Jump to content

Inbound and outbound connection blocked by malwarebytes


Recommended Posts

I've been having blocked inbound and outbound connections from deluge and google chrome recently saying its a trojan or other malicious websites/connections. I will post a few logs so you know.

 

Spoiler

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/18/19
Protection Event Time: 6:58 PM
Log File: 7151fc92-21c8-11ea-a0a8-00ff00fe27da.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.781
Update Package Version: 1.0.16390
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Deluge\deluge.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain: 
IP Address: 190.90.239.42
Port: 65327
Type: Inbound
File: C:\Program Files (x86)\Deluge\deluge.exe

(end)

Spoiler

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/18/19
Protection Event Time: 5:57 PM
Log File: e3f87e1e-21bf-11ea-9cd8-00ff00fe27da.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.781
Update Package Version: 1.0.16388
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Deluge\deluge.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain: 
IP Address: 185.244.39.107
Port: 65327
Type: Inbound
File: C:\Program Files (x86)\Deluge\deluge.exe

(end)

Spoiler

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/18/19
Protection Event Time: 5:18 PM
Log File: 647d1582-21ba-11ea-a06b-00ff00fe27da.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.781
Update Package Version: 1.0.16384
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Deluge\deluge.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Malware
Domain: 
IP Address: 149.202.122.27
Port: 65327
Type: Outbound
File: C:\Program Files (x86)\Deluge\deluge.exe

(end)

Spoiler

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 12/18/19
Protection Event Time: 5:09 PM
Log File: 1a8a9536-21b9-11ea-b50d-00ff00fe27da.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.781
Update Package Version: 1.0.16384
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Deluge\deluge.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Fraud
Domain: trun.tom.ru
IP Address: 153.92.6.87
Port: 50194
Type: Outbound
File: C:\Program Files (x86)\Deluge\deluge.exe

(end)

I have also ran a FRST scan via this link; 

https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

 

Thanks.

Addition.txt FRST.txt Malwarethreatscan.txt

Link to post
Share on other sites

Hello  and :welcome:

It appears we are blocking the inbound websites (IP) and not the program

IP Address: 190.90.239.42

IP Address: 153.92.6.87

IP Address: 185.244.39.107

IP Address: 149.202.122.27

Edited by LDTate
Link to post
Share on other sites
  • 1 month later...

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.