Author Topic: avast.setup and tracker.prq.to  (Read 18307 times)

0 Members and 1 Guest are viewing this topic.

Foxabilo

  • Guest
avast.setup and tracker.prq.to
« on: November 20, 2005, 10:53:27 PM »
Why has my zone alarm got 170 attempts by avast.setup to open a connection to a bit torrent tracker ?

Description      avast! antivirus Update was temporarily blocked from connecting to the Internet (83.140.65.142:DNS).
Rating           High
Date / Time      2005/11/20 07:22:26-0:00 GMT
Type             Program Access
Program          avast.setup
Source IP       
Destination IP   83.140.65.142:53
Direction        Outgoing (connect)
Action Taken     Blocked
Count            170
Source DNS       
Destination DNS  tracker.prq.to

WHOIS results for 83.140.65.142
Generated by www.DNSstuff.com
Location: Sweden

ARIN says that this IP belongs to RIPE; I'm looking it up there.


Using 0 day old cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).

% This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-proposal-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Information related to '83.140.65.0 - 83.140.65.255'

inetnum:      83.140.65.0 - 83.140.65.255
netname:      TIAMO-NET
descr:        ThePirateBay.ORG
descr:        Customer of prq Inet, Box 1206, SE 114 79 Stockholm, SWEDEN
remarks:      *******************************************************
remarks:      * In case of abuse, send mail to *****@thepiratebay.org
remarks:      * Abuse mail to any other address will be ignored!
remarks:      *******************************************************
country:      SE
tech-c:       pIN7-RIPE
admin-c:      pIN7-RIPE
mnt-by:       MNT-PRQ
notify:       *******************@prq.se
changed:      *************@prq.se 20041219
source:       RIPE
status:       ASSIGNED PA

role:           prq Inet NOC
address:        prq Inet
                Box 1206
                SE 11479 Stockholm
                Sweden
phone:          +46 (0)73 9549748
e-mail:         ***@prq.se
e-mail:         *************@prq.se
remarks:        !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
remarks:        !! Abuse reports should ONLY be sent to *****@prq.se !!
remarks:        !! Do NOT call unless it's very urgent               !!
remarks:        !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
admin-c:        PW1115-RIPE
tech-c:         PW1115-RIPE
nic-hdl:        pIN7-RIPE
mnt-by:         MNT-PRQ
changed:        *************@prq.se 20040707
changed:        *************@prq.se 20050802
source:         RIPE
abuse-mailbox:  *****@prq.se

% Information related to '83.140.64.0/19AS16150'

route:        83.140.64.0/19
descr:        GBG, Port80, Sweden
remarks:      ****************************************************
remarks:      * In case of abuse, send mail to *****@port80.se
remarks:      * Abuse mail to any other address will be ignored!
remarks:      ****************************************************
origin:       AS16150
mnt-by:       PORT80-MNT
changed:      ********@port80.se 20040921
source:       RIPE
notify:       *****************@port80.se


[The following lines added by www.dnsstuff.com per requirement by RIPE]
This service is subject to the terms and conditions stated in the RIPE NCC Database Copyright Notice.
Contact dnsstuff.com's 'info@' address to report problems regarding the functionality of the service.

[If E-mail address(es) were hidden on this page, you can click here to get the results with the E-mail address].

WTF ???


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: avast.setup and tracker.prq.to
« Reply #1 on: November 21, 2005, 12:36:41 AM »
avast.setup tries to connect to avast servers (not torrent) to check for and download updates.

Is there a location for avast.setup as this file isn't a permanent file, only being created from the setup.ovr at the time of update, check the servers.def file it should list the URL addresses that it would connect to.

What is your firewall?

