Author Topic: malware using avast.exe (Read 733 times)

« **on:** June 23, 2012, 06:07:44 PM »

Hey everyone, had an account here before but can seem to remember user name.

Anyway, twice today while surfing, my malwarebytes blocked outgoing calls from avast.exe. I dont have any more info right now, ill add to this post as i get it.

« **Reply #1 on:** June 23, 2012, 06:28:17 PM »

Malwarebytes log

2012/06/22 00:56:41 -0400   CHRIS-PC   Chris   IP-BLOCK   222.186.49.240 (Type: outgoing, Port: 52921, Process: avastsvc.exe) (Type: outgoing, Port: 50079, Process: avastsvc.exe)
2012/06/22 21:34:32 -0400   CHRIS-PC   Chris   IP-BLOCK   94.100.23.90 (Type: outgoing, Port: 50103, Process: avastsvc.exe)
2012/06/23 10:30:16 -0400   CHRIS-PC   Chris   IP-BLOCK   89.248.174.55 (Type: outgoing, Port: 65136, Process: avastsvc.exe)

« **Reply #2 on:** June 23, 2012, 06:53:08 PM »

What you don't understand is how avast in itself works to protect your system. There is nothing using avast.exe (aside from your post doesn't even show avast.exe being used) the avastSvc.exe controls the avast scanners and in this case it is the Web Shield, localhost proxy through which http traffic is routed so that it can be scanned by the web shield.

So it is your browsing (via the web shield proxy) reaching out to an IP that MBAM considers malicious. This can be from links to content on another site that you happen to be browsing.

« **Reply #3 on:** June 23, 2012, 08:24:47 PM »

Okey-dokey

hadn't seen that before and thought it was strange

« **Reply #4 on:** June 23, 2012, 08:39:19 PM »

No problem.

News:

Author Topic: malware using avast.exe (Read 733 times)

reef-geeks

malware using avast.exe

reef-geeks

Re: malware using avast.exe

DavidR

Re: malware using avast.exe

reef-geeks

Re: malware using avast.exe

DavidR

Re: malware using avast.exe