Hi, I have a question regarding something I read on another forum. It did not happen to me, but I did not understand the response given to the poster. It seems he was concerned about his antivirus program when he received this warning from his firewall as he was running a virus scan: Application Hijacking has been detected The application: C:\Program Files\Alwil Software\Avast4\ashSimpl.exe try to launch another application: C:\Program Files\Internet Explorer\iexplore.exe to go to remote host sa.windows.com He didn't say what firewall he had. I do not understand exactly what was occurring here but I have this antivirus program and am somewhat concerned. Any response would be appreciated. Thank you
I know what is going on, and I don't even run that firewall that assumed it was malicious. He launched the manual scanner, and it launched a help window, well the program automatically connected to that site on its own, the scanner didn't tell the program to goto that site. This is a false positive. On the launch of IE to display the help file, it went to sa.windows.com which means search assistant.... Its a default behavior.
I think it is tiny firewall hence the sentence: Application Hijacking has been detected The application: C:\Program Files\Alwil Software\Avast4\ashSimpl.exe try to launch another application: C:\Program Files\Internet Explorer\iexplore.exe to go to remote host sa.windows.com
that is why I said: "I think" maybe you should have said that too. because now you sound a little..ah forget about it. the problem here is tiny firewall uses practically the same warnings when some process is spawning another process. and the only two firewalls I remember can control spawning are Tiny and Zonealarm. But if you say it is sygate then OK, no prob. it could be
these are one of the million warnings regarding spawning etc Application:IEXPLORE.EXE Access:Injecting code into other processes Object:SetWindowsHookEx(MsgFilter,ThreadId=0,Modul e=C:\WINDOWS\system32\SHELL32.dll) it looks like the same structure a bit...