Author Topic: Unwanted Avast DNS traffic [update 2021]  (Read 1485 times)

0 Members and 1 Guest are viewing this topic.

Offline Dohn Joe

  • Newbie
  • *
  • Posts: 3
Unwanted Avast DNS traffic [update 2021]
« on: April 09, 2021, 06:22:51 PM »
Hello everyone,

this is a follow-up to an older thread: https://forum.avast.com/index.php?topic=184959.0

I use Avast Free Antivirus 21.2.2455 (compilation 212.6096.651) without SecureDNS, WebShield etc. installed, and I can see a lot of traffic coming out of my network to a weird set of DNS servers. Sample traffic:

Source           Destination      Prot.    Length    Info
192.168.1.101    37.120.144.66    DNS      81        Standard query 0xd357 TXT 2.sEcuRedns.AvaST.COm
37.120.144.66    192.168.1.101    DNS      218       Standard query response 0xd357 TXT 2.sEcuRedns.AvaST.COm TXT
192.168.1.101    37.120.144.66    DNS      160       Unknown operation (13) response 0x5de9 Unknown error (15)[Malformed Packet]
37.120.144.66    192.168.1.101    DNS      405       Unknown operation (12) 0x7236[Malformed Packet]
192.168.1.101    37.120.144.66    DNS      81        Standard query 0x06ee TXT 2.sECUrEdns.avASt.Com
192.168.1.101    156.146.38.142   DNS      81        Standard query 0x49d1 TXT 2.SEcUREdnS.AvAst.com
192.168.1.101    84.17.55.14      DNS      81        Standard query 0x3989 TXT 2.SeCUReDNS.AVASt.cOM
37.120.144.66    192.168.1.101    DNS      218       Standard query response 0x06ee TXT 2.sECUrEdns.avASt.Com TXT
84.17.55.14      192.168.1.101    DNS      218       Standard query response 0x3989 TXT 2.SeCUReDNS.AVASt.cOM TXT
192.168.1.101    37.120.144.66    DNS      160       Unknown operation (13) response 0x5de9 Unknown error (15)[Malformed Packet]
192.168.1.101    84.17.55.14      DNS      160       Unknown operation (11) response 0x5566 RRset does not exist[Malformed Packet]
37.120.144.66    192.168.1.101    DNS      346       Unknown operation (12) 0x7236[Malformed Packet]
84.17.55.14      192.168.1.101    DNS      218       Unknown operation (12) 0x7236[Malformed Packet]
156.146.38.142   192.168.1.101    DNS      218       Standard query response 0x49d1 TXT 2.SEcUREdnS.AvAst.com TXT
192.168.1.101    156.146.38.142   DNS      160       Unknown operation (9) 0x1caf[Malformed Packet]
156.146.38.142   192.168.1.101    DNS      346       Unknown operation (12) 0x7236[Malformed Packet]
192.168.1.101    37.120.144.66    DNS      81        Standard query 0xcaeb TXT 2.seCurEDNS.avAST.com
37.120.144.66    192.168.1.101    DNS      218       Standard query response 0xcaeb TXT 2.seCurEDNS.avAST.com TXT
192.168.1.101    37.120.144.66    DNS      160       Unknown operation (13) response 0x5de9 Unknown error (15)[Malformed Packet]
37.120.144.66    192.168.1.101    DNS      346       Unknown operation (12) 0x7236[Malformed Packet]
192.168.1.101    37.120.144.66    DNS      81        Standard query 0x4615 TXT 2.SeCUREdNs.aVAsT.com


On the contrary to the last post in the old thread I don't think that's "useful" at all and therefore I would like to:

1) know how to permanently disable the DNS flood traffic on the program level or
2) obtain a full list with the IP range blocks which Avast talks to so then I would block them on my network devices. Whenever I block a single IP address, new ones appear later in the traffic.

Thanks
KR

« Last Edit: April 12, 2021, 10:03:14 PM by Dohn Joe »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Unwanted Avast DNS traffic [update 2021]
« Reply #1 on: April 10, 2021, 09:25:07 AM »
Hi, are you running ASL and/or ASB..?
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Dohn Joe

  • Newbie
  • *
  • Posts: 3
Re: Unwanted Avast DNS traffic [update 2021]
« Reply #2 on: April 12, 2021, 10:01:29 PM »
Hello,

no, I don't use the browser nor the vpn.

KR

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Unwanted Avast DNS traffic [update 2021]
« Reply #3 on: April 13, 2021, 09:03:34 AM »
Beats me, wait for one of the devs...
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Dohn Joe

  • Newbie
  • *
  • Posts: 3
Re: Unwanted Avast DNS traffic [update 2021]
« Reply #4 on: April 23, 2021, 06:41:05 PM »
Has any dev already taken a look?