Jump to content


Photo

IP Blocked on outgoing - avastsvc.exe


  • Please log in to reply
7 replies to this topic

#1 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 15 February 2013 - 10:39 PM

2013/02/15 18:39:10 -0800 -PC MESSAGE Executing scheduled update: Daily
2013/02/15 18:39:11 -0800 -PC MESSAGE Database already up-to-date
2013/02/15 18:39:13 -0800 -PC MESSAGE Starting protection
2013/02/15 18:39:13 -0800 -PC MESSAGE Protection started successfully
2013/02/15 18:39:13 -0800 -PC MESSAGE Starting IP protection
2013/02/15 18:39:14 -0800 -PC MESSAGE IP Protection started successfully
2013/02/15 19:20:24 -0800 -PC IP-BLOCK 50.62.128.39 (Type: outgoing, Port: 52015, Process: avastsvc.exe)
2013/02/15 19:20:24 -0800 -PC IP-BLOCK 50.62.128.39 (Type: outgoing, Port: 52016, Process: avastsvc.exe)
------------------------------------------------------------------------------------------------------------------------------------------

Currently on my 14-day trial for MalwareBye Pro. I am planning to buy MalwareByte Pro. I wanted to see if Avast is compatible with MBP.(I've been told it is compatible. However I don't want to exclude either/or program at this time. In the serious rare event I get infected, Avast or MBP might be compromised.)

I'm still learning about what is what. Having spent a chunk of my time on google. What does IP-BLOCK 50.62.128.39 (Type: outgoing, Port: 52016, Process: avastsvc.exe) mean exactly?

Does it mean that ip was blocked (un-safe redirect)? or was Avast going to block it and MBP did it first.

#2 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 15 February 2013 - 10:47 PM

2013/02/15 19:45:48 -0800 -PC IP-BLOCK 50.62.128.121 (Type: outgoing, Port: 58295, Process: avastsvc.exe)
2013/02/15 19:45:48 -0800 -PC IP-BLOCK 50.62.128.121 (Type: outgoing, Port: 58296, Process: avastsvc.exe)

#3 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,236 posts
  • Gender:Male
  • Location:US

Posted 15 February 2013 - 11:00 PM

It means that something running on your computer is trying to access that IP but it's in our database of IP blocks. Due to how avast is a lower level antivirus driver it intercepts the call before we do so it shows the process as avast but that is not the cause.

Do you run some type of Peer2Peer software such as uTorrent or similar on the system or maybe even Skype?

If you're uncertain then its probably best that someone helps you to scan your system for a possible infection. If you like you can run the following scanner too and we'll take a peek and see if we can find anything obvious that might be causing the block.


Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.
  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#4 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 15 February 2013 - 11:25 PM

I'm currently not on skype. I was on
http://www.neobux.com/?rh=4D72576F6C666965
That is a site that pays you to click on advertisements. Could that be the issue?

Edited by AdvancedSetup, 16 February 2013 - 12:03 AM.
removed hyperlink


#5 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,236 posts
  • Gender:Male
  • Location:US

Posted 16 February 2013 - 12:06 AM

Not the site directly but possibly from that sort of Web behavior as much of that type of marketing will get you infected sooner or later it's just a matter of time.

Going directly to that site does not get a block for me from MBAM and that is not their listed IP. I show it as: 194.28.158.156

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into this if you're concerned.

Thanks




Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#6 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 16 February 2013 - 12:17 AM

Well the actual site is clean. They host outside links that people pay to place onto their site. It's possible some of the outside links are infected. I'm doing this, not for profit or for revenue. I'm clicking and re-investing all the money back into NeoBux. At the end of each year. I give all proceed to a friend in need or in financial trouble. It's not something I can stop.. Although, I did figure not all of the links were clean.

#7 Newb

Newb

    New Member

  • Members
  • Pip
  • 12 posts
  • Gender:Male

Posted 16 February 2013 - 12:24 AM

I will take into account of what you said. As you are more knowledgeable than me in this area. Maybe I should move onto a safer alternative. Such as surveys.

#8 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,236 posts
  • Gender:Male
  • Location:US

Posted 16 February 2013 - 02:44 AM

It's up to you but if you do want to participate in this you might want to consider using a Virtual Machine that you can create SnapShots on and if the box does get infected you can easily restore it back to a point in time when it was clean.

Oracle VM VirtualBox

Best wishes and if you do need further assistance please let us know.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users