ea3fbda66d" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="64655"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:05:19.261950+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="ceaa34d1-952f-4e68-b63e-ad40565139be" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.150" malwaretype="Domain" port="64656"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:09:21.752819+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="ec3b7e79-2597-4eb2-9ee6-d025c5a53d41" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="64784"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:09:21.834824+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="5e04c93e-59d4-497e-b4ca-cc583cf22574" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.66" malwaretype="Domain" port="64785"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:13:24.776720+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="fab91f69-fe89-449e-abfd-4c64195d3faf" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64934"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:13:24.872725+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="e31f3963-683f-4507-a5c3-77ed01fd5c1a" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.134" malwaretype="Domain" port="64935"></record> <record severity="debug" process="C:\Program Files (x86)\Skype\Phone\Skype.exe" LoggingEventType="0" datetime="2016-06-03T07:14:03.403929+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="4da33b34-d2be-41d2-bb78-1e68dc57040a" subtype="Malicious Website Protection" direction="Inbound" domain="" ip="200.57.102.162" malwaretype="IP" port="16962"></record> <record severity="debug" process="C:\Program Files (x86)\Skype\Phone\Skype.exe" LoggingEventType="0" datetime="2016-06-03T07:14:03.484934+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="deeed605-ee6c-4df6-9ac3-c9b5b0c6cd17" subtype="Malicious Website Protection" direction="Inbound" domain="" ip="200.57.102.162" malwaretype="IP" port="16962"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:17:27.955629+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="85a5f4df-c07e-4ece-91cb-ae0c2c4e5053" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="65275"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:17:28.049634+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="a3b8d290-ac03-42ab-bc8b-cba3945ff5dd" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="65276"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:21:33.073649+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="4d15414d-8a55-4ba9-8e66-12607337677b" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="49390"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:21:33.186655+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="2a849eaf-aa47-4772-96f3-184f028a1cff" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="49391"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:25:34.826476+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="601b6091-7220-458e-bab9-cbf3be5ac644" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="49523"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:25:34.915481+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="6f8cf652-94cf-4755-88d5-6fa5a62c32a0" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.86" malwaretype="Domain" port="49524"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:29:37.555359+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="60a76bc2-aebe-4186-82e9-902b50cc55a4" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.142" malwaretype="Domain" port="49842"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:29:37.648365+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="e162022b-c59c-4772-b5d9-ee6724e6d3ab" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.142" malwaretype="Domain" port="49843"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:33:40.229239+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="6b68f1bf-d497-488e-b049-5af1a5f06d03" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="50001"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:33:40.311244+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="5199c3fc-1d71-4c4d-8a2b-b6de3a34d238" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.74" malwaretype="Domain" port="50002"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:37:41.954065+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="72d1f8b6-7b12-408e-b165-8115d73611c6" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="50231"></record> <record severity="debug" process="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" LoggingEventType="0" datetime="2016-06-03T07:37:42.037070+10:00" source="Protection" type="Detection" username="SYSTEM" systemname="TIM2-PC" last_modified_tag="19478a2b-09b9-4bde-ac49-ee5d29d70af5" subtype="Malicious Website Protection" direction="Outbound" domain="s3-ap-southeast-2.amazonaws.com" ip="54.231.252.82" malwaretype="Domain" port="50232"></record>
  10. tgoodmannz
    Re-ran with PUP detection - that was it. Thanks
  11. tgoodmannz
    Thanks - attached ScanLog.txt
  12. tgoodmannz
    Hi, I've been running MBAM system scans - it comes back with "Scan Complete - no malicious items" but also tells me there are 23 infections. Are the infections it can't clean? What does this mean? Screenshot attached Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.