Jump to content

Frequent "blocked access to malicious IP: 81.169.145.87" pop-up messages


bob_va
 Share

Recommended Posts

Any input on this would be greatly appreciated. When these annoying messages pop up, I am not even browsing -- Internet Explorer is ot even open. Any suggestions would be welcomed. Thanks . . .

Message:

Malwarebyte's Anti-Malware has successfully blocked access to malicious IP: 81.169.145.87

Link to post
Share on other sites

This IP is on the Strato IP range, which currently houses 130 malicious domains;

http://hosts-file.net/?s=81.169.145.87

If tthis is occuring even when not browsing, I'd suggest checking for any P2P programs, and getting your computer checked for malware.

Link to post
Share on other sites

  • 3 weeks later...
This IP is on the Strato IP range, which currently houses 130 malicious domains;

http://hosts-file.net/?s=81.169.145.87

If tthis is occuring even when not browsing, I'd suggest checking for any P2P programs, and getting your computer checked for malware.

I have the same problem. I'm confused by your answer. What do you mean "check for P2P programs"? I use a P2P so what do I do. If I turn off the program I still get the alerts. Shouldn't I report these ips? Also, what does "get your computer checked"? Get it checked by who and what do they do about malware? I thought this is why I bought Malwarebytes in the first place.

Thanks.

Link to post
Share on other sites

What do you mean "check for P2P programs"? I use a P2P so what do I do. If I turn off the program I still get the alerts.

Closing the P2P program doesn't stop the connection attempts, it simply means those attempts won't result in any actual connections to the P2P program. The ports are still open, so the alerts would continue if it were the P2P program to blame (you can use a program such as Wireshark to confirm this).

Shouldn't I report these ips? Also, what does "get your computer checked"? Get it checked by who and what do they do about malware?

http://www.malwarebytes.org/forums/index.php?showtopic=9573

Link to post
Share on other sites

Closing the P2P program doesn't stop the connection attempts, it simply means those attempts won't result in any actual connections to the P2P program. The ports are still open, so the alerts would continue if it were the P2P program to blame (you can use a program such as Wireshark to confirm this).

http://www.malwarebytes.org/forums/index.php?showtopic=9573

It would be helpful if the report gave information on:

the direction of the attempt (in or out)

the source/destination port

the process that is using the port

I am currently getting similar reports, but my router has no ports being forwarded. So, it must be an outgoing attempt. The addresses are suspicious, but I have no idea which process is involved without port information.

Are these addresses and other related information logged anywhere in the system?

Jack

Link to post
Share on other sites

Sadly not, no. The API's used for this, do not provide this information on 2000/XP systems, only Vista and above (I don't know if this will be included in a future update for these platforms).

I'd advise using a firewall if you aren't already, as this will provide the information you require, to track which program is connecting to the IP's, and why.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.