We had a major storm through here recently and we suffered damage to the house roof and ceilings. I just received the quote to repair. I’m hoping that a small fraction of the 80,000 odd people that download SDIO and/or Desktop Info every month won’t mind chipping in a few dollars to help out. Click on the big blue button at the bottom of the page to help us keep a roof over our heads, literally!
Guests have read-only access to our forums. If you wish to participate you will need to register. Be sure to activate your account from the email sent to you when you register.
Hello,
First time user, wanted to try your app as a DriversCloud alternative.
However when I started looking for drivers, I got notified by Malwarebytes regarding a trojan horse on several the IP your software is trying to access : 195.154.181.225, 145.239.252.205, 86.127.24271, 213.152.161.181, 213.152.161.118, 5.188.88.20, 38.97.60.173
Malwarebytes www.malwarebytes.com -Détails du journal- Date de l’événement de protection: 13/02/2025 Heure de l’événement de protection: 16:10 Fichier journal: a1a5e2c4-ea1c-11ef-b6af-b42e999ddb35.json -Informations du logiciel- Version: 5.2.5.158 Version de composants: 1.0.5135 Version de pack de mise à jour: 1.0.95832 Licence: Premium -Informations système- Système d’exploitation: Windows 11 (Build 26100.3194) Processeur: x64 Système de fichiers: NTFS Utilisateur: System -Détails du site Web bloqué- Site Web malveillant: 1 , J:\T\u00c3\u00a9l\u00c3\u00a9chargements\EmptyProfile\SDIO_1.14.0.777\SDIO_x64_R777.exe, Bloqué, -1, -1, 0.0.0, E4DA8F52456C1E9A833902CA5EE30FE5, 39D3CE8EA8079A06E24DD9EBCDD2990BEF0E9A3C358E86BE0A0FC7F50C895520 -Données du site Web- Catégorie: Trojan Domaine: Adresse IP: 195.154.181.225 Port: 31813 Type: En sortie Fichier: J:\T\u00c3\u00a9l\u00c3\u00a9chargements\EmptyProfile\SDIO_1.14.0.777\SDIO_x64_R777.exe (end)
Could you please explain / give more infos about that ?
Thanks
I presume you started the driver download in SDIO. This will start the torrent download. As you know, a torrent client can connect to many peers to download the required files. Exactly who these peers are is something we have no control over. Your AV may recognise one or more of these peers and block them. That's fine, it won't effect the overall functioning of the torrent download.
If you do a reverse lookup of the IP, you'll discover the host is 195-154-181-225.rev.poneytelecom.eu
Some quick searching will reveal that poneytelecom.eu has a rather dodgy reputation so MalwareBytes is doing it's job.
Hello and thank you very mucj for your answer.
I was not aware that the files were downloaded in P2P.
This indeed explains why some peers are flagged as not trustworthy
