Author Topic: Issue with blocked outgoing connection (SOLVED)  (Read 9509 times)

0 Members and 1 Guest are viewing this topic.

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Issue with blocked outgoing connection (SOLVED)
« on: July 08, 2012, 06:08:27 PM »
Hello all, hopeful someone can offer some advice on a very recent issue. Never had this issue but yesterday I came home and have been seeing a specific blocked connection repeatedly popping up. I do not know of any changes or infections and before I left home all was fine, return home and this issue exists (computer left running while away). Specific details of the blocked URL:

Infection type: Mal
Process related is: Opera Browser x64
URL blocked is: http://hosting.x10hosting.com/?version=0.52&time=1341760574571&uuid=V0.52D1323475040265R26
Screenshot:

I use Avast Free (fully updated) and Malwarebytes even runs realtime.
OS is Windows 7 Ultimate x64 (fully updated)

If any other information is needed please let me know and thanks to all for taking the time to read and reply.
« Last Edit: July 09, 2012, 03:43:42 AM by TweakSS »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33992
  • malware fighter
Re: Issue with blocked outgoing connection
« Reply #1 on: July 08, 2012, 06:18:58 PM »
TweakSS,

Break that link, please. See: http://zulu.zscaler.com/submission/show/f237827150a3ee4a65aaa8096515afc3-1341763776
Might be an IP block because of IDS alert for: ET RBN Known Russian Business Network IP (292)
Some hidden adAC iframes from cdn.x10hosting dot com/ads/jscripts/emptyspace.js
Suspicious see: http://zulu.zscaler.com/submission/show/f2b6c5660a700faf807204ca5be3c3f6-1341764277

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Issue with blocked outgoing connection
« Reply #2 on: July 08, 2012, 06:31:44 PM »
Does this only occur in Opera ?

Download OTL  to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post both logs

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection
« Reply #3 on: July 08, 2012, 08:13:45 PM »
Attachment below, way too many posts required to "post both logs" although only a single log was created.
« Last Edit: July 08, 2012, 08:20:39 PM by TweakSS »

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection
« Reply #4 on: July 08, 2012, 08:17:49 PM »
Attachment below, way too many posts required to "post both logs" although only a single log was created.
« Last Edit: July 08, 2012, 08:20:26 PM by TweakSS »

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection
« Reply #5 on: July 08, 2012, 08:19:13 PM »
How about I just attach it for the sake of time, also to lessen the insane # of posts this will require? Thanks again for taking time to review things and assist.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Issue with blocked outgoing connection
« Reply #6 on: July 09, 2012, 12:21:06 AM »
Do you get the same alert in IE and or Firefox ?

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection
« Reply #7 on: July 09, 2012, 12:36:25 AM »
I do not use IE or Firefox, I only get this message, no other messages at all from anything, only via Avast. I do use SRWare Iron (Google Chrome variant) and the system works as expected, no different than any other time, just the annoying message periodically. I do not have to be actively using Opera for this to occur, I do however leave it open pretty much at all times. When using SRWare or watching a video file or doing any other activity on the computer the msg is always exactly the same, it only points to Opera and lists as MAL with the exact same URL, always as shown above. I'm not usually one to ask for support and am instead the one asked for support generally as has been the case for years but although I like and have used Avast for some time I do not make any claims to know of its functionality and so I am more than happy to request help from those that know more of it and can help to pinpoint why such an issue is occurring. Thanks again and I will gladly answer all that I can so any other questions or suggestions I welcome and appreciate.

alxs

  • Guest
Re: Issue with blocked outgoing connection
« Reply #8 on: July 09, 2012, 03:23:29 AM »
Hi, all!

I think I found out the reason for this nagging message: it is caused by an Opera extension called AdBlock.. it connects to the server to check for a new version, and it is that connection that Avast blocks.. its homepage is http://operaadblock.x10.mx/ (is blocked by Avast, too) and its latest version which i guess most people use is version 0.52 of August 2011 (that's what that ...version=0.52... means)... I guess its server is hosted on that x10hosting...

To get rid of the nag, you can:

1. remove or turn off AdBlock, or
2. just uncheck "Enable server options" on the Servers tab in its settings..

If any of you have time, you can also mail the author of that great extension, leomajko, at leomike29@gmail.com (in English or French, as per his request).. Maybe he could do something to address the problem..

Hope it helps...-)))


Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection
« Reply #9 on: July 09, 2012, 03:42:59 AM »
alxs this is actually great news and the funny part...my cell phone dinged to inform me I had a new email, at the same time I was reviewing outgoing connections to locate the exact moment the popup from Avast occurred  as it has JUST went off again and right as the phone dinged I found the exact same info! Scary how it worked out that way but I had just updated my extensions manually the night before and hadn't used the PC again till I got home and there was Avast yelling at me about Opera. I appreciate everyone that suggested things and I got lucky enough to have found the problem but all credit to alxs as I am very happy to have confirmation from another. Below is what I found for the record and this can be closed as I have edited to mark as solved, thanks again!!!


alxs

  • Guest
Re: Issue with blocked outgoing connection (SOLVED)
« Reply #10 on: July 09, 2012, 09:19:06 AM »
Everyone has his own way, lol... I go with trial and error, you peer through connection data..-))))
And the end result is the same..-))

By the way, to me the frequency that nagging message occured with (a few times an hour, probably) suggests turning off the server options for AdBlock would be a wise thing to do, anyway.. It queries its server too often for something that's not been updated for almost a year..
It works just fine, though, and traffic for that server requests must be minuscule, anyway..-)))))

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Issue with blocked outgoing connection (SOLVED)
« Reply #11 on: July 09, 2012, 04:07:27 PM »
Thank you for that I would never have considered adblock to be the source

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection (SOLVED)
« Reply #12 on: July 09, 2012, 07:14:20 PM »
Looking through the data to catch the offending process destination seemed the easiest but I wasn't certain if it wasn't some bug with Avast as it recently had a major update, appreciate the responses and I too got the popup several times an hour but have unchecked the server options and had no issue with this since, thanks again.

alxs

  • Guest
Re: Issue with blocked outgoing connection (SOLVED)
« Reply #13 on: July 10, 2012, 08:44:09 AM »
AdBlock version 0.54 is out.
"Fixed an Avast issue" is among the changes..-))
Bravo, leomajko!-)))

Offline TweakSS

  • Jr. Member
  • **
  • Posts: 20
Re: Issue with blocked outgoing connection (SOLVED)
« Reply #14 on: July 10, 2012, 09:41:38 AM »
I shot him an email and he replied stating "An update was sent and should be available shortly", didn't realize he meant that quickly!