MBAM

Doing the trial of paid version, why when blocks a site, it says the port and process avastsvc.exe or something like that?

Because the Web Shield filters http traffic through its localhost proxy so that it can scan content, the avastsvc.exe is the process that controls all shields, which is why you see it mentioned.

thanks

No problem.

I also get it…

//
16:03:58 INTEL IP-BLOCK 115.84.178.208 (Type: outgoing, Port: 49265, Process: avastsvc.exe)
16:03:58 INTEL IP-BLOCK 115.84.178.208 (Type: outgoing, Port: 49266, Process: avastsvc.exe)
16:05:51 INTEL IP-BLOCK 115.84.178.208 (Type: outgoing, Port: 49324, Process: avastsvc.exe)
16:05:51 INTEL IP-BLOCK 115.84.178.208 (Type: outgoing, Port: 49325, Process: avastsvc.exe)
//

is it means MBAM blocks something that Avast! can’t…?

It appears MBAM has blocked access to this IP address, which it must consider suspect.

Either avast network shield/web shield didn’t identify it as anything of concern, or possibly mbam got in first.

Not able to get much info on that ip address 115.84.178.208 other than it’s in vietnam, “whois” claims it to be unregistered and unknown, best to report the issue to the malwarebytes forum for them to check for you.

Thanks mag & craigb…,

I have just posted about this in the mbam forum and waiting for their reply…

This is what AIS states

malwarebytes uses website blocking lists from hphosts among others and that ip address has sites that serve malware resolving to it apparently…
http://hosts-file.net/default.asp?s=115.84.178.208