Jump to content

avast detected exploit on firefox, false positive?


Recommended Posts

Hello,

Today, I opened my mails on firefox (with zimbra webmail) and a popup from avast told me to have detected an exploit on firefox. I was reading an email without an image and without having clicked on a link or an attachment (this email did not have any attachments by the way)

I tried to explain my problem here but the system still considers my post as spam, so I put the link of a discussion on the avast forum where I explain the problem (sorry for the method used): https://forum.avast.com/index.php?topic=319311.0

 

detections.txt

Link to post
Share on other sites

  • Root Admin

I'm sorry but I don't use or know what Avast is looking at and if it's a false positive or not.

We can do some scans and check some logs if you like but webmail can include all kinds of hidden code that tries to do things that are not desirable.

 

Please do the following so that we can get started and see what's going on.


The Farbar Recovery Scan Tool is a free Windows utility designed to create troubleshooting logs for your computer. These logs help our Support team to identify and resolve issues with your computer.

There are two versions of the Farbar Recovery Scan Tool available for download: 32-bit and 64-bit.
To find which operating system is installed on your computer, refer to Microsoft's article: 32-bit and 64-bit Windows: Frequently asked questions

Download and launch Farbar Recovery Scan Tool

  1. Download the Farbar Recovery Scan Tool
    Do not click on any Ads.
     
  2. Locate the file you downloaded on your computer.
    Downloaded files are often saved to the Downloads folder.
     
  3. Double-click the downloaded file to run the Farbar Recovery Scan Tool.

    DOC-1318-1.png
     
  4. Windows protected your PC notification may appear. This notification is from the Windows Defender SmartScreen Filter which prevents unfamiliar apps from running on your PC.
    Disable smart screen ONLY if it interferes with software we may have to use:  What is SmartScreen and how can it help protect me?

         a.  Click More info.

    https://support.malwarebytes.com/hc/article_attachments/360051190254/DOC-1318-2.png
         b.  Click Run anyway.

    https://support.malwarebytes.com/hc/article_attachments/360051190294/DOC-1318-3.png
  5. When the User Account Control window appears, click Yes.

    image.png

     
  6. To accept the Disclaimer of warranty, click Yes.

    image.png

     
  7. Ensure only the boxes listed below are checked

    image.png

    Registry  Services  Drivers
    Processes  Internet  One month
    Addition.txt

    image.png

     

  8. Disable any Antivirus software you have installed ONLY if it stops software we may use from working.
    Please remember to re-enable any Antivirus software when we are finished running scans

    Click Scan. The scan may take a few minutes to complete.

    image.png
     

  9. When the scan completes, Farbar Recovery Scan Tool shows two messages:

  • Scan completed. FRST.txt is saved in the same directory FRST is located.

    image.png

  • Addition.txt is saved in the same directory FRST is located.

    image.png
     

  • Click OK to close each message window

 

Please attach both of those logs on your next reply, DO NOT copy/paste the contents of the logs directly

https://content.invisioncic.com/Mmalware/monthly_2018_10/_mb_attach.jpg.dbd89b8e360d3763b3bbe33ce83d680d.jpg

 

 

Thanks

 

 

  • Thanks 1
Link to post
Share on other sites

  • Root Admin

I don't see an obvious infection, but your Firewall is blocking portions of Avast so that is not very helpful. I'd recommend you remove those blocks.

 

FirewallRules: [{AA08E908-5C1B-40A2-99C2-5458EC80E1A3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2016357D-CC43-47AA-80E6-6E7244F7259C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D419F011-3ED2-41BD-9B6C-E96EB5571E0A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{845CF77C-ADD6-48D7-A8F1-AD1B6950EBB7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B8B76624-EFEF-45AB-91F9-7D95E2711A4B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1BFD48BC-462A-4F6C-93E1-121F9E0337E7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09BEA8A3-D8DD-4763-98D7-55A27274A573}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A6482E74-92CB-4346-8989-A45EEC8349DE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{16AB7120-51B7-4291-BDB0-4E277A4C8348}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A102F699-68E3-45D8-8453-5FE4C2C4C427}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4B8B1438-0F9D-4BC3-AFBD-9C77DBB7DCE5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7BA3965D-25EC-47FF-AF8C-879279FED033}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6D701C3C-E923-489C-BCDD-135C111FA824}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A064EA02-C87F-40C9-994C-F3BD5D055438}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{520CE7F8-4A8F-4AE0-8AAC-FC551000D57D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0AD0DD76-47ED-4DFC-8EB5-C2B8FF8A5D8E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{975F4203-4060-42BA-8837-079BB7DE76A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0956954B-A8E7-403E-AD60-E69492D8B496}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

 

Check for Windows Updates as well and maybe clean up your cache and cookies of your browser, and temp files.

 

 

 

 

  • Thanks 1
Link to post
Share on other sites

2 hours ago, AdvancedSetup said:

I don't see an obvious infection, but your Firewall is blocking portions of Avast so that is not very helpful. I'd recommend you remove those blocks.

 

FirewallRules: [{AA08E908-5C1B-40A2-99C2-5458EC80E1A3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2016357D-CC43-47AA-80E6-6E7244F7259C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D419F011-3ED2-41BD-9B6C-E96EB5571E0A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{845CF77C-ADD6-48D7-A8F1-AD1B6950EBB7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B8B76624-EFEF-45AB-91F9-7D95E2711A4B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1BFD48BC-462A-4F6C-93E1-121F9E0337E7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09BEA8A3-D8DD-4763-98D7-55A27274A573}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A6482E74-92CB-4346-8989-A45EEC8349DE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{16AB7120-51B7-4291-BDB0-4E277A4C8348}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A102F699-68E3-45D8-8453-5FE4C2C4C427}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4B8B1438-0F9D-4BC3-AFBD-9C77DBB7DCE5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7BA3965D-25EC-47FF-AF8C-879279FED033}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6D701C3C-E923-489C-BCDD-135C111FA824}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A064EA02-C87F-40C9-994C-F3BD5D055438}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{520CE7F8-4A8F-4AE0-8AAC-FC551000D57D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0AD0DD76-47ED-4DFC-8EB5-C2B8FF8A5D8E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{975F4203-4060-42BA-8837-079BB7DE76A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0956954B-A8E7-403E-AD60-E69492D8B496}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

 

Check for Windows Updates as well and maybe clean up your cache and cookies of your browser, and temp files.

 

 

 

 

Thanks a lot for your help!

Have a nice day:)

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.