Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Eset blocks suspicious URL

18 Jun 2016   #1
Bob22

Windows 7 Ultimate x64
 
 
Eset blocks suspicious URL

I recently did a clean install of 8.1. About 3 or 4 times a day I receive a pop-up saying that ESET has blocked a risky URL. The url address is a very long nonsense letters and numbers and seems to change each time it is blocked. The IP address is the same every time. It is 208.48.162.204:80.

I have done numerous searches and can't seem to find what is causing this. I wonder if a program I have installed is trying to send info, or what could be causing this. Can anyone help me with this?


My System SpecsSystem Spec
.
18 Jun 2016   #2
derekimo

Microsoft Community Contributor Award Recipient

 
 

That IP address comes up as invalid with the 80 at the end.

Eset blocks suspicious URL-2016-06-18_19h11_51.png

Which appear to be servers in Delaware, but the company is French.

PROceau | Hébergement haute disponibilité de services à forte valeur ajoutée.

Not much to go on there either except they appear to be enterprise network services.

Maybe someone else with more savvy network skills can drum up more info for you.


My System SpecsSystem Spec
18 Jun 2016   #3
essenbe

Windows 7 Enterprise X64/Windows 10 Enterprise X64/Windows 10 Pro X64/Linux Mint
 
 

It is common for ESET to block dangerous or suspicious web sites. What web site are you trying to go to? You should be able to look at the ESET logs and see exactly what they blocked and maybe why. A who is search may be able to help you identify the web site, but the web site you listed is the first 11 numbers, it seems to me it was trying to connect to port 80, which would make me a little suspicious.
My System SpecsSystem Spec
.

19 Jun 2016   #4
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Suggest: Try adding the domains listed here to your hosts file:

https://www.virustotal.com/en/ip-add...4/information/

Also try opening an Elevated Command Prompt then type:

netstat -ano

Press Enter. See if the ip address shows up in the list and get the PID of the process. Look up the PID in task manager to see what proccess it is.

EDIT: Seems like you might have adware. If you like you can try running UAK. (Ultra Adware Killer)

Just run a scan but do not allow it to clean anything.
Eset blocks suspicious URL-uak-1.jpg
When the scan completes choose Menu > View Scan Log.
Eset blocks suspicious URL-uak-2.jpg
Upload the log. In the meantime inspect the results and whitelist anything that you know is safe and that you need to keep.
Eset blocks suspicious URL-uak-whitelist.jpg


My System SpecsSystem Spec
Reply

 Eset blocks suspicious URL




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Suspicious IE pop-up message
When I tried to open a link from a Google search I got this pop-up message (see attachment). It seems the original link was broken and instead of showing a 404 message the link was hijacked and redirected to I tried to close it by clicking the Windows button but that opened another...
System Security
Two suspicious processes
I tried googling them with no results. A log of my whole startup is included as an attachment. The two suspicious processes are: Yes HKLM:Run x0ux9jD C:\Users\Gummi\AppData\Local\Temp\UmVQd.exe and Yes HKCU:Run ykfXkcM C:\Users\Gummi\AppData\Local\Temp\UmVQd.exe
System Security
Suspicious file
OK. I need help. There is an unknown file on the desktop which wont go. If I delete, it comes back if I refresh the desktop. When I right click on this file, there are only 3 options: Cut, Create Shortcut and Delete. I have scanned my computer with Hitman Pro, MBAM, Windows Defender and...
System Security
Should I get suspicious?
:sarc: I'm getting this every once in a while in Resource Monitor - Network . It happens a little while after I open an IE window. Open the image and you'll understand what I mean. Is this normal???
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:20.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App