So there is a possibility that this isn't avast.setup, can you do a search for avast.setup, it shouldn't exist outside of actual update and in that case would be in the 'C:\Program Files\Alwil Software\Avast4\Setup' folder, anywhere else and it is wrong.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Foxabilo

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #2 on: November 21, 2005, 01:03:39 AM »
Description      avast! antivirus Update requested permission to access the internet.
Rating           High
Date / Time      2005/11/20 05:47:58-0:00 GMT
Type             Repeat Program
Program          C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
Source IP       
Destination IP   83.140.65.134:53
Direction        Outgoing (connect)
Action Taken     Blocked (once)
Count            1
Source DNS       
Destination DNS  tracker.prq.to

The firewallis Zone Alarm Pro this is a different entry but connecting to the same IP, the other entrys do not include the path (somthing to do with the way zone alarm logs repeats apparently) avast.setup does not exist on any of my drives, this is my servers.def

Code: [Select]
[servers]
count=32

[server0]
name=Secondary ASW server
url=http://www.iavs.cz/iavs4x
stats=http://download8.avast.com/cgi-bin/iavs4stats.cgi
products=av_pro,av_srv,av_ker,av_oem,av_pda_palm,av_net,av_mgm,exav,netpurum,av_u3

[server1]
name=Download1 AVAST server
url=http://download1.avast.com/iavs4x
stats=http://download1.avast.com/cgi-bin/iavs4stats.cgi

[server2]
name=Download2 AVAST server
url=http://download2.avast.com/iavs4x
stats=http://download2.avast.com/cgi-bin/iavs4stats.cgi

[server3]
name=Download3 AVAST server
url=http://download3.avast.com/iavs4x
stats=http://download3.avast.com/cgi-bin/iavs4stats.cgi

[server4]
name=Download4 AVAST server
url=http://download4.avast.com/iavs4x
stats=http://download4.avast.com/cgi-bin/iavs4stats.cgi

[server5]
name=Download5 AVAST server
url=http://download5.avast.com/iavs4x
stats=http://download5.avast.com/cgi-bin/iavs4stats.cgi

[server6]
name=Download6 AVAST server
url=http://download6.avast.com/iavs4x
stats=http://download6.avast.com/cgi-bin/iavs4stats.cgi

[server7]
name=Download7 AVAST server
url=http://download7.avast.com/iavs4x
stats=http://download7.avast.com/cgi-bin/iavs4stats.cgi

[server8]
name=Download8 AVAST server
url=http://download8.avast.com/iavs4x
stats=http://download8.avast.com/cgi-bin/iavs4stats.cgi

[server9]
name=Download9 AVAST server
url=http://download9.avast.com/iavs4x
stats=http://download9.avast.com/cgi-bin/iavs4stats.cgi

[server10]
name=Download10 AVAST server
url=http://download10.avast.com/iavs4x
stats=http://download10.avast.com/cgi-bin/iavs4stats.cgi

[server11]
name=Download11 AVAST server
url=http://download11.avast.com/iavs4x
stats=http://download11.avast.com/cgi-bin/iavs4stats.cgi

[server12]
name=Download12 AVAST server
url=http://download12.avast.com/iavs4x
stats=http://download12.avast.com/cgi-bin/iavs4stats.cgi

[server13]
name=Download13 AVAST server
url=http://download13.avast.com/iavs4x
stats=http://download13.avast.com/cgi-bin/iavs4stats.cgi

[server14]
name=Download14 AVAST server
url=http://download14.avast.com/iavs4x
stats=http://download14.avast.com/cgi-bin/iavs4stats.cgi

[server15]
name=Download15 AVAST server
url=http://download15.avast.com/iavs4x
stats=http://download15.avast.com/cgi-bin/iavs4stats.cgi

[server16]
name=Download16 AVAST server
url=http://download16.avast.com/iavs4x
stats=http://download16.avast.com/cgi-bin/iavs4stats.cgi

[server17]
name=Download17 AVAST server
url=http://download17.avast.com/iavs4x
stats=http://download17.avast.com/cgi-bin/iavs4stats.cgi

[server18]
name=Download18 AVAST server
url=http://download18.avast.com/iavs4x
stats=http://download18.avast.com/cgi-bin/iavs4stats.cgi

[server19]
name=Download19 AVAST server
url=http://download19.avast.com/iavs4x
stats=http://download19.avast.com/cgi-bin/iavs4stats.cgi

[server20]
name=Download20 AVAST server
url=http://download20.avast.com/iavs4x
stats=http://download20.avast.com/cgi-bin/iavs4stats.cgi

[server21]
name=Download21 AVAST server
url=http://download21.avast.com/iavs4x
stats=http://download21.avast.com/cgi-bin/iavs4stats.cgi

[server22]
name=Download22 AVAST server
url=http://download22.avast.com/iavs4x
stats=http://download22.avast.com/cgi-bin/iavs4stats.cgi

[server23]
name=Download23 AVAST server
url=http://download23.avast.com/iavs4x
stats=http://download23.avast.com/cgi-bin/iavs4stats.cgi

[server24]
name=Download24 AVAST server
url=http://download24.avast.com/iavs4x
stats=http://download24.avast.com/cgi-bin/iavs4stats.cgi

[server25]
name=Download25 AVAST server
url=http://download25.avast.com/iavs4x
stats=http://download25.avast.com/cgi-bin/iavs4stats.cgi

[server26]
name=Download26 AVAST server
url=http://download26.avast.com/iavs4x
stats=http://download26.avast.com/cgi-bin/iavs4stats.cgi

[server27]
name=Download27 AVAST server
url=http://download27.avast.com/iavs4x
stats=http://download27.avast.com/cgi-bin/iavs4stats.cgi

[server28]
name=Download28 AVAST server
url=http://download28.avast.com/iavs4x
stats=http://download28.avast.com/cgi-bin/iavs4stats.cgi

[server29]
name=Download29 AVAST server
url=http://download29.avast.com/iavs4x
stats=http://download29.avast.com/cgi-bin/iavs4stats.cgi

[server30]
name=Download30 AVAST server
url=http://download30.avast.com/iavs4x
stats=http://download30.avast.com/cgi-bin/iavs4stats.cgi

[server31]
name=Download31 AVAST server
url=http://download31.avast.com/iavs4x
stats=http://download31.avast.com/cgi-bin/iavs4stats.cgi

ASWSignA444F9B739A8212AEB5992EF7B357C955E76AA0E396710304A9D26D77A83575B052D9A2892733ADA0ASWSignA

and its still trying to connect to this torrent tracker, I can only think that maybe the address is being re-used or somthing ? but what I dont get is that avast is allowed and does update fine through the firewall but these keep showing up as being stopped, somhow the firewall knows these are not geniune IP's to connect to :|

Not at all sure why this should be happening, does make me think bad things tho when my AV is trying to connect to what seems to be a torrent tracking place for ripped of games and things.

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: avast.setup and tracker.prq.to
« Reply #3 on: November 21, 2005, 01:11:03 AM »
Since the servers.def file only contains the urls of avast servers (not the IP address) then one would have to wonder how the questionable IP address might have been used by avast setup. 

There is just a possibility that a nasty piece of software has invaded your system and set up a redirect for one or more of those avast urls to send it to the questionable IP address.  You should scan your hosts file and make sure that no such redirections have been set up.  On an XP system you can find the hosts file in the C:\Windows\System32\DRIVERS\etc folder.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: avast.setup and tracker.prq.to
« Reply #4 on: November 21, 2005, 01:18:06 AM »
Does make me think bad things tho when my AV is trying to connect to what seems to be a torrent tracking place for ripped of games and things.
Why are you thinking your antivirus is trying to connect anything related to torrent or games or anything else?
The list of update servers could be found in servers.def file in setup subdirectory under avast4 folder. There are the names, not IPs but you can check for the IPs yourself.

The problem is that this list could change (and actually is changed) quite frequently (servers are mostly added).
http://www.avast.com/eng/updates2.html#idt_1366
The best things in life are free.

Foxabilo

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #5 on: November 21, 2005, 01:28:00 AM »
It makes me think that because when I do the DNS lookup of the IP avast is connecting to it belongs to ThePirateBay.org

% Information related to '83.140.65.0 - 83.140.65.255'

inetnum:      83.140.65.0 - 83.140.65.255
netname:      TIAMO-NET
descr:        ThePirateBay.ORG
descr:        Customer of prq Inet, Box 1206, SE 114 79 Stockholm, SWEDEN

I will check my hosts to see if anything is in there

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: avast.setup and tracker.prq.to
« Reply #6 on: November 21, 2005, 01:30:39 AM »
avast.setup does not exist on any of my drives
It's a temporary file that appears by the transformation of C:\Program Files\Alwil Software\Avast4\Setup\setup.ovr

It makes me think that because when I do the DNS lookup of the IP avast is connecting to it belongs to ThePirateBay.org
Something strange as the avast servers are not related to the ThePirateBay.ORG

Can you check the contents of your HOSTS file?
The best things in life are free.

kubecj

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #7 on: November 21, 2005, 01:35:20 AM »
I don't have the slightest clue why would setup connect to such a site.

