protea1 Posted March 21, 2019 Share Posted March 21, 2019 Malwarebytes http://www.malwarebytes.com -Log Details- Protection Event Date: 3/21/19 Protection Event Time: 9:50 AM Log File: 07def774-4bae-11e9-9826-d43d7e3865f8.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.538 Update Package Version: 1.0.9776 License: Premium -System Information- OS: Windows 8.1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Trojan Domain: IP Address: 203.150.19.63 Port: [6881] Type: Outbound File: C:\Program Files\Eagle Dynamics\DCS World OpenBeta\bin\DCS_updater.exe AND WHEN CHECKING UP........??????? (end) Whois IP 203.150.19.63 Updated 1 second ago % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '203.150.0.0 - 203.150.127.255' % Abuse contact for '203.150.0.0 - 203.150.127.255' is 'email@inet.co.th' inetnum: 203.150.0.0 - 203.150.127.255 netname: INET-TH descr: Internet Thailand Company country: TH org: ORG-ITCL3-AP admin-c: INR1-AP tech-c: INR1-AP mnt-by: APNIC-HM mnt-lower: MAINT-TH-INET mnt-irt: IRT-INET-TH status: ALLOCATED PORTABLE last-modified: 2018-03-29T12:52:32Z source: APNIC irt: IRT-INET-TH address: Internet Thailand Public Company Limited address: 1768 Thai Summit Tower, 10th -12th Floor and IT Floor address: New Petchburi Road, Khwaeng Bang Kapi, address: Khet Huay Khwang, Bangkok 10310 Thailand e-mail: email@inet.co.th abuse-mailbox: email@inet.co.th admin-c: TY1494-AP tech-c: HN192-AP auth: # Filtered mnt-by: MAINT-TH-INET last-modified: 2017-09-29T06:07:54Z source: APNIC organisation: ORG-ITCL3-AP org-name: Internet Thailand Company Ltd. country: TH address: 1768 IFCT Tower, 10th-12th FL address: IT Floor New Petchburi Road address: Khwaeng Bang Kapi address: Khet Huay Khwang phone: +662-257-7000 fax-no: +662-257-7222 e-mail: email@inet.co.th mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2018-03-28T12:55:03Z source: APNIC role: INET NOC ROLE address: 1768 Thai Summit Tower, New Petchburi Road address: Khet Huay Khwang, Bangkok address: Thailand 10310 country: TH phone: +662 02 2577000 fax-no: +662 02 2577275 e-mail: email@inet.co.th remarks: send spam and abuse reports to email@inet.co.th admin-c: CN7-AP tech-c: AP224-AP tech-c: HN192-AP tech-c: NL276-AP nic-hdl: INR1-AP remarks: http://www.inet.co.th notify: email@inet.co.th mnt-by: MAINT-TH-INET last-modified: 2015-12-15T04:15:05Z source: APNIC % This query was served by the APNIC Whois Service version 1.88.15-46 (WHOIS-US3) AMD FX-8350 PALLIT GeForce GTX 1080 [ NVIDIA] CRUCIAL MX500 1TB SDD DELL P4317Q 43" TRACK IR Thrustmaster Hotas Warthog Viacom VoiceAttack [sIGPIC][/sIGPIC] Link to comment Share on other sites More sharing options...
protea1 Posted March 21, 2019 Author Share Posted March 21, 2019 ANY IDEAS? AMD FX-8350 PALLIT GeForce GTX 1080 [ NVIDIA] CRUCIAL MX500 1TB SDD DELL P4317Q 43" TRACK IR Thrustmaster Hotas Warthog Viacom VoiceAttack [sIGPIC][/sIGPIC] Link to comment Share on other sites More sharing options...
tintifaxl Posted March 21, 2019 Share Posted March 21, 2019 The updater uses peer2peer distribution. So all people currently downloading the update upload the already downloaded parts to others. You can read about it here: https://en.wikipedia.org/wiki/Peer-to-peer As you were uploading to the alerted IP, you should be safe. Windows 10 64bit, Intel i9-9900@5Ghz, 32 Gig RAM, MSI RTX 3080 TI, 2 TB SSD, 43" 2160p@1440p monitor. Link to comment Share on other sites More sharing options...
protea1 Posted March 21, 2019 Author Share Posted March 21, 2019 Thnks that all i wanted to hear but fyi have NEVER seen that before ever! b well and cheers! AMD FX-8350 PALLIT GeForce GTX 1080 [ NVIDIA] CRUCIAL MX500 1TB SDD DELL P4317Q 43" TRACK IR Thrustmaster Hotas Warthog Viacom VoiceAttack [sIGPIC][/sIGPIC] Link to comment Share on other sites More sharing options...
Tailhook Posted March 22, 2019 Share Posted March 22, 2019 I get Malwarebytes warnings while running torrents all the time, including while updating DCS. While I'm glad the connections are being blocked, it may just be a false positive. Intel i9-13900K : ASUS TUF RTX 4080 : 32GB G.Skill RipjawsV 4000 : TM HOTAS Warthog : HP Reverb G2 Link to comment Share on other sites More sharing options...
SkateZilla Posted March 25, 2019 Share Posted March 25, 2019 Blocking the connections would make torrent updating sloooow Windows 10 Pro, Ryzen 2700X @ 4.6Ghz, 32GB DDR4-3200 GSkill (F4-3200C16D-16GTZR x2), ASRock X470 Taichi Ultimate, XFX RX6800XT Merc 310 (RX-68XTALFD9) 3x ASUS VS248HP + Oculus HMD, Thrustmaster Warthog HOTAS + MFDs Link to comment Share on other sites More sharing options...
Recommended Posts