Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Thirty days after installing Kav 6 I get this. Six outbound hits on
different ports. Strange!

06/Jul/2006 14:05:29 Trible Fusion blocked; Out TCP;
localhost:1198->www.tribalfusion.com []; Owner: C:\PROGRAM


Re: Why?

On Sat, 8 Jul 2006 20:07:52 -0500, "Old Boozer" <oldboozer> wrote:

Quoted text here. Click to load it

Hey OB. Long time no see. I'm puzzled about the spelling in the first
line of the report. Trible Fusion? Is that a misspell by your sw
firewall? What are you using as a outbound traffic monitor? Also, is
your KAV 6 a trial or Beta version? Expiration date? Or normal
licensed/registered version?

Indeed the report is strange. I suppose you've tried using
some of the usual antispyware/adware scanners? What have you
tried in the way of running process trackers? SysInternal's
Process Explorer, etc.?

Does KAV 6 seem to be working normally otherwise? If you
suspect it isn't, try a formal scan using KAVDOS32. See my web site
for the K-BOOT and KAVDOSNT downloads.  


Re: Why?

Quoted text here. Click to load it
Quoted text here. Click to load it

Hey Art glad to see you are well and still kickng ass. AVP exe is not trying
to connect to
triblefusion >

When a site tries to put their (trible's) cookie on the box, kerio personal
shows an out bound connection. I have a rule set to block that

domain. Kerio associates this with Kav. More than likely because Kav has
rootkit'ed itself into the files. I may have a benign regestry

value from some past freeware progran that connects the events. Yes I use
Process Explorer V10.11 nothing unusual going on.

Just a head scratching anomaly. Kav is running great and no other problems.
Well maybe just one, I picked a file off of

the usnet, ofcourse I don't run Kav real time.

Obvious malware! Without my glasses on I opened it with associated program
instead of dumping it into a hex reader.

DAMN dropdown boxes!!!

HeHe I'm no longer a virgin. :-) Yep F'ed my own computer.

Re: Why?

On Sun, 9 Jul 2006 20:37:10 -0500, "Old Boozer" <oldboozer> wrote:


Quoted text here. Click to load it

I tried a experiment using Sygate set to not allow AVP.EXE and I get
a pop up for any attempt at TCP/IP ... can't browse, use newsreader
or email. The only app activity that was allowed was my atomic time
which uses UDP. Since KAV 6 is monitoring all TCP/IP activity it "gets
blamed" by sw firewalls for all such activity :) So the use of a sw fw
to check unauthorized outbound while KAV 6 is running realtime is
clearly nonsense.

Keep on posting!


Re: Why?

It happens that p-0''0-h the cat (ES) formulated :
Quoted text here. Click to load it

Who are you talking to?

Re: Why?

Quoted text here. Click to load it




As a computer, I find your faith in technology amusing.

Site Timeline