Notifications
Clear all

Virus detected


Prodigy
(@prodigy)
Platinum
Joined: 11 years ago
Posts: 2539
Topic starter  

visited dumcoach.com and this blew out through our firewall

dumcoach.com said redirecting but never loaded.  Had to go to www. - might be worth looking at.  Set off alarms here.  There may be something sitting in the root of this site that the bad guys put there.

 

Message meets Alert condition

Virus/Worm detected: JS/Cryxos.2870!tr Protocol: "HTTP" Email Address From:  Email Address To:

VIRUS REFERENCE URL: http://www.fortinet.com/ve?vn=JS%2FCryxos.2870%21tr

date=2022-07-20 time=1127 devname=Primary-FG100D devid=FG100D3G14812799 logid="0211008192" type="utm" subtype="virus" eventtype="infected" level="warning" vd="root" eventtime=1658332347715952994 tz="-0400" policyid=204 msg="File is infected." action="blocked" service="HTTP" sessionid=124723080 srcip=10.31.99.99 dstip=192.124.249.29 srcport=54819 dstport=80 srcintf="lan" srcintfrole="lan" dstintf="wan1" dstintfrole="wan" proto=6 direction="incoming" quarskip="No-skip" virus="JS/Cryxos.2870!tr" dtype="Virus" ref=" http://www.fortinet.com/ve?vn=JS%2FCryxos.2870%21tr " virusid=8235216 url=" http://dumcoach.com/ " profile="default" agent="Chrome/103.0.5060.114" analyticscksum="0576605429060c9bd88c408ff5952e0e8fca87e5dbfee316efbea9a1733b7d58" analyticssubmit="false" crscore=50 craction=2 crlevel="critical"

If you show up for a fair fight, you are unprepared.


Quote
Share: