I have been using Avast Secure Browser and Avast Ultimate for a few months now, and recently noticed that the browser makes some quit suspicious connections during start-up.
This seems to happen everytime and just for a very short moment, I managed to capture the data through TCPView (https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview)
AvastBrowser.exe 15148 TCP 50125 mail.bestgfe.ch 8989 SYN_SENT
AvastBrowser.exe 15148 TCP 50126 unassigned.psychz.net 8989 SYN_SENT
AvastBrowser.exe 15148 TCP 50138 7042-26762.bacloud.info 8989 SYN_SENT
AvastBrowser.exe 15148 TCP 50147 cs2874.mojohost.com 8989 SYN_SENT
I have not additional extensions installed and am using all default settings without any sync. These websites have also never been visited by me before. The top link seems to be a shady pron site?
Curious if to see if there has been some kind of security breach on my side, or this is related to any of the default extensions?
Diagnostic info:
executable_path=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe profile_path=C:\Users\[redacted]\AppData\Local\AVAST Software\Browser\User Data\Default os_version=Windows 10 v21H1 (x64) av_engines=Avast Antivirus, AMSI - Avast IAntimalwareProvider implementation active_av_engine=Avast Antivirus av_version=21.11.2500 urlscanner_version=1.9.0.367 mimic_version=v0.1.17-46c12c3 host_prefix= browser_version=96.1.13589.111 (Official Build (64-bit)) cgid=365 cid=3515 uid=db897bcb6d4f42768f9fa098905330bcChannel: stable
OS language: en-us
Browser language: en-US
Search Engine URL: https://www.google.com/search?client={google:client}&q={searchTerms}&{google:originalQueryForSuggestion}{google:assistedQueryStats}ie={inputEncoding}
Omaha version: 1.8.1189.1Enabled extensions:
ahfgeienlihckogmohjhadlkjgocpleb : Web Store : 0.2
beghmmhchncjignfbfnemngnlnjdmbcb : Avast Anti-Fingerprinting : 2.5.181
dmfdacibleoapmpfdgonigdfinmekhgp : Avast SecureLine VPN : 1.5.1.839
ekmkelgimdicdgkflkakgmjcghgpdnji : Messaging : 1.11.0.341
kmediagceboldddnnajkcochbkfkedel : Avast Anti-Tracking : 1.23.0.675
kmendfapggjehodndflmmgagdbamhnfd : CryptoTokenExtension : 0.9.74
lhnnoklckomcfdlknmjaenoodlpfdclc : Avast Bank Mode : 1.3.0.52
mecokbmnofclapimmlnfegiohceoaocc : Avast Performance Manager : 1.2.220
mhjfbmdgcfjbbpaeojofohoefgiehjai : Chrome PDF Viewer : 1
nkeimhogjdpnpccoofpliimaahmaaome : Google Hangouts : 1.3.16
nmebbcjdbhgggcgohlnlgadkmjiedfbc : Avast Hack Check : 1.2.341
ooeobdingfeedklanlfcjhffgennflke : Avast Adblock : 2.7.164Disabled extensions: