steppinwolf Posted June 8, 2019 ID:1316323 Share Posted June 8, 2019 Malwarebytes is blocking the Clatter Windows app from making an outbound connection to 203.205.158.50 This IP address checks out okay when I scan it on safeweb.norton.com (identified as WeChat). Since the Clatter app makes outbound connections for many different messaging platforms, I had it in my exclusion list. However, Clatter's executable path includes the current version number, so the most recent version no longer matches my exclusion. When I try to add the new path, Windows denies permission to access the WindowsApps folder—even though I gave permission as admin. -Log Details- Protection Event Date: 6/8/19 Protection Event Time: 2:14 PM Log File: 541077cc-8a19-11e9-83c2-0028f80bc2d6.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.10954 License: Premium -System Information- OS: Windows 10 (Build 18362.145) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: IP Address: 203.205.158.50 Port: [55946] Type: Outbound File: C:\Program Files\WindowsApps\53621FSApps.Clatter_1.0.2.0_x64__87x1pks76srcp\ModernMessenger.exe (end) Link to post Share on other sites More sharing options...
Staff Solution Dashke Posted June 9, 2019 Staff Solution ID:1316349 Share Posted June 9, 2019 The block has been added because of this malicious file - http://203.205.158.50/dd.myapp.com/16891/8CC2C22DAC1ADFC55F594DB9A23BD2E9.apk https://www.virustotal.com/gui/file/77c60f7c38efc063c1ed12b0ba5ff2a9263c1182df9d28b444790fd1aa6ad6dc/detection Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now