search

Bill-Stewart / SyncthingWindowsSetup

Syncthing Windows Setup
Mozilla Public License 2.0
1.07k stars 44 forks source link

Connection blocked by malwarebytes as compromised and trojans #43

Closed iftekharhossainsifat closed 1 day ago

iftekharhossainsifat commented 1 day ago

4 ip addresses are blocked as compromised and trojans. These are 51.38.113.118, 195.18.23.81, 84.32.188.234 and 23.160.194.106. Details are given below:

  1. Malwarebytes

www.malwarebytes.com

-Log Details- Protection Event Date: 29-Sep-24 Protection Event Time: 8:30 PM Log File: 53af0dc0-7e6f-11ef-955b-d4939012defc.json

-Software Information- Version: 5.1.11.133 Components Version: 1.0.5048 Update Package Version: 1.0.89829 License: Trial

-System Information- OS: Windows 11 (Build 22631.4169) CPU: x64 File System: NTFS User: System

-Blocked Website Details- Malicious Website: 1 , C:\Program Files\Syncthing\syncthing.exe, Blocked, -1, -1, 0.0.0, 26F6E036AD270D4AFC3B24520CD72166, A179678546D793728D7C82F4A87AE9BC214A559C5204AF4BD78BE0F7C63F3F31

-Website Data- Category: Compromised Domain: IP Address: 51.38.113.118 Port: 22067 Type: Outbound File: C:\Program Files\Syncthing\syncthing.exe

(end)

  1. Malwarebytes

www.malwarebytes.com

-Log Details- Protection Event Date: 29-Sep-24 Protection Event Time: 8:30 PM Log File: 531207c8-7e6f-11ef-88f8-d4939012defc.json

-Blocked Website Details- Malicious Website: 1 , C:\Program Files\Syncthing\syncthing.exe, Blocked, -1, -1, 0.0.0, 26F6E036AD270D4AFC3B24520CD72166, A179678546D793728D7C82F4A87AE9BC214A559C5204AF4BD78BE0F7C63F3F31

-Website Data- Category: Trojan Domain: IP Address: 195.18.23.81 Port: 22067 Type: Outbound File: C:\Program Files\Syncthing\syncthing.exe

(end)

  1. Malwarebytes

www.malwarebytes.com

-Log Details- Protection Event Date: 29-Sep-24 Protection Event Time: 8:28 PM Log File: 23c8a2d8-7e6f-11ef-98d0-d4939012defc.json

-Blocked Website Details- Malicious Website: 1 , C:\Program Files\Syncthing\syncthing.exe, Blocked, -1, -1, 0.0.0, 26F6E036AD270D4AFC3B24520CD72166, A179678546D793728D7C82F4A87AE9BC214A559C5204AF4BD78BE0F7C63F3F31

-Website Data- Category: Trojan Domain: IP Address: 84.32.188.234 Port: 22067 Type: Outbound File: C:\Program Files\Syncthing\syncthing.exe

(end)

  1. Malwarebytes

www.malwarebytes.com

-Log Details- Protection Event Date: 29-Sep-24 Protection Event Time: 8:28 PM Log File: 22a9adde-7e6f-11ef-af1f-d4939012defc.json

**> -Blocked Website Details-

Malicious Website: 1 , C:\Program Files\Syncthing\syncthing.exe, Blocked, -1, -1, 0.0.0, 26F6E036AD270D4AFC3B24520CD72166, A179678546D793728D7C82F4A87AE9BC214A559C5204AF4BD78BE0F7C63F3F31

-Website Data- Category: Trojan Domain: IP Address: 23.160.194.106 Port: 22067 Type: Outbound File: C:\Program Files\Syncthing\syncthing.exe**

(end)

Bill-Stewart commented 1 day ago

None of this has anything to do with the Syncthing Windows Setup installer. You are talking about the behavior of Syncthing itself.