Outbound connections from Capture One
My malwarebytes software has started to warn me about some outbound connections in then 10.2.0.74 build. Anybody else getting similar messages:
-Log Details-
Protection Event Date: 9/24/17
Protection Event Time: 12:53 PM
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
-Website Data-
Domain: 2f0aefe3fb994054b884b2a408e73967.monitor-eqatec.com
IP Address: 52.73.48.224
Port: [57283]
Type: Outbound
File: C:\Program Files\Phase One\Capture One 10\CaptureOne.exe
(end)
-Log Details-
Protection Event Date: 9/24/17
Protection Event Time: 12:53 PM
-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0
-Website Data-
Domain: 2f0aefe3fb994054b884b2a408e73967.monitor-eqatec.com
IP Address: 52.73.48.224
Port: [57283]
Type: Outbound
File: C:\Program Files\Phase One\Capture One 10\CaptureOne.exe
(end)
0
-
I only use Windows Defender so haven't noticed.
Seems to be an app telemetry engine to help developers understand in which platforms users are deploying the software. Thing which could be a good move to improve overall stability and user experience.
http://www.telerik.com/products/reporting.aspx0 -
These eqatec connections are nothing new, actually. They existed with v9 too. 0 -
[quote="John Doe" wrote:
These eqatec connections are nothing new, actually. They existed with v9 too.
Oh, not all that helpful then.0 -
Yes, I am also getting Malware Bytes blocking monitor.eqatec.com (IP 52.202.145.216) now too, upon upgrade to 10.2.0.74. The block message - Malicious Website - is happening every two minutes and I don't seem to be able to add an exclusion. What can be done to stop this annoying behavior? Is the website actually malicious?
I have to say, this kind of snooping just kills my confidence in software that I PAY FOR.
Just the kind of crap Adobe constantly is pulling.0 -
This snooping is easily avoided.
Go to your firewall and block C1 from connecting to internet.
If you want to check for updates from inside the program you will have to temporary unblock C1 during that operation.
Nothing else will be affected.0 -
Ok, but why is this even an issue? And is there malware on the site that is being blocked? Why did Malware Bytes start seeing this today?
Would very much like to hear directly from Phase One on this.0 -
I just started seeing this too. No likey. Please advise. 0 -
I have just sent the MBAM log file to MBAM. Wait and see... 0 -
The issue is not whether or not there is malware on the eqatec site; it's that Capture One is sending our data to it without our knowing - until Malware Bytes told us. 0 -
[quote="NNN635563989771853020" wrote:
The issue is not whether or not there is malware on the eqatec site; it's that Capture One is sending our data to it without our knowing - until Malware Bytes told us.
But MB, if you've configured it to do so, only blocks sites known (or thought) to be malicious. So why is MB flagging this site now when it never did before? Apparently the domain has been added to recent malware definition/data files. Whether this is a false positive or not is the question.0 -
[quote="Filthy Lucre" wrote:
[quote="NNN635563989771853020" wrote:
The issue is not whether or not there is malware on the eqatec site; it's that Capture One is sending our data to it without our knowing - until Malware Bytes told us.
But MB, if you've configured it to do so, only blocks sites known (or thought) to be malicious. So why is MB flagging this site now when it never did before? Apparently the domain has been added to recent malware definition/data files. Whether this is a false positive or not is the question.
Pay attention: Malwarebytes is just informing you of out-going data to eqatec from Capture One. As to why Malwarebytes has just started doing this, in my case the program had for some reason upgraded itself to a "premium" trial and started monitoring connexions.0 -
[quote="NNN635563989771853020" wrote:
Pay attention:
Yes professor. Thank you for sharing your wisdom.0 -
[quote="Filthy Lucre" wrote:
Apparently the domain has been added to recent malware definition/data files. Whether this is a false positive or not is the question.
The question is why is it listed and who did it, as far as I'm concerned it's a false accusation which leads to question the "authority" and reliability of MB.0 -
MBAM have sent me a message saying that they have fixed the problem. 0 -
[quote="Jean1" wrote:
MBAM have sent me a message saying that they have fixed the problem.
MalwareBytes is no longer blocking C1 after the latest update. However, this is not what I call "fixing the problem". The problem will be fixed by Phase One when I'll be able to decide whether these data transfers are allowed and when the description of what is transferred will be available.0
Post is closed for comments.
Comments
15 comments