Jump to content

Thunderbird with trojan to 93.184.220.29 outgoing connection on port 80 ?


Go to solution Solved by Zynthesist,

Recommended Posts

Hi all!

today, for first time I've got a message from real-time protection when opening thunderbird. Earlier this day there wasn't such a message; I used thunderbird several times this day. So I'm worried about this message:

I checked at https://www.abuseipdb.com/check/93.184.220.29 and there seem to be several users who got this message; is this a false-positive or an actual infection?

How can I proceed and what should I do?

(please note; logs in german language; I tried to translate some information here)

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Datum des Schutzereignisses: 02.04.21
Uhrzeit des Schutzereignisses: 17:43 (5:43 pm) CEST)
Protokolldatei: 3c4d73da-93ca-11eb-b3f7-507b9db9d494.json

-Softwaredaten-
Version: 4.3.0.98
Komponentenversion: 1.0.1236
Version des Aktualisierungspakets: 1.0.39012
Lizenz: Premium

-Systemdaten-
OS: Windows 10 (Build 19042.906)
CPU: x64
Filesystem: NTFS
User: System

-Details for blocked Websites-
malicious Website: 1
, C:\Program Files\Mozilla Thunderbird\thunderbird.exe, Blockiert, -1, -1, 0.0.0, , 

-Website-Daten-
Kategorie: Trojaner
Domäne: 
IP-Adresse: 93.184.220.29
Port: 80
Typ: outgoing
file: C:\Program Files\Mozilla Thunderbird\thunderbird.exe
 

 

first_log_thunderbird.txt second_log_thunderbird.txt

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.