Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: BlitzenZeus on June 17, 2004, 06:34:05 AM
-
Since the application does not run with a normal extension it will by default block the updaters communications, I had to use a program called tcpview to find the path of the program, and allow it through the XP firewall. Now the updates work, but it will never ask for programs which don't have a default extension for a normal executable.
Other firewalls will prompt for this action as it is seen as an executable, however just making it an official .exe in an update would be the easiest thing to do for those of your customers who will upgrade to XP SP2. I'm sure some other software firewalls might have this issue also, but that is just a guess.
Thank you for your time, and the effort into your programs.
-
Wait a moment, the XPSP2 has no outbound connection control, does it?
What version of XPSP2 are you using? The just-released RC2?
-
Yes its RC2, however it doesn't see it as an applicaiton for some reason, so it will not allow the responses to its communications inbound. Sorry I wasn't clear before, so its blocking its inbound communications/responses.
ICF really has no outbound protection, except some icmp control.
-
I guess this must've changed in the RC2 (we haven't seen this problem before). Thanks for notifying us about this... Now I wonder what we can do about that... ???
-
Well for what its worth, I'm in the process of letting Microsoft know as this likely extends to any non-standard application, and you know that some installs use .tmp files as executables at times so I could see that as an issue as well.
Its up to your team, but make sure all your executable have standard extensions? I thought I saw a thread where SyGate had a problem with the updater also, but I don't really know as I didn't fully read the thread.
Anyway, take care :)
Edit: Submitted
-
An executable may have any extension if it's spawned using the system's CreateProcess call. Only shell has some restrictions when it spawns programs using ShellExecute.
I really love these kinds of senseless assumptions in products from big companies, causing unnecessary troubles for smaller ISVs. >:(
-
Hey VLK,
It's radicalb21. I can say the same thing as my desktop is under settings update connections settings i have the following block checked that my computer is permantly connected to the internet. Prior to installing XP SP2 RC2 my system would update automatic when the new VPS was released but now mthat function is blocked. However I am able to update manually without any problem. I hope this helps. If you need me to test anything to try and get this to work I have been beta testing with Microsoft for a number of years and maybe I might be able to help.
-
Just wondering.
Since the application does not run with a normal extension it will by default block the updaters communications
How do you know that it's the extension that's causing the troubles? Have you seen anywhere documented this behavior?
Thanks
Vlk
-
This is the first program I have come across that I have noticed that its communications/responses were blocked by this inbound firewall. For some reason it was not being detected as a program making outbound connections so it would allow the inbound responses, and the one thing that has stuck out is the fact it does not run a normal executable extension. I know the app is seen fine in task manager so I'm still chalking this one up to a bug, but that is the only thing wrong I can find with the program.
-
From what I've been hearing for quite a while, I wouldn't be at all surprised to see one heck of a lot of XP users disable the ICF and use something else once the "final" SP2 comes out. There seems to be very widespread agreement that it's just about the worst firewall anyone's seen yet.
-
It protects basic users who don't want to run a firewall, but with the addition of application permissions people can easily allow their programs that act like servers now. At least this way with very little work they can still be protected inbound, and not have to deal with a more complex firewall if they don't want to. However I do agree it will not be used by most users.
-
I just installed SP2RC2 last night and have had no issues at all using the firewall and I am using sygate also.
XP Pro SP2 RC2 pIII 512 ram
-max
-
Cool, so Sygate has not problem, but one thing I noticed before is other firewalls usually get the traffic before ICF does.
I ran the previous build with a software firewall also, and it was catching all the traffic before the XP firewall. I've also noticed that when one firewall permits it, its already being allowed, and when one allows it other software firewalls might be powerless to stop it. I've seen this happen more than once as one firewall allowed it, the second one was set to stop it, but it still got through as it was allowed by the first one.
Anyway that is a theory based on experience using other software firewalls.
A way to verify this easily would be to have a system with no additional firewall installed, and only use the xp sp2 firewall. I admit I'm running with network, and connection monitors all the time right now as I don't fully trust inbound protection only. However I'm using common sense, and software which I know as more secure like Mozilla Firefox since I don't trust IE to be secure even with all its features disabled.
-
How can you tell when the traffic is being checked by which program?Is there software to do this?Let me know.
-max
-
I have an alterative theory. It's not caused by the .setup extension but rather by the fact that the setup is executed in the context of a system service. As a result, manual updates work (these are run in context of the active user [provided he/she is an administrator]) but do NOT work in the auto-mode (launched from the service)...
