Jump to content

mlotis

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. @AdvancedSetup See attached. AdwCleaner[C00].txt AdwCleaner[S00].txt MB.txt Addition_19-03-2020 17.08.22.txt FRST_19-03-2020 17.08.22.txt
  2. Started getting alert after alert from different IP's for a domain called zproxy.lum-superproxy.io that was going through vmnat.exe but I've also noticed it say brave.exe on some of the alerts. I believe I received about 50 in the last day or so, scanning says there is no malware on my computer, I also scanned the Ubuntu VM I have through VMWare with ClamAV and it didn't detect anything either. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/19/20 Protection Event Time: 9:21 AM Log File: dc23a202-69ec-11ea-a469-4ccc6a8d168e.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.848 Update Package Version: 1.0.20994 License: Premium -System Information- OS: Windows 10 (Build 17134.1304) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\SysWOW64\vmnat.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: zproxy.lum-superproxy.io IP Address: 134.209.65.83 Port: 22225 Type: Outbound File: C:\Windows\SysWOW64\vmnat.exe (end)
  3. We have clients telling us our website is being flagged by Malwarebytes, however it's our news API site, cryptocontrol.io, that is being flagged as a trojan. However, virustotal shows no issue with the site itself, however, it appears that they use CloudFlare and there was possibly a malicious site associated with the same IP they were assigned. See below for detection logs: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/11/20 Protection Event Time: 10:05 AM Log File: b97955e2-63a9-11ea-b82b-4ccc6a8d168e.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.823 Update Package Version: 1.0.20544 License: Premium -System Information- OS: Windows 10 (Build 17134.1304) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: cryptocontrol.io IP Address: 104.28.25.227 Port: 443 Type: Outbound File: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.