Could you please inspect setup.log in setup directory if it also mentions the ip you've mentioned?

Foxabilo

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #8 on: November 21, 2005, 01:36:32 AM »
Code: [Select]
# Copyright (c) 1993-2004 Microsoft Corp.
#
# AutoGenerated by Microsoft (R) Windows (R) Malicious Software Removal Tool.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost

yea this really is an odd one nothing in there thats not working, now I did a test and told zone alarm to ask me what to do the next time avast.setup runs, it just did and it wanted to connect on port 53 to the torrent tracker again, I said no to the request and a few moments later avast spopped up with the red box an error has occurd while attempting to update, if I do not stop it connecting to that torrent address it seems to update fine :\ wierd huh ?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: avast.setup and tracker.prq.to
« Reply #9 on: November 21, 2005, 01:44:36 AM »
Very weird, you could as a temporary measure create a rule in ZA to block avast.setup access using port 53 or any other port other than port 80 (UDP/TCP protocols), which I think is used for updates. Perhaps Kubecj could confirm this.

Something very strange is going on, I certainly haven't seen anything like this since joining the forums and it would be nice to get to the bottom of it.

How would avast.setup be made to use port 53 to connect, when I think it uses port 80.

Just tried a manual update and port 80 is used.
Quote
Server: download11.avast.com (67.15.38.62:80)
Downloaded files: 3 (0.03 KB)
Download time: 4 s
« Last Edit: November 21, 2005, 01:48:24 AM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Foxabilo

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #10 on: November 21, 2005, 01:46:07 AM »
This is the top bit of my setup.log but it wont let me post of 10,000 chars so i c ant show you the full most recent entry but I cannot see anything about that strange ip, mind you I don' know what I am looking for in this log

