While my Trezor was connected to my computer and Trezor Suite was open, MalwareBytes displayed a notification saying a Trezor suite file was attempting to connect to a suspicious IP address and was blocked. When I researched the IP address provided: [80.67.167.81] it shows up as high risk on the service maxmind.
Is this Trezor Suite for desktop or Trezor Suite for web? Try to disable Tor in Trezor suite and see if Malwarebytes likes that better. It’s possble a virus has infected your copy of Tor, but I think it’s more likely Malwarebytes is wrong. Try checking with other malware software and also do a virus scan of your PC.
Edit: I also get a warning in Bitdefend on that IP you posted. What site were you supposed to go to? Be careful and check the site’s address again. It may be a phishing site.
I use Trezor Suite desktop. In the settings, I see a different Tor address: 127.0.0.1:9050
I guess I’ll disable Tor, but at this point I am left with an uneasy feeling my computer is infected with something malicious. Starting to feel like Ted K.