Home Support

AVG Support Community

Share tips and solutions on AVG Products

Have a question?

Community topics

AVG Gurus

These community experts are here to help

  • (AB) Alan Binch
  • (BA) Borislav Angelov
  • (VB) Vladimir Bartl
  • (SK) Subhadeep Kanungo
  • (MS) Miloslav Serba
Mikhail PrashkaMikhail Prashka 

AVG AntiVirus FREE scans ports and brute-forces passwords when performing a regular scan

Hello,

I was surprised to find that AVG AntiVirus Free performs a port scan on local network hosts when performing a scan

In addition to scanning random ports (registered by other anti-virus tools as an attack), an attempt is made to connect via ftp, telnet, ssh using brute-force passwords (using such logins as admin, MikroTikSystem, dircreate, SolucTec, EServicios)

Can you tell me if this behavior is normal?

Why is AVGSvc.exe picking up passwords?
Subhashri DuraiveluSubhashri Duraivelu (Avast)
Hello Mikhail,
Thank you for contacting AVG Community support.

We will help you to check and clarify it. 
It isn't recommended to share account/order, personal info over this public post
We have sent you an email to your registered email address. Please check for the email and revert back to us.
Thank you.
Jean-Phi BJean-Phi B
I’ve experienced the same kind of issue tonight (nov 2nd):
- AVG (free) was installed on a Windows 10 fresh install a few hours ago.
- at about the same time, another computer on the local network got 2 notification of Kaspersky’s (paid version) Network Attack Blocker saying it just blocked Scan.Generic.PortScan.TCP attacks.
The attacker’s ip is the computer with avg.
Local ports “attacked”: 36866 and 40001.
- Router’s logs (Netgear r7000) reported a total of 8 connexion as admin attempts (failed) coming from the computer with avg. These attempts happened every 10 seconds to 1min shortly after avg was installed.

Is there anything I can do? Both computers are currently kept offline until I get more info on this issue.
Dinesh KrishnanDinesh Krishnan (Foundever)
Hi Jean,

We're glad to look into this & help you.
Please write back to us in your own post, which will reveal the account affiliated with us.
While writing back, please share us the screenshot of the notification that you;ve received for better clarity. 
Note : It isn't recommended to share the account info over this post.
Thank you for your understanding in advance!
Mikhail PrashkaMikhail Prashka
Hello Jean,

AVG Support responded to my request that this behavior of AVG AntiVirus is expected under the Traffic Inspector feature
This is how Traffic Inspector checks "weak" passwords of network devices
I think you can disable this feature if you want.
Mikhail PrashkaMikhail Prashka
Hello Jean,

Technical support responded to my request that this behavior of AVG AntiVirus is expected under the Traffic Inspector feature
This is how Traffic Inspector checks "weak" passwords of network devices
I think you can disable this feature if you want.
Ask a question
Struggling with non-AVG technology? We can fix that, too!