Author Topic: WebShield randomly using MITM for Chrome?  (Read 1674 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
WebShield randomly using MITM for Chrome?
« on: April 15, 2017, 11:34:52 PM »
Hi

I've recently noticed (or rather, been made aware by Comodo's SSL verifier) that sometimes Avast will inject its own certificate into Google Chrome even though supposedly it is capable of doing all the necessary scans without doing so.

I've read that the MITM-esque injection is the normal behavior with certain systems and browsers, but I'm curious can it at all be considered 'normal' if it only happens sporadically?

Basically, most of the time after I boot up my computer I can access any website in Chrome and it will display its original certificate, and it will always do so until the next time I turn my PC off.
Then, sometimes, it will instead replace the certificate with its own "Avast WebShield/Email Shield" certificate, and it will continue doing so until I restart my machine.

I have tested it with IE, where it will always replace the certificate, so I don't think it's a case of WebShield not working entirely. Should I be worried about such random behavior, or is it likely to be a harmless?

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76035
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: WebShield randomly using MITM for Chrome?
« Reply #1 on: April 15, 2017, 11:37:37 PM »
- Which Avast..? (Free/Pro/IS/Premier)
- Which version..?
- OS..? (32/64 Bit..? - which SP/Build..?)
- Other security related software installed..?
- Which AV(s) did you use before Avast..?
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

REDACTED

  • Guest
Re: WebShield randomly using MITM for Chrome?
« Reply #2 on: April 15, 2017, 11:49:04 PM »
- Which Avast..? (Free/Pro/IS/Premier)
- Which version..?
- OS..? (32/64 Bit..? - which SP/Build..?)
- Other security related software installed..?
- Which AV(s) did you use before Avast..?

Avast Free Antivirus, version 17.3.2291 (build 17.3.3443.0)
Windows 7 Professional 64x SP 1
Other software: Comodo Firewall 10.0.1.6209, as well as their Internet Security Essentials program, version 1.1.413499.43
Aside from Avast AV and Comodo FW, I also have Malwarebytes installed though it is not usually running, I use it as a secondary scanner should I suspect an infection that neither Avast nor Comodo detect.

Apologies for not including these details in my initial message
« Last Edit: April 15, 2017, 11:51:20 PM by Mastadi »

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76035
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: WebShield randomly using MITM for Chrome?
« Reply #3 on: April 15, 2017, 11:52:18 PM »
First, be sure to get rid of all remnants of your prior installed AV(s)..!!
-> https://www.avast.com/faq.php?article=AVKB11#artTitle

Then:
1. Download Avast Free Antivirus: https://files.avast.com/iavs9x/avast_free_antivirus_setup_offline.exe
2. Follow instructions: https://www.avast.com/uninstall-utility (Run this tool for all prior installed Avast versions..!!)
3. Reinstall Avast with the downloaded installer from point 1.
4. Reboot.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0