Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: junsai on April 02, 2012, 05:45:43 AM
-
Well i have malwarebytes and it keeps blocking avastsvc from.. whatever this is. it happens very often about every two minutes.
It's way way way more than what I posted below.
2012/04/01 22:39:03 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54874, Process: avastsvc.exe)
2012/04/01 22:43:12 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54899, Process: avastsvc.exe)
2012/04/01 22:43:12 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54900, Process: avastsvc.exe)
2012/04/01 22:45:12 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54909, Process: avastsvc.exe)
2012/04/01 22:45:12 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54910, Process: avastsvc.exe)
2012/04/01 22:48:16 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54922, Process: avastsvc.exe)
2012/04/01 22:48:16 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54923, Process: avastsvc.exe)
2012/04/01 22:50:17 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54930, Process: avastsvc.exe)
2012/04/01 22:50:17 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54931, Process: avastsvc.exe)
2012/04/01 22:50:57 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54933, Process: avastsvc.exe)
2012/04/01 22:50:57 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54934, Process: avastsvc.exe)
2012/04/01 22:51:21 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54939, Process: avastsvc.exe)
2012/04/01 22:51:21 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54940, Process: avastsvc.exe)
2012/04/01 22:53:21 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54947, Process: avastsvc.exe)
2012/04/01 22:53:21 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54948, Process: avastsvc.exe)
2012/04/01 22:54:26 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54957, Process: avastsvc.exe)
2012/04/01 22:54:26 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54958, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54962, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54963, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54965, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54966, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54968, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54969, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54971, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54972, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54974, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54975, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54977, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54978, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54982, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54983, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54985, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54986, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54988, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54989, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54991, Process: avastsvc.exe)
2012/04/01 22:54:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 54992, Process: avastsvc.exe)
2012/04/01 22:56:35 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55147, Process: avastsvc.exe)
2012/04/01 22:56:35 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55148, Process: avastsvc.exe)
2012/04/01 22:57:39 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55173, Process: avastsvc.exe)
2012/04/01 22:57:39 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55174, Process: avastsvc.exe)
2012/04/01 23:00:43 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55184, Process: avastsvc.exe)
2012/04/01 23:00:44 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55185, Process: avastsvc.exe)
2012/04/01 23:01:08 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55187, Process: avastsvc.exe)
2012/04/01 23:01:08 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55188, Process: avastsvc.exe)
2012/04/01 23:03:48 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55202, Process: avastsvc.exe)
2012/04/01 23:03:48 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55203, Process: avastsvc.exe)
2012/04/01 23:05:49 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55211, Process: avastsvc.exe)
2012/04/01 23:05:49 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55212, Process: avastsvc.exe)
2012/04/01 23:07:50 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55245, Process: avastsvc.exe)
2012/04/01 23:07:50 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55246, Process: avastsvc.exe)
2012/04/01 23:14:08 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55364, Process: avastsvc.exe)
2012/04/01 23:14:08 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55365, Process: avastsvc.exe)
2012/04/01 23:16:08 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55382, Process: avastsvc.exe)
2012/04/01 23:16:08 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55383, Process: avastsvc.exe)
2012/04/01 23:20:17 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55400, Process: avastsvc.exe)
2012/04/01 23:20:17 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55401, Process: avastsvc.exe)
