KhanTengris Posted January 3, 2022 ID:1495797 Share Posted January 3, 2022 I recently experienced an attempted Trojan attack apparently via an application that I have been using for years. The text from the event, captured with Trojan action action blocked by MalwareBytes, is as follows: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/22 Protection Event Time: 12:19 PM Log File: 0a4bf9a8-6c5d-11ec-8005-e0d4e8e38428.json -Software Information- Version: 4.5.0.152 Components Version: 1.0.1538 Update Package Version: 1.0.49330 License: Premium -System Information- OS: Windows 11 (Build 22000.376) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Qualcomm\Eudora\Eudora.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: www.floracera.biz IP Address: 104.21.12.106 Port: 80 Type: Outbound File: C:\Program Files (x86)\Qualcomm\Eudora\Eudora.exe (end) My questions about this are: 1. is the executable file Eudora.exe contaminated with a trojan? 2. If so, can the trojan be removed? 3. What can I expect if the same executable file is retained and continue to be used? 4. What action, if any, should be taken after this event occurred? 5. How could the infection of Eudora.exe been prevented? trojan detection event - 03 jan 2022.txt Link to post Share on other sites More sharing options...
Staff Solution TeMerc Posted January 3, 2022 Staff Solution ID:1495823 Share Posted January 3, 2022 6 hours ago, KhanTengris said: I recently experienced an attempted Trojan attack apparently via an application that I have been using for years. The text from the event, captured with Trojan action action blocked by MalwareBytes, is as follows: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/22 Protection Event Time: 12:19 PM Log File: 0a4bf9a8-6c5d-11ec-8005-e0d4e8e38428.json -Software Information- Version: 4.5.0.152 Components Version: 1.0.1538 Update Package Version: 1.0.49330 License: Premium -System Information- OS: Windows 11 (Build 22000.376) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Qualcomm\Eudora\Eudora.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Trojan Domain: www.floracera.biz IP Address: 104.21.12.106 Port: 80 Type: Outbound File: C:\Program Files (x86)\Qualcomm\Eudora\Eudora.exe (end) My questions about this are: 1. is the executable file Eudora.exe contaminated with a trojan? 2. If so, can the trojan be removed? 3. What can I expect if the same executable file is retained and continue to be used? 4. What action, if any, should be taken after this event occurred? 5. How could the infection of Eudora.exe been prevented? trojan detection event - 03 jan 2022.txt 716 B · 0 downloads Hello, thanks for bringing this to our attention. We've reviewed the site again and have determined it no longer warrants being blocked so we've disabled the block in our database. Removal should be reflected in the next database update going out in a few hours or so. Link to post Share on other sites More sharing options...
Recommended Posts