Jump to content

Explorer.exe Outbound Malicious Website Blocked

shannontree
 Share

Recommended Posts

shannontree

shannontree

Posted
Posted

After running Malwarebytes.exe and having it open in the background, I have been receiving the following popup message from Malwarebytes. They occur approximately every 30 seconds. Here is a small snippet. They are always the same IP (after reboot, etc) the only thing that changes is the port. 

 

Malicious Website Blocked
IP: 109.163.239.216
Port: 49197
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49297
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49299
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49310
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49312
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49324
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49328
Type: Outbound
Process: C:\Windows\explorer.exe
 
Malicious Website Blocked
IP: 109.163.239.216
Port: 49364
Type: Outbound
Process: C:\Windows\explorer.exe
 
 
I have attached the Farbar files to this message.
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-04-12 18:12 - 2013-04-12 18:12 - 00001016 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 ood.opsource.net ereg.wip4.adobe.com ereg.wip.adobe.com activate-sjc0.adobe.com practivate.adobe.ipp activate.wip4.adobe.com 3dns-1.adobe.com activate.wip1.adobe.com 3dns.adobe.com
127.0.0.1 practivate.adobe.ntp activate.wip.adobe.com wip1.adobe.com 3dns-4.adobe.com activate.wip2.adobe.com practivate.adobe 3dns-2.adobe.com www.wip4.adobe.com 3dns-3.adobe.com
127.0.0.1 crl.verisign.net adobe-dns-4.adobe.com adobe-dns-1.adobe.com adobe-dns.adobe.com ereg.adobe.com wip4.adobe.com lm.licenses.adobe.com wip3.adobe.com na2m-pr.licenses.adobe.com
127.0.0.1 www.wip1.adobe.com adobeereg.com lmlicenses.wip4.adobe.com www.wip2.adobe.com ereg.wip2.adobe.com www.wip.adobe.com wip2.adobe.com practivate.adobe.newoa wwis-dubc1-vip60.adobe.com
127.0.0.1 wip.adobe.com adobe-dns-3.adobe.com www.adobeereg.com practivate.adobe.com activate-sea.adobe.com activate.wip3.adobe.com activate.adobe.com adobe-dns-2.adobe.com www.wip3.adobe.com
127.0.0.1 hl2rcv.adobe.com ereg.wip3.adobe.com ereg.wip1.adobe.com

<snip>

2016-01-01 16:50 - 2016-01-01 16:50 - 00000000 ____D C:\Users\reverie\Desktop\Sherlock-The.Abominable.Bride--BBC-2016-720p
2016-01-01 16:26 - 2016-01-01 16:26 - 00000000 ____D C:\Users\reverie\Desktop\Sherlock.The_Abominable_Bride.720p_HDTV_x264-FoV[ettv]

2015-12-28 11:33 - 2015-12-28 11:54 - 00000000 ____D C:\Users\reverie\Downloads\And.Then.There.Were.None.S01E01.720p.HDTV.x264-RiVER[rarbg]
2015-12-28 11:33 - 2015-12-28 11:33 - 00000000 ____D C:\Users\reverie\Downloads\Dickensian.S01E01.HDTV.x264-DEADPOOL[ettv]

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.