system
1
Hello
I have real time anti malware protection running as well as Avast Anti Virus, my malware popped up a threat bubble today with the following information:-
83.222.109.20 (Type: outgoing, Port: 51357, Process: avastsvc.exe)
is this a real Avast server address that the avastsvc should be trying to connect to?
if so I can tell my malware to ignore it, if not I have a bigger problem
Best Regards and thanks for answering
Pondus
2
I have real time anti malware protection running as well as Avast Anti Virus,
i guess this is Malwarebytes?
in and outgoing requests from programs run true avast webshield, malwarebytes see it as it is avast … it is not
you are not the first to ask, many previous posts about this in the forum
Pondus
3
that ip seems to go to russia …
there is a name there, JoinGame Hosting … something you know?
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the “-B” flag.
% Information related to ‘83.222.109.0 - 83.222.109.255’
% Abuse contact for ‘83.222.109.0 - 83.222.109.255’ is ‘noc@mnogobyte.ru’
inetnum: 83.222.109.0 - 83.222.109.255
netname: JOINGAME
descr: JoinGame hosting
descr: Moscow, Russia
org: ORG-JGL2-RIPE
country: RU
admin-c: RSU1-RIPE
tech-c: RSU1-RIPE
status: ASSIGNED PA
mnt-by: MNT-MBNET
source: RIPE # Filtered
organisation: ORG-JGL2-RIPE
org-name: Join Game LLC
org-type: OTHER
address: Join Game
address: Leninskiy avenue 36
address: Moscow, Russia
admin-c: RSU1-RIPE
tech-c: RSU1-RIPE
mnt-ref: MNT-MBNET
mnt-by: MNT-MBNET
source: RIPE # Filtered
person: Roman S Usachev
address: Join Game
address: Leninskiy avenue 36
address: Moscow, Russia
phone: +74956422668
nic-hdl: RSU1-RIPE
mnt-by: MNT-MBNET
source: RIPE # Filtered
% Information related to ‘83.222.108.0/22AS42632’
route: 83.222.108.0/22
descr: MnogoByte backup route
descr: Moscow, Russia
origin: AS42632
mnt-by: MNT-MBNET
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.67.4 (WHOIS2)
Pondus
4
here is also something you may want to read about Malwarebytes IP block
Oh, the sites you will never see
http://blog.malwarebytes.org/development/2013/05/oh-the-sites-you-will-never-see/
system
5
thank you for this information, the warning bubbles started to appear when I started Battlefield 3 and tried joining a multiplayer server, I will keep an eye on which multiplayer server creates the errors
once again many thanks