KitM Posted January 3, 2020 ID:1353855 Share Posted January 3, 2020 MalBytes keeps giving me multiple "inbound" and "outbound" trojan notices usually in "bursts" only minutes apart. Two of the most recent: -------------------------------------------------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/20 Protection Event Time: 12:24 PM Log File: 514d7710-2e56-11ea-8896-000272c7c0d0.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.785 Update Package Version: 1.0.17183 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 176.113.161.71 Port: 49161 Type: Outbound File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (end) -------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/3/20 Protection Event Time: 12:20 PM Log File: c88c3dd1-2e55-11ea-8ea3-000272c7c0d0.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.785 Update Package Version: 1.0.17183 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: IP Address: 176.113.161.91 Port: 49161 Type: Inbound File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (end) ----------------------------------------------------------------------- I have quite a lot more if needed. Link to post Share on other sites More sharing options...
thisisu Posted January 3, 2020 ID:1353870 Share Posted January 3, 2020 Hello, The IP is housing Linux malware and that's why it is currently blocked. https://www.virustotal.com/gui/url/1b87e479ad8d3dfdc7055900c51d2dfbfc777e0ead1fcdbf61f7191d4d979b03/detection Feel free to attach the other logs so we can make sure there aren't any false positives. Thanks Link to post Share on other sites More sharing options...
KitM Posted January 3, 2020 Author ID:1353875 Share Posted January 3, 2020 Thanks for your quick reply. Actually, I've got quite a list of these "attempts". I've included a jpg of the most recent. Thanks again for your work. Kit Link to post Share on other sites More sharing options...
Staff Dashke Posted January 4, 2020 Staff ID:1353969 Share Posted January 4, 2020 What are you trying to download using FDM? Link to post Share on other sites More sharing options...
KitM Posted January 4, 2020 Author ID:1354014 Share Posted January 4, 2020 All of these attempts happen when the program is open yet unused. They happen when I'm doing nothing. They happen surreptitiously - or, rather, would happen that way without Malbytes notifications - with "fdm.exe" open in the background not being used. They do stop when fdm.exe is closed. Link to post Share on other sites More sharing options...
Staff Solution Dashke Posted January 6, 2020 Staff Solution ID:1354329 Share Posted January 6, 2020 I would recommend you trying out Internet Download Accelerator instead - https://www.softpedia.com/get/Internet/Download-Managers/Internet-Download-Accelerator.shtml Link to post Share on other sites More sharing options...
war357 Posted January 19, 2021 ID:1433157 Share Posted January 19, 2021 I am having the same issue, has any one found a solution ? Link to post Share on other sites More sharing options...
Recommended Posts