tomt007 Posted August 6, 2019 ID:1328064 Share Posted August 6, 2019 Working from home on Business Laptop running Win 10 with MB and Office 13 - Outlook was open and reviewing email when I received a MW Trojan Alert from one of the emails. The difficult aspect is the MW info does not identify what the email was? Research on the IP indicates its AWS - Miami DNS ? the pardot.com is sales force I access Corp AWS accounts from both of my Systems but different email on outlook for both systems and no common email that I can identify. Is this a false positive on this IP ? Checking the MW logs I get the following: Work Laptop Website blocked: 3;36 PM EST - CAT - Trojan Domain: storage,pardot.com IP: 13.32.80.42 Port: 64343 Type Outbound File : c:\Program Files\Microsoft Office15\OUTLOOK>EXE Home WS Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/6/19 Protection Event Time: 4:45 PM Log File: 1cd12586-b88b-11e9-982c-3417ebbf9797.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.586 Update Package Version: 1.0.11880 License: Trial -System Information- OS: Windows 10 (Build 17763.615) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: storage.pardot.com IP Address: 13.32.80.42 Port: [58650] Type: Outbound File: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE Link to post Share on other sites More sharing options...
Staff Solution Zynthesist Posted August 6, 2019 Staff Solution ID:1328065 Share Posted August 6, 2019 Hello, Please run an update as this block was removed earlier and your update package is not the latest. Thanks. Link to post Share on other sites More sharing options...
Recommended Posts