« previous next »
Pages: [1]   Go Down

Author Topic: ashmaisv connecting out to strange address  (Read 3263 times)

0 Members and 1 Guest are viewing this topic.

BlankaM

  • Guest
ashmaisv connecting out to strange address
« on: February 01, 2005, 05:23:35 PM »
Was getting an alarming number of timeouts this morning where ashmaisv was trying to connect out to a certain address that I didn't recognise.

After seeing that my firewall was timing out with it I went to check to see the address of it.

After deleting my default email rule so that Kerio would prompt me with it I get this:

"'avast! e-Mail Scanner Service' from your computer wants to connect to adsl-213-249-185-149.karoo.KCOM.COM [213.249.185.149], port 110"

I've made up a series of rules specifically allowing Kerio to connect to my ISPs mails servers so nobody else is getting in or out but I really want to know why avast would try to connect out to someone I don't know... Email scanning is still working properly...

Any ideas? This is bugging me because I'm worried it's some infection, despite me running avast! in all it's forms, PGLite, Kerio Personal Firewall 2.1.5, K9 Spam killer and running Spyware checks all the time.

My two email accounts are from pipex.com and global internet (globalnet.co.uk)

I don't get how something could've come in...

 ??? ???
« Last Edit: February 01, 2005, 05:38:39 PM by BlankaM »
Logged

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: ashmaisv connecting out to strange address
« Reply #1 on: February 01, 2005, 10:19:09 PM »
The address it tries to connect to is a dynamic address pool for ADSL users. Could be your provider is using them.

Avast only connects to the mail provider(s) you specify.

If you are sure this isn't right, you got malware on your system.
Logged

Offline vojtech

  • Avast team
  • Advanced Poster
  • *
  • Posts: 939
    • ALWIL Software
Re: ashmaisv connecting out to strange address
« Reply #2 on: February 02, 2005, 09:55:21 AM »
The mail scanner intercepts all outgoing connections to mail ports (25, 110 and 143) and creates its own connections to the same address. It means that some program running on your computer established a connection to the address that you see in the firewall. You can check what process has a connection with the mail scanner (ashMaiSv.exe) in the firewall status window when you see the timeout message to find out the original program.
Logged

Offline lukor

  • Administrator
  • Super Poster
  • ***
  • Posts: 1884
    • AVAST Software
Re: ashmaisv connecting out to strange address
« Reply #3 on: February 02, 2005, 12:19:24 PM »
Yes, as explained by Vojtech and Eddy, mail scanner does NOT initiates connections to any server on it's own. It simply forwards connections initiated by some other software running on you PC. You should be aware, that some unwanted mail connections may be even initiated by viruses or trojan horses - so perhaps it's a good idea to scan your harddrives.

Lukas.
Logged
Pages: [1]   Go Up
« previous next »