Something is wrong here

[marc-d-l]

I use comodo firewall and Avast this morning I have 27 outbound conections from avast. WHY. and how do I stop this ?

[cvsa]

avast is monitoring your connection, so it's normal ... allmost everything is scanned via avastsvc.exe...

it can also be avast update.... don't worry

[Hermite15]

I use comodo firewall and Avast this morning I have 27 outbound conections from avast. WHY. and how do I stop this ?

I suppose you mean something like that?

[marc-d-l]

The task manager right now tells me I have 22 outbound connections all coming from Avast.Why does avast all of a sudden have to call home in so many ways.How do I get to just call home for updates,and shut off everything else.

[Gopher John]

The task manager right now tells me I have 22 outbound connections all coming from Avast.Why does avast all of a sudden have to call home in so many ways.How do I get to just call home for updates,and shut off everything else.

Connections from Firefox and virtually every other internet program you use are done through Avast proxy.  An excellent tool to view this and perhaps understand is TcpView from Microsoft.  http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx

[DavidR]

The task manager right now tells me I have 22 outbound connections all coming from Avast.Why does avast all of a sudden have to call home in so many ways.How do I get to just call home for updates,and shut off everything else.

How can anyone comment when you don't give examples of what these connections are, Logos has tried to help in posting an image of outbound connections, but you didn't confirm they were the same or not ?

[timcan]

The task manager right now tells me I have 22 outbound connections all coming from Avast.Why does avast all of a sudden have to call home in so many ways.How do I get to just call home for updates,and shut off everything else.

Hi, are they actual internet connections or localhost communications?

[marc-d-l]

Yes there is,seems that there is always 5 to 20 outgoing connections from avast all the time.

[DavidR]

Yes, but what exactly are they, that is what we are trying find out if exactly the same as one or other image say so and we can say why ?

In Logos's image shows connections by the UI in avast free that is loading the ad data in the summary screen. In RNfromTN's image shows the web shield local host proxy where all requests by your browser are routed through.

[amesuyasha]

avast says  http://www.free-tv-video-online.info/ is blocked cuz of threat detected how do u unblock http://www.free-tv-video-online.info/

[Marc57]

avast says  hxxp://www.free-tv-video-online.info/ is blocked cuz of threat detected how do u unblock hxxp://www.free-tv-video-online.info/

The site seems to be suspicious.

http://www.UnmaskParasites.com/security-report/?page=www.free-tv-video-online.info

Please change The http to hxxp on the site you listed as it goes to malware.

[DavidR]

You don't want to unblock it as the site looks like it has been hacked (it is infected), avast isn't alone in finding something wrong, see http://www.virustotal.com/analisis/20c974870f6646ec5039297b4002b07fee790def256b6a23821470a98e1896c3-1275185040.

There is a large block of obfuscated javascript in a script tag after the Body tag extending out 2936 characters to the right, it is huge and highly suspect. Javascript is a plain language scripting tool so when they use obfuscation like this I wonder what it is that they are doing or trying to hide.

This obfuscated script creates an iframe tag which imports something into the body possibly from another site, no I don't know if this is malicious for sure, but there are means of creating dynamic content using content management software without having to go to these lengths.

- Please 'modify' your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

[Hermite15]

avast says  hxxp://www.free-tv-video-online.info/ is blocked cuz of threat detected how do u unblock hxxp://www.free-tv-video-online.info/

what is that doing here (in this thread ) and why are you guys answering when this is so obviously completely off topic here

@marc57: can you deactivate the link too in your quote?

[Marc57]

Done, Thanks for pointing that out Logos, I missed it.

[De Hollander]

According to Google

http://www.google.com/safebrowsing/diagnostic?site=free-tv-video-online.info/




What Happened When Google visited this site?

Of the 1132 pages we tested on the site over the past 90 days, 5 page(s) resulted in malicious software being downloaded and installed without user consent. Of the 1132 pages we Tested on the site about 90 days the Past, 5 page (s) resulted in malicious software installed and loaded down Being without User consent. The last time Google visited this site was on 2010-05-30, and the last time suspicious content was found on this site was on 2010-05-29. The last time Google visited this site was on 30/05/2010, and the last time suspicious content was found on this site was on 29/05/2010.
Malicious software includes 30 scripting exploit(s), 3 trojan(s). Malicious software includes 30 scripting exploit (s), 3 trojan (s).

Malicious software is hosted on 5 domain(s), including 2roonoodle.net/ , 206.217.206.0/ , 206.217.194.0/ . Malicious software is hosted on 5 domain (s), "including 2roonoodle.net / , 206.217.206.0 / , 206.217.194.0 / .

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including 2roonoodle.net/ . A domain (s) Appear To Be Functioning as Intermediaries for Distributing malware to visitors of this site, "including 2roonoodle.net / .

This site was hosted on 4 network(s) including AS8551 (BEZEQ) , AS13768 (PEER1) , AS36218 (CIRRUSTECHLTD) . This site was hosted on four network (s) including AS8551 (BEZEQ) , AS13768 (PEER1) , AS36218 (CIRRUSTECHLTD) .

Has this site acted as an intermediary resulting in further distribution of malware? Has this site as an intermediary ACTED that result in Further distribution of malware?

Over the past 90 days, free-tv-video-online.info appeared to function as an intermediary for the infection of 6 site(s) including onlinecinema.org/ , stumbleupon.com/ , fanpop.com/ . Over the Past 90 days, free-tv-video-online.info appeared to function as an intermediary for the infection or 6 site (s) including onlinecinema.org / , stumbleupon.com / , fanpop.com / .

Has this site hosted malware?

Yes, this site has hosted malicious software over the past 90 days. Yes, this site HAS hosted malicious software over the Past 90 Days. It infected 7 domain(s), including onlinecinema.org/ , stumbleupon.com/ , fanpop.com/ . It infected 7 domain (s), "including onlinecinema.org / , stumbleupon.com / , fanpop.com / .




My advice, stay clear of it