mitch91406 Posted March 5, 2020 ID:1365879 Share Posted March 5, 2020 Thanks for help in advance 1. We (apswater.com and mail.apswater.com) were hacked and mail.apswater.com sent out a lot of crap. We also got hit with ransomware encryption but recovered. 2. We put in a new email server (hmail) and secured it 3. We put in a new webserver (apswater.com) We scanned and scanned and found nothing after reformatting and starting over. We redirected the site to labwater.com so we can keep up and running My guess is the e-mail dumps triggered the bad rating. Now how do I get everything back to normal? Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/4/20 Protection Event Time: 1:10 PM Log File: 91106bc4-5e5c-11ea-a321-000000000000.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.835 Update Package Version: 1.0.20228 License: Premium -System Information- OS: Windows 10 (Build 18362.657) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\System32\MicrosoftEdgeCP.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: apswater.com IP Address: 24.199.11.180 Port: 443 Type: Outbound File: C:\Windows\System32\MicrosoftEdgeCP.exe (end) AND Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/4/20 Protection Event Time: 1:16 PM Log File: 6b93effa-5e5d-11ea-aad3-000000000000.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.835 Update Package Version: 1.0.20228 License: Premium -System Information- OS: Windows 10 (Build 18362.657) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Windows Live\Mail\wlmail.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: mail.apswater.com IP Address: 24.199.11.180 Port: 110 Type: Outbound File: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (end) Link to post Share on other sites More sharing options...
Staff Solution thisisu Posted March 5, 2020 Staff Solution ID:1365887 Share Posted March 5, 2020 Hi, The block will be removed in the next update as I'm not seeing any active threats on it. Regards Link to post Share on other sites More sharing options...
mitch91406 Posted March 5, 2020 Author ID:1365888 Share Posted March 5, 2020 Thank you so much Link to post Share on other sites More sharing options...
Staff Zynthesist Posted March 5, 2020 Staff ID:1365994 Share Posted March 5, 2020 Glad we could help. Link to post Share on other sites More sharing options...
Recommended Posts