Caravaggio

CLOSED Doubts about a certain connection

Recommended Posts

Hello Emsisoft!:

 

 

Just have a doubt in mind about a program, JDownloader. Today when i added a link from relink.us on JDownloader, to download a movie posted in a forum, a warning from Jdownloader appeared saying it was a calling for a Flash connection, turned off that, i do not remember click and load did that in the past. I canceled that link in JD, but in Online Armor Premium an OUT TCP connection was pointing to 127.0.0.1:9666 > rts.sparkstudios.com , i closed that connection and the HIPS from OA dissapeared. Then turned on again HIPS , and when restarted Jdownloader, there was again an IN TCP connection from 127.0.0.1: 9666.

 

The next time i started JD the program did an update ( to their official site ) , and now if i restart JD that connection doesnt appear anymore.

 

I checked that link from relink.us in VirusTotal and it doesnt show up as a malware, neither where it redirects. I have Java last version as well as Flash. I scanned with EAM, nothing appeared. Should i be worried anyway or is that normal?.

 

Thank you!

 

Zulu

 

;)

Share this post


Link to post
Share on other sites

127.0.0.1 is an address that always points to the computer the software is running on (the alias for this is 'localhost').

rts.sparkstudios.com has a poor rating on Web Of Trust, mostly for spam but some have rated it for malware as well. It is not listed in hpHosts, VXVault, or Malware Domain List.

Share this post


Link to post
Share on other sites

Hi GT500:

 

Thank you for the answer. I´ve seen a topic related to my question on this link http://support.emsisoft.com/topic/12088-whats-up-with-rtssparkstudioscom/?hl=rts.sparkstudios.com . 

 

Possibly that connection was blocked from JD itself, as Flash was disable. Just using JDownloader from time to time, usually to download a youtube video. Wondering if a vulnerability in Java can be used from this hidden link services sites, or whatever im not an expert.  

 

See ya!

Zulu

Share this post


Link to post
Share on other sites

Websites trying to exploit Java expect it to be running as a plugin in your browser, and they run a Java program called an Applet in your web browser that attempts to exploit vulnerabilities in the Java Sandbox (the security features in the Java Virtual Machine that prevent Applets from making changes to your computer). I doubt that a download that you are running through JDownloading could expose you to a Java exploit, unless you were on a webpage that had a malicious Java Applet on it.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.