-
I have an alterative theory. It's not caused by the .setup extension but rather by the fact that the setup is executed in the context of a system service. As a result, manual updates work (these are run in context of the active user [provided he/she is an administrator]) but do NOT work in the auto-mode (launched from the service)...
I can confirm this problem, running XP.Pro.SP2.2149. And I am pretty sure your theory is correct.
Also, avast! appears to not being the only av having problems with auto updating virus definitions: On the beta newsgroups people post about having problems wit Norton LiveUpdate.
-
I LOVE architectural changes between RC1 and RC2's, I really do... :-X
-
Your theory seems to be correct at this point.
I'm sure you had this resource available, if not greater access, but here is a site to check out. So far MS has made the main RC1, and RC2 builds availble to the public. The minor builds are only availble to offical beta testers.
http://www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx
-
I do have access to the interim builds.
I've notified MS about this issue and am awaiting their answer.
Thanks for your help.
Vlk
-
I do have access to the interim builds.
I've notified MS about this issue and am awaiting their answer.
Thanks for your help.
Vlk
So I won't file a bug report. Please keep us updated on this issue.
-
Hmm, I'm not able to simulate the problem on my machine.
Also running SP2 build 2149 (the RC2 build).
Would you have any more instructions on how to reproduce it?
I have the firewall turned on. IE security settings are set to Medium (the default level).
Any ideas?
The MS folks seem to be willing to look at the problem but I first need to simulate it on our machines...
Thanks
Vlk
-
I couldn't reproduce this again at this time, I've been testing all the regular software I use, including my software firewall, and the most I could do quickly was disable my firewall which actually does completely disable the firewall, except for the driver still in memory. If I have time later I will save my firewall config, uninstall it, and test this again as its getting late for me. I'm actually in the process of moving now, and I anticipate to be offline for a few days at least.
-
Too bad... anyway thanks a lot for your reply.
drahnier, are you still able to simulate the problem? Would you have any hints on how to repro it?
Thanks
Vlk
-
Too bad... anyway thanks a lot for your reply.
drahnier, are you still able to simulate the problem? Would you have any hints on how to repro it?
Thanks
Vlk
Vlk,
I had this problem on one of my machines running SP2.RC2. I've just finished re-installing XP Gold+SP2.RC2 on this machine and am waiting for the next virus (or program) update ...
-
Too bad... anyway thanks a lot for your reply.
drahnier, are you still able to simulate the problem? Would you have any hints on how to repro it?
Thanks
Vlk
Vlk,
I had this problem on one of my machines running SP2.RC2. I've just finished re-installing XP Gold+SP2.RC2 on this machine and am waiting for the next virus (or program) update ...
Seems the problem has disappeared. Just got an automatic database update.
-
That sort of sucks doesn't it? :)
I mean, is this some kind of joke? How can such a problem "disappear"? I hope it will reappear -- I mean I'd love to (positively) solve it before SP2 goes gold... Because updating is a vital part of avast and if the updater won't work, we won't be able to deliver a respective update (fix) to the customers...
Thanks
Vlk
-
That sort of sucks doesn't it? :)
I mean, is this some kind of joke? How can such a problem "disappear"? I hope it will reappear -- I mean I'd love to (positively) solve it before SP2 goes gold... Because updating is a vital part of avast and if the updater won't work, we won't be able to deliver a respective update (fix) to the customers...
Thanks
Vlk
Vlk,
I had this problem on one of my notebooks, while the other never had it. The one showing the problem was heavily used testing all sorts of setting (esp. firewall, policies) during SP2 betas. In fact, it had seen all releases made available by MS one after each other. My guess is, that although I always carefully tried to deinstall any previous version of SP2 before installing a new one, something might have gotten mixed up and somehow this had a negative effect on avast! update mechanism.
Matter of fact, I now have a clean install and everything, including avast!, is running as expected (while all prvious builds gave me some problems).
-
This happened on a clean install of XP Pro with sp2 rc2 #2149 already included in the image from MS, but it seems once I made the change to show avast.setup as an applications on the system it wasn't possible to reproduce this problem.
Since you have access to all the builds, download the xp pro image with sp2 included, don't install any software other than avast, and with the firewall enabled try it out again. Of coarse this would require that you are able to get a beta CD key from MS, which you likely already can do. I won't have th time to image my current sp2 rc2 install, and do that right now so I'm just offering the suggestion.