Eset blocks suspicious URL

B

Bob22

New member
Local time
12:40 AM
Messages
12
I recently did a clean install of 8.1. About 3 or 4 times a day I receive a pop-up saying that ESET has blocked a risky URL. The url address is a very long nonsense letters and numbers and seems to change each time it is blocked. The IP address is the same every time. It is 208.48.162.204:80.

I have done numerous searches and can't seem to find what is causing this. I wonder if a program I have installed is trying to send info, or what could be causing this. Can anyone help me with this?
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD Phenom II X2 555
Motherboard
MSI 870-G54
Memory
16 GB DDR3
Graphics Card(s)
512 MB GeForce 8600GT
Monitor(s) Displays
Asus VW266H
Hard Drives
128 GB SSD
500 GB
1.5 TB
650 GB
PSU
550W
Cooling
stock - air

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self Built
OS
Win 10 Pro x64
CPU
Intel I5-2500K @3.3GHz
Motherboard
Asrock P67 Extreme4
Memory
16GB G.Skill Ripjaws X (4x4GB)
Graphics Card(s)
EVGA GeForce 750 Ti SC 2GB
Sound Card
ASUS Xonar DG 5.1 Channels 24-bit 96KHz PCI Interface Sound
Monitor(s) Displays
auria eq2367
Screen Resolution
1920 x 1080
Hard Drives
250GB Samsung 850 EVO SSD
1TB WD Blue
1TB Hitachi
PSU
SeaSonic X 650W 80 Plus Gold
Case
Corsair Obsidian 750D
Cooling
Corsair H60, Three 140mm case fans
Keyboard
Logitech Wireless Keyboard K520
Mouse
Logitech Wireless Mouse M310
Internet Speed
Wave Broadband ~ 100 dn 5 up
Antivirus
Windows Defender, Malwarebytes Premium
Browser
Edge, IE11, Chrome
Other Info
Laptop specs: HP g7-1365dx /
CPU: AMD A6-3420M APU with Radeon(tm) HD Graphics /
RAM: Crucial 8Gb (2x4Gb) /
SSD: Crucial M4-CT128M4SSD2 ATA Device/ FW 000F /
GFX: AMD Radeon HD 6520G /
OS: Windows 10 Pro x64
It is common for ESET to block dangerous or suspicious web sites. What web site are you trying to go to? You should be able to look at the ESET logs and see exactly what they blocked and maybe why. A who is search may be able to help you identify the web site, but the web site you listed is the first 11 numbers, it seems to me it was trying to connect to port 80, which would make me a little suspicious.
 

My Computers

System One System Two

  • Computer type
    PC/Desktop
    Computer Manufacturer/Model Number
    ALWAYS UNDER CONSTRUCTION
    OS
    Windows 11 Pro
    CPU
    Ryzen 9 5900X
    Motherboard
    Asus X570 Crosshair Viii Hero
    Memory
    32GB G Skill DDR4-3600
    Graphics Card(s)
    EVGA RTX 3080 FTW 3 Ultra
    Sound Card
    On Board/Sennheiser PC37X Headset
    Monitor(s) Displays
    3 X Asus 27"
    Screen Resolution
    2560x1440
    Hard Drives
    2 X 1 TB NVME drives
    PSU
    EVGA 850
    Case
    Phanteks Eclipse P400A
    Cooling
    EVGA 280 AIO
    Keyboard
    Logitech G510s/ Logitech G13
    Mouse
    Logitech G502
    Internet Speed
    24/1
    Antivirus
    ESET/MBAM Pro/SAS Pro
    Browser
    Chrome/ Firefox/ Edge
  • Computer type
    Laptop
    System Manufacturer/Model Number
    Dell 16 Plus
    OS
    Windows 11 Pro
    CPU
    Intel Ultra 9 288V
    Memory
    32 GB LPDDR5X 8533
    Monitor(s) Displays
    16" Mini-LED HDR600 Touch 90 Hz
    Screen Resolution
    2560X1600
    Hard Drives
    1 TB NVME
Suggest: Try adding the domains listed here to your hosts file:

https://www.virustotal.com/en/ip-address/208.48.162.204/information/

Also try opening an Elevated Command Prompt then type:

netstat -ano

Press Enter. See if the ip address shows up in the list and get the PID of the process. Look up the PID in task manager to see what proccess it is.

EDIT: Seems like you might have adware. If you like you can try running UAK. (Ultra Adware Killer)

Just run a scan but do not allow it to clean anything.

UAK 1.jpg

When the scan completes choose Menu > View Scan Log.

UAK 2.jpg

Upload the log. In the meantime inspect the results and whitelist anything that you know is safe and that you need to keep.

UAK Whitelist.jpg
 
Last edited:

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
You must log in or register to reply here.

Similar threads

Needed good antivir and firewall for WIN 7 PRO - in return ESET
Replies
4
Views
49K
flavallee
flavallee
Policy Enabled on your Computer that blocks NT 4.0 drivers
Replies
4
Views
9K
criminalist
C
Solved Win7 SYSEM (PID 4) ICMP towards Israeli IPs ?
Replies
2
Views
769
Alejandro85
A
Network Share - Unsharing Itself
Replies
1
Views
2K
torchwood
torchwood
Top new Microsoft Edge features designed to put your family first
Replies
0
Views
2K
Brink
Brink
Back
Top