2012/04/01 23:22:25 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55409, Process: avastsvc.exe)
2012/04/01 23:22:25 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55410, Process: avastsvc.exe)
2012/04/01 23:23:21 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55414, Process: avastsvc.exe)
2012/04/01 23:23:21 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55415, Process: avastsvc.exe)
2012/04/01 23:24:25 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55418, Process: avastsvc.exe)
2012/04/01 23:24:25 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55419, Process: avastsvc.exe)
2012/04/01 23:28:35 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55440, Process: avastsvc.exe)
2012/04/01 23:28:35 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55441, Process: avastsvc.exe)
2012/04/01 23:30:35 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55449, Process: avastsvc.exe)
2012/04/01 23:30:35 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55450, Process: avastsvc.exe)
2012/04/01 23:32:45 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55521, Process: avastsvc.exe)
2012/04/01 23:32:45 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55522, Process: avastsvc.exe)
2012/04/01 23:33:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55529, Process: avastsvc.exe)
2012/04/01 23:33:42 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55530, Process: avastsvc.exe)
2012/04/01 23:34:46 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55533, Process: avastsvc.exe)
2012/04/01 23:34:46 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55534, Process: avastsvc.exe)
2012/04/01 23:38:48 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55637, Process: avastsvc.exe)
2012/04/01 23:38:48 -0400 COURTNEY-HP Courtney IP-BLOCK 111.111.111.111 (Type: outgoing, Port: 55638, Process: avastsvc.exe)
-
Something on your system is being blocked from connecting to here in Japan
inetnum: 111.96.0.0 - 111.111.255.255netname: KDDIdescr: KDDI CORPORATIONdescr: Garden Air Tower,3-10-10,Iidabashi,Chiyoda-ku,Tokyo,102-8460,Japancountry: JPadmin-c: JNIC1-APtech-c: JNIC1-APstatus: ALLOCATED PORTABLEremarks: Email address for spam or abuse complaints abuse@dion.ne.jpchanged: hm-changed@apnic.net 20090612changed: ip-apnic@nic.ad.jp 20090624mnt-by: MAINT-JPNICmnt-lower: MAINT-JPNICsource: APNIC role: Japan Network Information Centeraddress: Kokusai-Kougyou-Kanda Bldg 6F, 2-3-4 Uchi-Kandaaddress: Chiyoda-ku, Tokyo 101-0047, Japancountry: JPphone: +81-3-5297-2311fax-no: +81-3-5297-2312e-mail: hostmaster@nic.ad.jpadmin-c: JI13-APtech-c: JE53-APnic-hdl: JNIC1-APmnt-by: MAINT-JPNICchanged: hm-changed@apnic.net 20041222changed: hm-changed@apnic.net 20050324changed: ip-apnic@nic.ad.jp 20051027source: APNIC inetnum: 111.111.111.0 - 111.111.111.255netname: KDDI-NETdescr: KDDI CORPORATIONcountry: JPadmin-c: JP00000127tech-c: JP00000181remarks: This information has been partially mirrored by APNIC fromremarks: JPNIC. To obtain more specific information, please use theremarks: JPNIC WHOIS Gateway atremarks: orremarks: whois.nic.ad.jp for WHOIS client. (The WHOIS clientremarks: defaults to Japanese output, use the /e switch for Englishremarks: output)changed: apnic-ftp@nic.ad.jp 20091225source: JPNIC
-
idk what it could be but it must only happen when I have a certain site open. After closing all my browsers I havne't been getting those errors.
-
You'll just have to monitor which site your on when you start recieving the blocked notices, it could be something just as simple as an image on a page your viewing - could be a forum with a member from Japan who has a gif or jpeg included in there post or signiture ??? to get a better understanding of it you would be better asking on the Malwarebytes forum.
-
Hi folks,
That is/was a malicious IP, see: -http://malc0de.com/database/index.php?search=111.111.111.111&IP=on
Could have been a connection to a Zeus C&C,
The address for this service Process: pandoraservice.exe, not related to Pandora av but actually a hidden service that was installed
by the open source video viewer, KMPlayer,
was blocked by MBAM just because it was related to Zeus.
Probably the host has finally removed it, so MBAM is considering to remove the IP block,
link: http://forums.malwarebytes.org/index.php?showtopic=107952 quote info from MysteryFCM and BeechV35Pilot,
If you have that KMPlayer, then now you know where the culprit of the problem is, hope you solve it soon.
Then do a full MBAM scan,
polonus
-
kmplayer!! That's exactly it! I downloaded it a while ago but I never started getting those blocks until recently.
I did a scan last night with avast and malwarebytes and they found nothing. Also I haven't gotten any outgoing blocks since I closed chrome.
-
kmplayer!! That's exactly it! I downloaded it a while ago but I never started getting those blocks until recently.
I did a scan last night with avast and malwarebytes and they found nothing. Also I haven't gotten any outgoing blocks since I closed chrome.
That was a good find by polonus, best to uninstall KMPlayer imo if it is doing this.
A better player for you would be VLC Player, excellent program and plays everything http://www.videolan.org/