Search the Community
Showing results for tags 'zero-day'.
So I've been getting connections from strange IP's for a long time and Malwarebytes has always notified me of it and classified the attempts as malware. These attempts would usually happen around 4-5 times a week for the past 5 months or so and Malwarebytes Premium would show no additional information on the attempts apart from IP & Port. Recently though these attempts have been much more frequent (3-9 times a day) and coming from different IP's and sometimes even showing domains which also are different from each other. Instead of saying it was an attempt to infect my PM with malware it now says it was a Trojan instead. I've scanned my PC with Malwarebytes Premium, Adwcleaner and Avast with no results each time. Just recently I've been looking into the IP's with different online tools: https://exchange.xforce.ibmcloud.com/ https://www.virustotal.com/#/home/url These would show that most of the IP's that Malwarebytes would inform me as Trojan infect attempts are trying to infect me with the Zero-day malware. One of the recent IP's I had checked was this and it seems to be a spam bot (from a botnet most likely) trying to infect PC's with the Zero-day malware. https://exchange.xforce.ibmcloud.com/ip/184.108.40.206 Most frightening is the fact that after after using a VPN or even double proxies they still manage to connect to me. I'm using NordVPN and even then I am getting spammed. Majority of the attempts only show the type of the malware and the IP. Not domain or the file it was coming from (assuming I have something on my PC that lets them connect to me through changing my IP address. So is my PC, information and files in danger with how things are now, or am I safe? Sorry the text on the image is in Finnish. Also not sure if the topic is in a wrong category, move it if it is.
The Exploit Protection is off and won't start, I have turned it on manually, I have clicked the warning telling me it should be on. In both cases it doesn't start, remains off. I have exited and restarted, I have rebooted the machine. So, what now??
Win XP SP3 IE 8.0.6001.18702 I rarely use IE (pretty much just for MS update). I have 2 similar machines. This started on 1 a couple months ago, & on the other tonight. The attached file is from my main pc, which has had the issue for a couple months. I get a "blocked an exploit attempt" message upon opening, but no specifics as to what exploit is occurring. I have 2 rootkit scanners (MB A-M PRO & Greatis Reg Run) on both machines & neither have found anything. Neither have several other malware & AV products. Malwarebytes Anti-Exploit.zip TIA