AVG ARK triggers iexplore.exe process

Discussion in 'other anti-malware software' started by Ocky, Apr 24, 2007.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    When opening AVG Anti-Rootkit, iexplore.exe process starts, even when not clicking the update check button. When closing AVG ARK, iexplore process remains even though internet explorer is not running. After closing AVG ARK these are the type of firewall log entries :-

    Date/Time :2007-04-23 20:40:34
    Severity :High
    Reporter :Application Monitor
    Description: Suspicious Behaviour (iexplore.exe)
    Application: C:\Program Files\Internet Explorer\iexplore.exe
    Parent: C:\Program Files\Grisoft\AVG Anti-Rootkit Free\sZ7.exe
    Protocol: TCP Out
    Destination: 127.0.0.1::8080
    Details: C:\Program Files\Internet Explorer\iexplore.exe is an invisible application
    >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    Date/Time :2007-04-23 20:40:31
    Severity :High
    Reporter :Application Behavior Analysis
    Description: Suspicious Behaviour (iexplore.exe)
    Application: C:\Program Files\Internet Explorer\iexplore.exe
    Parent: C:\Program Files\Grisoft\AVG Anti-Rootkit Free\sZ7.exe
    Protocol: TCP Out
    Destination: 127.0.0.1::8080
    Details: C:\Program Files\Grisoft\AVG Anti-Rootkit Free\sZ7.exe has modified the the User interface of C:\Program Files\Internet Explorer\iexplore.exe by sending special Window messages.
    >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    Killing the iexplore process and everything is hunky dory again. :D o_O

    EDIT: Correction - occurs AFTER clicking the update button. In that case iexplore.exe process stays put when IE is not running.
     
    Last edited: Apr 24, 2007
Thread Status:
Not open for further replies.