Jump to content

Possible FP


Recommended Posts

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 5/4/2015 2:56:50 AM, SYSTEM, BOBBY-PC, Scheduler, Malware Database, 2015.5.1.1, 2015.5.3.6,
Protection, 5/4/2015 2:56:51 AM, SYSTEM, BOBBY-PC, Protection, Refresh, Starting,
Protection, 5/4/2015 2:56:51 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopping,
Protection, 5/4/2015 2:56:51 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopped,
Protection, 5/4/2015 2:56:57 AM, SYSTEM, BOBBY-PC, Protection, Refresh, Success,
Protection, 5/4/2015 2:56:57 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Starting,
Protection, 5/4/2015 2:56:57 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Started,
Scan, 5/4/2015 3:06:23 AM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 2:56:51 AM, Duration:9 min 31 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Scan, 5/4/2015 3:17:51 AM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 3:09:34 AM, Duration:8 min 15 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Detection, 5/4/2015 10:38:02 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53291, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:38:02 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53291, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:38:29 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53301, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:39:26 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53302, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 10:41:38 AM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 53441, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 12:05:54 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50265, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Update, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Manual, Malware Database, 2015.5.3.6, 2015.5.4.4,
Protection, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Starting,
Protection, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopping,
Protection, 5/4/2015 12:09:51 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopped,
Protection, 5/4/2015 12:09:56 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Success,
Protection, 5/4/2015 12:09:56 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Starting,
Protection, 5/4/2015 12:09:57 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Started,
Scan, 5/4/2015 12:10:06 PM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 12:09:51 PM, Duration:0 min 13 sec, Threat Scan, Cancelled, 0 Malware Detections, 0 Non-Malware Detections,
Detection, 5/4/2015 12:12:22 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50471, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 12:12:22 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50471, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Detection, 5/4/2015 12:13:00 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, IP, 184.173.133.194, 50473, Outbound, E:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe,
Scan, 5/4/2015 12:17:33 PM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 12:10:52 PM, Duration:6 min 40 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Manual, Malware Database, 2015.5.4.4, 2015.5.4.5,
Protection, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Starting,
Protection, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopping,
Protection, 5/4/2015 1:33:47 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Stopped,
Protection, 5/4/2015 1:33:53 PM, SYSTEM, BOBBY-PC, Protection, Refresh, Success,
Protection, 5/4/2015 1:33:53 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Starting,
Protection, 5/4/2015 1:33:54 PM, SYSTEM, BOBBY-PC, Protection, Malicious Website Protection, Started,
Scan, 5/4/2015 1:43:01 PM, SYSTEM, BOBBY-PC, Manual, Start:5/4/2015 1:33:48 PM, Duration:9 min 12 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

(end)

 

 

 

Is this false positive detection?

 

https://forums.malwarebytes.org/index.php?/topic/168117-outbound-ip-being-blocked-184173133194/

 

Thanks.

Link to post
Share on other sites

  • Root Admin

Will have to wait for Research but this IP goes to SoftLayer and not to a known Adobe site. But it's also possible that due to the age of the program (CS3 was back in April 16, 2007) it may be pointing to a license server that is no longer online or IP no longer used by Adobe ?  Or... possibly cracked software phoning home ?

Link to post
Share on other sites

  • Root Admin

IP is housing terdir.com, rdsrv.com amongst other things (browser hijacks etc etc)

 

Might need to upload Dreamweaver.exe to VT to check it's not cracked or possibly some other piece of Dreamweaver.

 

If you absolutely cannot find anything else then user should set that IP to block via Firewall or hosts file.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.