Hi malware fighters,

In my Comodo FW logs ashWebsv.exe Protocol TCP In/Out Source 10.0.0.150 destination port 80 to
dm00042.lunarpages.com
What does this mean? Other connects I find here are 216.227.213.170; 66.102.9.99; 66.249.91.99; 75.125.29.226 (avast): 208.53.158.202; 38.113.1.97 all destination source port 80…

polonus

ashWebsv.exe only scans the inbound traffic.
So, that sites seem to be ‘attacking’ your computer and, because they’re using http protocol on port 80, they’re being locally proxied to WebShield.
Am I wrong?

Although the web shield only scans inbound content, it has to intercept the outbound call, I have lots of out connects to both DNS and the sites you input into your browser, see image.