avp.exe

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
My AV application: Kaspersky Anti-Virus (6.0.2.6210)

During a relative slow loading of a website a pop-up message appeared
indicating:-  Firewall - allow avp.exe

Google search that this item is related to Kaspersky AV but it also could be
a trojan/keylogger.

Is it safe to add avp.exe to my Win XP2 Pro Firewall exceptions list?  If
not, could this attribute to slow web page loading?

Run a HJT - no problems.


Re: avp.exe


| My AV application: Kaspersky Anti-Virus (6.0.2.6210)
|
| During a relative slow loading of a website a pop-up message appeared
| indicating:-  Firewall - allow avp.exe
|
| Google search that this item is related to Kaspersky AV but it also could be
| a trojan/keylogger.
|
| Is it safe to add avp.exe to my Win XP2 Pro Firewall exceptions list?  If
| not, could this attribute to slow web page loading?
|
| Run a HJT - no problems.

The name of a file is insuffient.
What is important is the fully qualified name and path to the file.

For example.
c:\windows\system32\svchost.exe  is legitimate.
C:\Program Files\Common Files\System\svchost.exe is NOT legitimate.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: avp.exe

may be monitored for quality assurance:
|
|
|| My AV application: Kaspersky Anti-Virus (6.0.2.6210)
||
|| During a relative slow loading of a website a pop-up message appeared
|| indicating:-  Firewall - allow avp.exe
||
|| Google search that this item is related to Kaspersky AV but it also could be
|| a trojan/keylogger.
||
|| Is it safe to add avp.exe to my Win XP2 Pro Firewall exceptions list?  If
|| not, could this attribute to slow web page loading?
||
|| Run a HJT - no problems.
|
|The name of a file is insuffient.
|What is important is the fully qualified name and path to the file.
|
|For example.
|c:\windows\system32\svchost.exe  is legitimate.
|C:\Program Files\Common Files\System\svchost.exe is NOT legitimate.

I would suggest going to Trend Micro's Houcecall and running a full
system scan from their database.  A lot of hackers do use files named
the same, or similar, to spread their tools.  
--
X=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X
  Join the Pirate Party!   http://www.pirate-party.us
  Sharkpost Home           http://www.sharkpost.net
       -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

   Pedophile-Supporter Jack 'GitRDunn' Cohen uses the First
   Amendment Rights argument to protect the rights of kiddie
   porn posters and pedophiles to post what they "likes".

   Newsgroups: alt.binaries.warez.ibm-pc.d
   NNTP-Posting-Date: Fri, 11 Jan 2008 19:28:49 EST

   I hate pedos and pervs as much as anyone else but I
   don't have the right to stop them from their first
   amendment rights to post what "they" like.



X=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X

Re: avp.exe

Quoted text here. Click to load it
Unfortunately the pop-up message did not fully qualify name and path, just
avp.exe and since my HJT log came out 'clean' I assume that no illegitimate
items are present.
Based on this, is it safe to add avp.exe to my Win XP2 Pro Firewall
exceptions list?

BTW, I recently downloaded Multi-AV which added WGET.EXE to the firewall
exceptions list; From this list there is no way to tell if this is an
legitimate item or not. But of course I know WGET.EXE is okay,  the
downloading instruction of Multi-AV does explain this.


Re: avp.exe



| Unfortunately the pop-up message did not fully qualify name and path, just
| avp.exe and since my HJT log came out 'clean' I assume that no illegitimate
| items are present.
| Based on this, is it safe to add avp.exe to my Win XP2 Pro Firewall
| exceptions list?
|
| BTW, I recently downloaded Multi-AV which added WGET.EXE to the firewall
| exceptions list; From this list there is no way to tell if this is an
| legitimate item or not. But of course I know WGET.EXE is okay,  the
| downloading instruction of Multi-AV does explain this.

Yepper...

It is easy, via Registry entry, to add an allowance for a EXE to pass through
the Windowes
FireWall.  Malware does it so I did it for the GNU WGET utuility.

Search the hard disk (including Hidden and System files) for AVP.EXE and see
where this file
is located on your system.

Please post back the fully qualified name (FQN) and path to the file(s) that you
find.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: avp.exe

Quoted text here. Click to load it
I searched in drive C:\ for AVP.EXE using 'Agent Ransack' and it found:
Name:-
avp.exe
Location:-
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
Size:-
197 KB
Type:-
Application
Modified:-
3/9/2007 7:50:58 PM
 


Re: avp.exe

says...
Quoted text here. Click to load it
avp.exe /should/ be the KAV scanner. It's always possible it's infected (or just
plain bad) if you got
KAV from a non-authorised route or something's managed to whack it since you
installed it.
If you have reason to think it might be bad, dl some other antivirus (AntiVir,
for just one example
that's free) and scan just that file, see what it says.

wget is a utility for grabbing files from websites. Lots of stuff uses it. I use
it in some of my scripts.
--
Snob? Were I a snob, I wouldn't be talking to you.

Site Timeline