"Java?" problems Avast Update free version 2014.9.0.2008 ("resolved")

[johnherrington]

Hello, since an avast update I can't load stockwatch on moneyam. I never had any problems before EVER on this site so can't understand why avast has taken upon itself to block this. I've tried various "exclusions" but don't really know what is actually blocking it so I don't know what to write in which exclusion box. I know it is avast blocking it as if I disable the antivirus the site works no problem.

[Pondus]

what message does avast give....
attach screenshot of avast message...

[johnherrington]

Thanks for replying. Avast doesn't give any message. If I turn web shield off the site works. If I add the site address into the web shield URL exclusions list and click OK and turn the web shield back on the site still doesn't work.

[Pondus]

Evry website or just that one...
Do you have a firewall....what?

[olddog]

Hello, since an avast update I can't load stockwatch on moneyam.

John,
You don't say what browser you are using, but if it's Firefox, try disabling the Avast AOS extension (Tools->Add-ons->Extensions) then restart firefox. If it is IE, then depending on the setting for Tools->Internet Options->Advanced->Security->Enhanced Protected mode, the AOS add ons (Tools->Manage Add ons) may be enabled or disabled. If they are enabled, then disable them, then restart IE.

[johnherrington]

I was using firefox and just checked the extensions and the AOS was off so I tried it with it on and it still doesn't work. The page doesn't work on Google Chrome either. The page requires java and I have the latest version plus other pages requiring java seem to load no problem.

Trouble posting here as the letter I write don't match those in the picture. Bloody impossible to read one of them !!!!!!! plus I get  You already submitted this post! You might have accidentally double clicked or tried to refresh the page. all the time. Looks like it is one of those days !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

[johnherrington]

Also I tried what you suggested on IE (although I never use it) and it didn't work either. All 3 browers work fine only if I disable the web shield. Using exclusions does not work for all 3 browsers. Restarting computer doesn't make any difference either.

Perhaps I might change avast antivirus for another.

[johnherrington]

Managed to get it working. Not sure it is advisable but this is how. Its by excluding java from the web shield scanner of processess. Strange as when I load the page a windows asks whether I want to run java and I say yes but nothing happens. Only way it seems now is to block the firewall. Other webpages using java seem to work but this one doesn't

Open Avast
Settings
Active protection
Web Shield open settings
From mains setting's list click Exclusions
Processess to exclude
Browse for C:\Windows\SysWOW64\java.exe and add to processess to be excluded list.

[DavidR]

Java is a huge malware target, so excluding the process from the web shield scanning could well leave vulnerable to JAVA exploits.

Personally many will suggest you uninstall JAVA because of its targeting, so unless you absolutely need JAVA, application you use or web site you ave to use, removing JAVA would be the better option.

That said reading your first post I think there is something other than JAVA or including JAVA that the problem is.

One of the problem with ticker/streaming sites such as what you mention "I can't load stockwatch on moneyam." It is probably using an http protpcol whilst not strictly following the http protocol and this can make the web shield baulk. Suggestions for ticker/streaming sites would be to exclude the site rather than the JAVA process as excluding JAVA is internet wide leaving you more exposed to exploit than specifically excluding the moneyam IP address.

From the avastUI > Settings > Troubleshooting -  scroll down to the Redirect Settings - WEB section and add the moneyam IP address to the Ignored addresses:

Try removing the JAVA exclusion and adding the Ignored addresses option suggested.

[johnherrington]

Thanks David,

You sound like you know what you are talking about. Therefore, I tried what you said, but it didn't work. Before the Avast update I could view the stockwatch page on Moneyam if I agreed to running java (limited access) each time I loaded the page. I think without java I cannot view the page. Following the update I don't even get a choice as java seems to be blocked. I have just tried the moneyam (Stockwatch page) on another computer and  following the usual warning with limited access it worked fine. I since downloaded the latest Avast version updates etc on this same computer and now it doesn't work.

Yes I can exclude the site or even not bother going on the internet at all, and so then I would not be prone to any attack.  Other people seem to use this site and other sites requiring Java. I want to use this site and Avast does not give me any reason why not. There should at least be some sort of window or warning that gives me a reason why. I should not be having to write on a forum to find out.

I assume it is Java as my solution above has been the only one so far.

I see a similar problem has already been discussed
http://forum.avast.com/index.php?topic=136869.0
http://forum.avast.com/index.php?topic=141407.0



I haven't really had problems with malware and don't really want to start now. I am not too keen on enabling and disabling things I haven't got much of a clue about. Hence I am uneasy with my above solution.

[DavidR]

I'm not saying to stop using the site, the major concern is effectively giving JAVA a free pass across the internet (not just for this site) when it is such a huge malware target.

That is why I was trying an alternative, that has worked on many ticker/streaming sites, but I guess the JAVA element on the site ads another dimension to the problem.

Another option would be to exclude that specific moneyam site in the avastUI > Settings > Active Protection > Web Shield - click the sprocket icon (settings) > Exclusions and add the URL for the moneyam URL you are using. That way JAVA is still enabled and monitored internet wise, but you exclude a specific URL. You may have to stop and restart the Web Shield for the exclusion to come into effect.

Note: Something you might want to consider first.
I don't know what browser you are using (?), but you could try disabling the Avast Online Security add-on and see if that has any effect.

[johnherrington]

Thanks again, but what you suggest is the first thing I tried (first post) and it didn't work (even with asterix etc). I've excluded everything script exclusions, antivirus exclusions, active protection the lot hardened mode etc, etc.   

I agree that I don't want to give a free pass to Java and that was why I wrote "not sure advisable" after my solution.

I've tried on firefox, chrome and IE with the same result. Avast doesn't seem to work and there have been a number of posts on the subject under different headings. It worked fine before with previous avast but not now. I wonder whether anyone from the avast team could solve the problem ?

At the moment the only way to view page is to turn the web shield off.

[johnherrington]

I tried this http://public.avast.com/~rypacek/patches/ but no doubt did something wrong as I am not too clued up on unzipping files then finding them in their "unzipped" form I imagine plus my computer is all in French.

I am really quite hacked off as WTF should I have to use patches ? Can't they just make it work as I cannot be the only one who has problems ? Yes it is free etc. etc. but I can't see how the paid version would be any better.

[DavidR]

Well if you look at the patches you will see that they were for earlier versions of avast, so they should really only have been used on those early versions. The likelihood is that these patches (fixes) would have been incorporated into later avast versions 9.0.2007 or 9.0.2008.

So it would appear that your problem isn't directly related to what that patch fixed and would have been included in later builds of avast.

[seeker15]

Java is a huge malware target, so excluding the process from the web shield scanning could well leave vulnerable to JAVA exploits.

He do not really have a choice I suppose and so do I. There are few threads that relates to this problem and some of them were mine. But they were never really given any response. What you were saying about http protocol thing might be true but what matter is, the problem exist and the culprit is WebShield. There were other threads created during the release of v9.0.2006. Later avast corrected the problem in v9.0.2007. It reappeared in v9.0.2008.

Excluding Java is not a good thing, true, but disabling webshield for the time being is the easiest solution compared to adding exclusion of several ip addresses. Global exclusion of websites used to work but no longer.