Greeting everyone,
Dealing with a computer that ran afoul of a key logger and attempted purchases overnight, removes the malware and manually got rid of the key logger extension they added to the computer. Fortuantly damage does seems to be at a minimum but Malwarebytes keeps blocking a Riskware that it identifies every two minutes, here are the details.
-Log Details-
Protection Event Date: 2/22/19
Protection Event Time: 11:19 AM
Log File: 9590ca3a-36bd-11e9-95af-e0d55ea7210e.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9392
License: Trial
-System Information-
OS: Windows 10 (Build 17763.316)
CPU: x64
File System: NTFS
User: System
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
-Website Data-
Category: RiskWare
Domain: fundpenny.strangled.net
IP Address: 127.0.0.2
Port: [49942]
Type: Outbound
File:
Oddly it no longer says what File its assoicated with but earlier it did, regasm.exe, deep in the windows files. Whatever its attempting to do is being blocked but I can't get any information on the domain or purpose here, could be a twitching fragment left behind but I was hoping some more experienced technictions could take a look. The domain is safe acording to some checks but I am concerned still.
Cazlar