Hello,
Today, I opened my mails on firefox (via a zimbra webmail) and a popup from avast told me to have detected an exploit on firefox. I was reading an email without an image and without having clicked on a link or an attachment (this email did not have any attachments by the way)
Before I had time to write down the code (I could only write down MO97: but not the rest after the colon), the popup disappeared and avast crashed. The avast icon on the system tray disappeared. It then started to reappear for a few seconds before disappearing again and doing this over and over.
It was impossible to open the avast interface. However, I noticed in the task manager that some of the avast tasks were still active.
A few minutes later, firefox stopped responding.
A quick scan of malwerbyte found nothing. I then restarted my computer.
It took longer than usual to restart but once done, the avast problems were solved. The icon in the system tray was present and it was possible to open avast.
But once avast was opened, the detection of the exploit did not appear in the detection history.
I recovered the "detections" log of avast, and here is the part dated today:
[2022-04-26 09:09:38.909] [info ] [manager ] [ 8012: 7640] [9EDA99: 20] initialize | Initializing detection manager with product id 'av'
[2022-04-26 09:10:14.694] [info ] [cli_logic ] [ 8012: 9224] [2C2E9D: 147] handle_rootkit_detection
[2022-04-26 09:10:14.694] [info ] [cli_logic ] [ 8012: 9224] [2C2E9D: 147] Detection request | show and wait for user choice | Id: antirootkitDetection_1040af5f899ae5087154ff6e6eb991921d4fbd00fe1eae6f5d2559a6c87bd95e, Type: antirootkitDetection, wnd: null
[2022-04-26 09:10:14.694] [info ] [manager ] [ 8012: 9224] [9EDA99: 63] get_detection | Checking if detection with ID 'antirootkitDetection_1040af5f899ae5087154ff6e6eb991921d4fbd00fe1eae6f5d2559a6c87bd95e' already exists
[2022-04-26 09:10:14.694] [info ] [manager ] [ 8012: 9224] [9EDA99: 73] get_detection | Detection NOT found - returning nullptr
[2022-04-26 09:10:14.694] [info ] [manager ] [ 8012: 9224] [9EDA99: 40] create_detection | Detection doesn't exist - creating a new one
[2022-04-26 09:10:16.796] [info ] [detection ] [ 8012: 9224] [F819CA: 108] show_impl | Window is newly opened
[2022-04-26 09:26:35.255] [info ] [manager ] [12040:12036] [9EDA99: 20] initialize | Initializing detection manager with product id 'av'
I did a startup scan with avast which found nothing and I am currently doing a full pc scan with malwarebytes.
Knowing that firefox was up to date, as well as the extensions (I have AdBlock Plus and firefox multi-account container).
I wonder if it is an avast error or if I am infected without knowing it.
I would like to avoid having to go back to my last backup, which was 2 months ago, and thus waste time having to rebuild everything on my system.
