Jump to content

tomt007

Members
  • Content Count

    1
  • Joined

  • Last visited

Posts posted by tomt007

  1. Working from home on Business Laptop running Win 10 with MB and Office 13 - Outlook was open and reviewing email when I received a MW Trojan Alert from one of the emails.  The difficult aspect is the MW info does not identify what the email was?

    Research on the IP indicates its AWS - Miami DNS ?  the pardot.com is sales force

    I access Corp AWS  accounts from both of my Systems but different email on outlook for both systems and no common email that I can identify.  Is this a false positive on this IP ? 

    Checking the MW logs I get the following: 

    Work Laptop

    Website blocked: 3;36 PM EST -

    CAT - Trojan

    Domain: storage,pardot.com

    IP: 13.32.80.42

    Port: 64343

    Type Outbound

    File :

    c:\Program Files\Microsoft Office15\OUTLOOK>EXE

     

    Home WS

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Protection Event Date: 8/6/19
    Protection Event Time: 4:45 PM
    Log File: 1cd12586-b88b-11e9-982c-3417ebbf9797.json

    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.586
    Update Package Version: 1.0.11880
    License: Trial

    -System Information-
    OS: Windows 10 (Build 17763.615)
    CPU: x64
    File System: NTFS
    User: System

    -Blocked Website Details-
    Malicious Website: 1
    , , Blocked, [-1], [-1],0.0.0

    -Website Data-
    Category: Trojan
    Domain: storage.pardot.com
    IP Address: 13.32.80.42
    Port: [58650]
    Type: Outbound
    File: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE

     

     

     

     

     

     

     

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.