Code: [Select]
14:55:05 min/gen  Started: 14.06.2005, 14:55:05
14:55:05 min/gen  Running setup_av_pro-299 (665)
14:55:05 nrm/sys  Operating system: WindowsXP ver 5.1, build 2600, sp 2.0 [Service Pack 2]
14:55:05 vrb/sys  Computer WinName: ISK-SERVER
14:55:05 min/sys  Windows Net User: ISK-SERVER\ISK
14:55:05 min/gen  Cmdline: /sfx /sfxstorage "C:\DOCUME~1\ISK\LOCALS~1\Temp\_av_sfx.tm~a03108"  /srcpath "C:\DOCUMENTS AND SETTINGS\ISK\DESKTOP"
14:55:05 vrb/gen  DldSrc set to sfx
14:55:05 min/gen  Old version: ffffffff (-1)
14:55:05 vrb/gen  Install check: SetupVersion does NOT exist
14:55:05 nrm/gen  SGW32P::CheckIfInstalled set m_bAlreadyInstalled to 0
14:55:05 vrb/reg  Get registry: Software\Microsoft\Internet Explorer\Version=6.0.2900.2180
14:55:05 vrb/gen  Operation set to INST_OP_INSTALL
14:55:05 min/gen  GUID: 4474dc69-5d1b-4793-a8df-aecc36568970
14:55:05 nrm/gen  SelectCurrent: selected server 'tmp sfx storage' from 'sfx'
14:55:13 min/pkg  Load C:\DOCUME~1\ISK\LOCALS~1\Temp\_av_sfx.tm~a03108\prod-av_pro.vpu
14:55:13 vrb/pkg  LatestPartInfo: news = news-42
14:55:13 vrb/pkg  LatestPartInfo: program = prg_av_pro-299
14:55:13 vrb/pkg  LatestPartInfo: setup = setup_av_pro-299
14:55:13 vrb/pkg  LatestPartInfo: vps = vps-52102
14:55:13 vrb/pkg  Part prg_av_pro-299 was set to be installed
14:55:13 vrb/pkg  Part vps-52102 was set to be installed
14:55:13 vrb/pkg  Part news-42 was set to be installed
14:55:13 vrb/pkg  Part setup_av_pro-299 was set to be installed
14:55:13 vrb/pkg  FilterOutExistingFiles: 135 & 0 = 135
14:55:13 vrb/pkg  IsFullOkay: setif_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setif_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setup_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setup_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_core-260.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_core-260.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_dll409-11e.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_dll409-11e.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_hlp409-1db.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_hlp409-1db.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_skins-12.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_skins-12.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: avscan-1bb.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: avscan-1bb.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsys-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsys-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsysgui-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsysgui-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vps-52100.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vps-52100.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vpsm-52102.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vpsm-52102.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: news409-2d.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: news409-2d.vpu - not okay
14:55:13 vrb/pkg  FilterOutExistingFiles: 135 & 0 = 135
14:55:13 vrb/pkg  FilterOutExistingFiles: 133 & 0 = 133
14:55:13 vrb/pkg  IsFullOkay: setif_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setif_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setup_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setup_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_core-260.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_core-260.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_dll409-11e.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_dll409-11e.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_hlp409-1db.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_hlp409-1db.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_skins-12.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_skins-12.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: avscan-1bb.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: avscan-1bb.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsys-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsys-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsysgui-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsysgui-1.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vps-52100.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vps-52100.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vpsm-52102.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: vpsm-52102.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: news409-2d.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: news409-2d.vpu - not okay
14:55:13 vrb/pkg  FilterOutExistingFiles: 133 & 0 = 133
14:55:13 vrb/pkg  FilterOutExistingFiles: 135 & 0 = 135
14:55:13 vrb/pkg  IsFullOkay: setif_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setif_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setup_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: setup_av_pro-299.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_core-260.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_core-260.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_dll409-11e.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_dll409-11e.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_hlp409-1db.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_hlp409-1db.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_skins-12.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: av_pro_skins-12.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: avscan-1bb.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: avscan-1bb.vpu - not okay
14:55:13 vrb/pkg  IsFullOkay: winsys-1.vpu - not okay

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: avast.setup and tracker.prq.to
« Reply #11 on: November 21, 2005, 01:48:44 AM »
This is the top bit of my setup.log
Maybe the bottom of it will be better...

Foxabilo, are you using Home version or the Trial one?
The best things in life are free.

Foxabilo

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #12 on: November 21, 2005, 01:52:16 AM »
Home to the best of my knowlage been a LOOOOOOOOOOOOOOOOONG time user of avast I registered it etc etc,

Code: [Select]
15:11:12 min/int  tried 30 servers to get file 'servers.def', but failed (0x20000004)
15:11:12 min/fil  GetNewerStampedFile:GetFileWithRetry failed: C:\WINDOWS\TEMP\_av_proI.tm~a01140\onefile, servers.def, error: 0x20000004
15:11:12 min/pkg  Tried to download servers.def but failed with error 0x20000004.
15:11:12 min/gen  Err:Cannot connect to download4.avast.com (unknown:80).
15:11:12 nrm/pkg  Transferred files: 0
15:11:12 nrm/pkg  Transferred bytes: 0
15:11:12 nrm/pkg  Transfer time: 0 ms
15:11:12 vrb/fil  NeedReboot=false
15:11:12 min/gen  Return code: 0x20000004 [Cannot connect to download4.avast.com (unknown:80).]
15:11:12 min/gen  Stopped: 16.11.2005, 15:11:12


