Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: .Pedro on November 12, 2008, 08:17:31 PM
-
Hello,
I just joined the forum to report a problem with DEP. By editing the boot.ini to enable DEP, on some situations DEP will terminate Avast!.
Last time i used Avast! it detected something and DEP terminated it - perhaps not completely. I already uninstalled Avast! since i have no time to troubleshoot, and don't use Windows regularly at home.
There is another report that this happens also when using the context menu scan.
I don't expect you will have problems reproducing this issue.
Why DEP in AlwaysOn:
http://blog.fabriceroux.com/index.php/2007/02/26/hardware_dep_has_a_backdoor?blog=1
Instructions from MS to enable DEP (as a reference for whoever reads this):
http://support.microsoft.com/kb/875352
Keep in mind there are no exceptions in AlwaysOn. Any program that doesn't comply WILL shut down.
Cheers
-
Well thats clearly not a default Windows behavior and as such avast! devs aren't exactly forced to comply.
-
I'm just reporting an issue.
-
Yes. I'm suresomeone from ALWIL guys will stop buy soon.
-
I don't expect you will have problems reproducing this issue.
Not really... I remember we tried and didn't encounter any problems.
So, some more info would be needed, I'm afraid... such as at what situations exactly you get the error, if the error box displays any useful info about the particular problem, etc.
-
Also, what OS are you using, exactly?
Thanks
Vlk
-
Ok, sorry about that. XP Home, Toshiba M70-320, new image restored, Limited User Account, used PC-WELT scripts
http://www.pcwelt.de/index.cfm?pid=662&pk=65615
http://www.pcwelt.de/schwerpunkt/p/pcwXPProme.html
though i don't think they make a difference - they add gpedit.msc and turn it into a "Pro".
The last instance was with WormGuard downloaded from Majorgeeks. Ran it, Avast! popped and DEP quickly after. I was in a rush, just wanted to leave it configured and had to leave. Here's another report
http://www.wilderssecurity.com/showpost.php?p=1319736&postcount=1
Do you want me to try it again to see the exact error?
-
Hello again. Just posting to be sure you don't need further testing. I don't have time to monitor this forum unfortunately.
Do you guys need anything else?
-
Just echoing this request.
Every year after my annual reinstall, I test whether or not I can run with "DEP - /noexecute=AlwaysOn" set.
This year's test revealed that only Avast and VMware server 1.0.8 fail the DEP requirements.
I'm running XP pro x64 sp2 (certain amount of loyalty as you guys were one of the 1st to support it).
The "On-Access Protection Control" appears to work correctly however DEP failures occur when one tries to run an Anti-Virus scan via either the explorer context menu or choosing "Start avast! Antivirus" by right-clicking the toolbar icon.
-
Interesting, I wasn't able to simulate it on WinXP x64, only ordinary WinXP.
Anyway, the two problems you mention are caused by a Microsoft library (Explorer Extension) and the 3rd party skinning component (the rest of the GUI). So, I'm afraid there isn't much we can do about it right now.
When avast! 5 is released, it will be built by a new version of the compiler, and it won't use skins anymore - so both of the problems should disappear.
-
DEP works fine here on x64 XP, I had problems with Orbit but never with Avast.
-
DEP works fine here on x64 XP, I had problems with Orbit but never with Avast.
Are you sure DEP is set to "/noexecute=AlwaysOn" ? (requires editing boot.ini)
Avast does work fine with DEP set to "/noexecute=OptOut" where a list of Microsoft approved exceptions (compatibility shims) are allowed.
With DEP set to "/noexecute=AlwaysOn" there are no exceptions, applications MUST comply.
-
DEP works fine here on x64 XP, I had problems with Orbit but never with Avast.
Are you sure DEP is set to "/noexecute=AlwaysOn" ? (requires editing boot.ini)
Avast does work fine with DEP set to "/noexecute=OptOut" where a list of Microsoft approved exceptions (compatibility shims) are allowed.
With DEP set to "/noexecute=AlwaysOn" there are no exceptions, applications MUST comply.
DEP has been set to AlwaysOn via boot.ini and Avast has absolutely no issues with it, I run Avast under LUA with SuRun. As a matter of fact none of the programs that I use on daily basis have any issues with DEP, the only one that did has been replaced, it was Orbit which has now been duly replaced by FDM. Open Office, Cocoon Video coverter, Paint.Net, Faststone Image Viewer and many more all work with no issues and so does Avast. Remember, I am on XPx64 with all latest patches.
-
Well, that's rather strange then, that you should have no problems while for others (including me) it simply won't work with DEP set to AlwaysOn.
It's not like you can be easily mistaken about what caused the error, the Microsoft popup warning / DEP closure box is quite specific.
-
Well, that's rather strange then, that you should have no problems while for others (including me) it simply won't work with DEP set to AlwaysOn.
It's not like you can be easily mistaken about what caused the error, the Microsoft popup warning / DEP closure box is quite specific.
Thats true, for many full DEP won't work but I am lucky in that case. However from time to time if I run IE7 under my limited accout I get the DEP warning when I shut it off, doesn't really matter as I rarely and hardly ever use IE, its stricly Opera for me and DEP has no issues with it thankfully.
-
I believe that full DEP requires that your Hardware supports that function, otherwise you have a limited software DEP function.
My CPU although relatively new supposedly doesn't support hardware DEP, but I have no problem with avast and I haven't added avast to the list of ignored programs.
-
According to Intel all Core 2 Duo processors support hardware DEP, perhaps there's a setting in BIOS you need to enable.
Even so, you won't need to add Avast to the list of ignored programs because Microsoft has already done it for you. The setting you have shown is OptOut:
DEP is enabled by default for all processes. You can manually create a list of specific programs that do not have DEP applied by using the System dialog box in Control Panel. Information technology (IT) professionals can use the Application Compatibility Toolkit to "opt-out" one or more programs from DEP protection. System compatibility fixes, or shims, for DEP do take effect.
Avast only has a problem with AlwaysOn:
This setting provides full DEP coverage for the whole system. All processes always run with DEP applied. The exceptions list to exempt specific programs from DEP protection is not available. System compatibility fixes for DEP do not take effect. Programs that have been opted-out by using the Application Compatibility Toolkit run with DEP applied.
-
Yes, that is what I thought, however, I didn't notice a BIOS option for DEP, wasn't looking specifically for that on my last foray into the BIOS.
-
So I guess Windows XPx64 and full DEP has no issues with full DEP.
-
So I guess Windows XPx64 and full DEP has no issues with full DEP.
It certainly has no problem with DEP set to OptOut, but clearly at least some of us have problems with it set to AlwaysOn.
-
I am comfortable running DEP always on, whatever workarounds needed, I will do it just for that extra ounce of protection. As of now I run my XPx64 with LUA, SuRun, DEP full and Avast and use Opera for browsing, hopefully that would keep it clean for me. Yesterday while trying to install new Realtek sound drivers DEP blocked it. I turned off DEP temporarily and installed the update and then turned DEP back on for full protection. A minor inconvenience for protection well worth it.
-
I see that the release notes for build 4.8.1351 includes the comment "preparations for smoother migration to v5".
Hopefully version 5 will be fully DEP compliant.