Author Topic: Suspected malicious use of aswhook.dll by malware (Read 1933 times)

DP07 · « **on:** July 07, 2023, 10:44:15 AM »

I was analysing a suspected malware through procmon and I noted that it loaded aswhook.dll into image. From what I understand, aswhook.dll is used by Avast to provide powerful hooking functions for the Avast software to provide Avast with valuable information on the user's device so that it can detect malware

Is it possible for a malware to load aswhook.dll and use its functions for itself to hook the user's device and fish for information?

polonus · « **Reply #1 on:** July 07, 2023, 12:48:49 PM »

For an answer look here: https://howtodoninja.com/files/dll/aswhook/fix-aswhook-virus-malware-remove-missing/

polonus

DP07 · « **Reply #2 on:** July 07, 2023, 01:30:57 PM »

Hi Polonus,

I don't think that provides a very clear idea of what I am looking for. I know that aswhook.dll is a file by Avast and when used by Avast, it is not malware even though it provides Avast with powerful functions.

However, my query relates to the situation where an entity other than Avast that may use the .dll file. In that case, I would like to ask if it is possible for a malware to make use of such functions by Avast.

DavidR · « **Reply #3 on:** July 07, 2023, 06:55:16 PM »

Avast's files, locations, settings, etc. should all fall under the Avast Self Defence Module.

So I feel that would include misuse, of said files by an outside source.

That is my belief as an Avast User, not Avast Team member.

Author Topic: Suspected malicious use of aswhook.dll by malware (Read 1933 times)

DP07

Suspected malicious use of aswhook.dll by malware

polonus

Re: Suspected malicious use of aswhook.dll by malware

DP07

Re: Suspected malicious use of aswhook.dll by malware

DavidR

Re: Suspected malicious use of aswhook.dll by malware