19:19:12 min/gen  Started: 16.11.2005, 19:19:12
19:19:12 min/gen  Running setup_av_pro-2db (731)
19:19:12 nrm/sys  Operating system: WindowsXP ver 5.1, build 2600, sp 2.0 [Service Pack 2]
19:19:12 vrb/sys  Computer WinName: ISK-SERVER
19:19:12 min/sys  Windows Net User: SYSTEM
19:19:14 min/gen  Cmdline: /downloadpkgs /noreboot /updatenews /verysilent /nolog 
19:19:14 vrb/gen  DldSrc set to inet
19:19:14 vrb/gen  Operation set to INST_OP_UPDATE_GET_PACKAGES
19:19:14 min/gen  Old version: 2db (731)
19:19:17 nrm/gen  SGW32P::CheckIfInstalled set m_bAlreadyInstalled to 1
19:19:21 vrb/sys  Computer DnsName: isk-server
19:19:21 vrb/sys  Computer Ip Addr: 192.168.0.1
19:19:26 nrm/int  SYNCER: Type: use IE settings
19:19:26 nrm/int  SYNCER: Auth: another authentication, use WinInet
19:19:26 vrb/pkg  Part prg_av_pro-2db is installed
19:19:26 vrb/pkg  Part vps-54602 is installed
19:19:26 vrb/pkg  Part news-44 is installed
19:19:26 vrb/pkg  Part setup_av_pro-2db is installed
19:19:26 min/gen  Old version: 2db (731)
19:19:51 vrb/fil  SetExistingFilesBitmap: 728->136->136
19:19:51 min/gen  GUID: 4474dc69-5d1b-4793-a8df-aecc36568970
19:19:52 nrm/gen  Server definition(s) loaded for 'main': 30 (maintenance:0)
19:19:52 nrm/gen  SelectCurrent: selected server 'Download5 AVAST server' from 'main'
19:19:56 dbg/gen  Entered SetupProcessPro::Do( INST_OP_UPDATE_GET_PACKAGES )
19:19:56 dbg/gen  Entered SetupProcessWin32Avast::Do( INST_OP_UPDATE_GET_PACKAGES )
19:19:56 dbg/gen  Entered SetupProcessWin32::Do( INST_OP_UPDATE_GET_PACKAGES )
19:19:56 dbg/gen  Entered SetupProcess::Do( INST_OP_UPDATE_GET_PACKAGES )
19:20:27 min/pkg  ERROR:HttpGetWininet, catch returned 0x00002EE7
19:20:45 min/pkg  ERROR:HttpGetWininet, catch returned 0x00002EE7
19:20:45 nrm/gen  InvalidateCurrent: invalidated server 'Download5 AVAST server' from 'main'
19:20:45 nrm/gen  SelectCurrent: selected server 'Download12 AVAST server' from 'main'
19:20:45 dbg/int  while trying to get file 'servers.def', error 0x20000004 has occured, try 1
19:21:02 min/pkg  ERROR:HttpGetWininet, catch returned 0x00002EE7
19:21:02 nrm/gen  InvalidateCurrent: invalidated server 'Download12 AVAST server' from 'main'
19:21:02 nrm/gen  SelectCurrent: selected server 'Download15 AVAST server' from 'main'
19:21:02 dbg/int  while trying to get file 'servers.def', error 0x20000004 has occured, try 2
19:21:21 min/pkg  ERROR:HttpGetWininet, catch returned 0x00002EE7
19:21:21 nrm/gen  InvalidateCurrent: invalidated server 'Download15 AVAST server' from 'main'
19:21:21 nrm/gen  SelectCurrent: selected server 'Download24 AVAST server' from 'main'
19:21:21 dbg/int  while trying to get file 'servers.def', error 0x20000004 has occured, try 3

kubecj

  • Guest
Re: avast.setup and tracker.prq.to
« Reply #13 on: November 21, 2005, 02:00:16 AM »
Heh, it seems that setup is trying normal servers on port 80, as seen in the log.
To me it looks like wrong ZA report? (but how can one trust his firewall if it's not able to display the correct ip??)

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3870
  • Just an avast user
Re: avast.setup and tracker.prq.to
« Reply #14 on: November 21, 2005, 02:05:25 AM »
It occurs to me in reading the thread again that the access to this strange IP address was reported as a DNS lookup on port 53 (standard DNS lookup port).

So Foxabilo, can I suggest that, at a command prompt, you type ipconfig /all and make sure that the questionable IP address does not appear in your list of DNS servers.
« Last Edit: November 21, 2005, 02:09:18 AM by alanrf »