Jump to content

FlipSkip

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by FlipSkip

  1. I heard back from PIA Support. They said that the IP address '212.102.52.87' is managed by Private Internet Access. Their additional instructions were as follows:
  2. -Website Data- Category: RiskWare Domain: IP Address: 212.102.52.87 Port: 0 (No malicious items detected) Type: Outbound File: C:\Program Files\Private Internet Access\pia-service.exe Why would Private Internet Access be trying to connect to a malware domain? Is this a false positive because if PIA was doing anything malicious, it would be all over social media by now.
  3. Thank you for the update. How do I identify which process or program is trying to contact this IP address from my system? When I do a system wide search for "Jujubox", nothing shows up. And full scans of my system both with Windows Defender and Malwarebytes find no threats.
  4. So, any idea about why MBytes is freaking out about these IP addresses? And from which processes they're originating from?
  5. Weird, looks like it uploaded anyway despite giving an upload failed error message.
  6. I can't uploaded the requested mbst-grab-results logs because the upload fails with a -200 error. mbst-grab-results.zip mbst-grab-results.zip mbst-grab-results.zip
  7. There are two IP addresses that Malwarebytes' RTP detection repeatedly blocks as either malware or trojan. 199.36.223.34 - Quebec, Canada; ISP: Total Server Solutions L.L.C. and Perfomive LLC (https://performive.com/) 212.102.52.87 - UK; ISP: Datacamp Ltd (https://datacamp.co.uk/) They are outbound either from the System (which is too vague to be helpful) or from Private Internet Access. The lack of details is frustrating, especially when compared to a product like Little Snitch on macOS which gives detailed information about the exact process and port number on both outbound and inbound IP addresses. detection_1.txt detection_2.txt detection_3.txt
  8. Ever since I installed the trial of Malwarebytes, it keeps flagging and blocking random IP addresses without identifying the source. How is this helpful? It doesn't tell me the location of the IP address or what app or browser plugin or process initiated the outgoing connection. In addition, Malwarebytes repeatedly blocks Private Internet Access IP address even when I'm not connected via VPN. What's going on there? Is this design by obscurity? How can I trust Malwarebytes when it gives me no option to verify what it's doing? And why would a legitimate VPN service like PIA with a long history of trust be considered a "trojan" or "riskware"? And here's another example: Malwarebytes keeps blocking one particular IP address (199.36.223.34). Great. So why is RTP detection blocking this? It claims it's malware and yet when I scan for malware with Malwarebytes or other apps, it finds none. So what is trying to phone home? Without this information, I can't troubleshoot or diagnose this. How is this helpful to the user?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.