Author Topic: Avast 4.8 home changes Seamonkey settings  (Read 2312 times)

Offline edsacks

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
Avast 4.8 home changes Seamonkey settings
« on: January 12, 2009, 09:02:01 PM »
Alwil Avast 4.8
Seamonkey 1.1.14
XP-Pro SP3.

I had to uninstall Avast AV 4.8 and reinstall it as part of a troubleshooting procedure related to a new USB external HDD..
As a result of this activity, three changes happened to Seamonkey, my e-mail client and internet browser. 1) ALL my stored passwords disappeared; 2) ALL my stored temporary and perpetual cookies disappeared; 3) My SSL settings were reset to give all warnings.

Riddle me that? What does Avast have to do with Seamonkey (and why/how could it make those changes)?

Offline alanrf

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 3866
  • Gender: Male
  • Just an avast user
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #1 on: January 12, 2009, 09:14:31 PM »
Simply - avast does not make these changes to browsers, and avast never has a clue what POP mail client is being used and does not make any changes to them.   

avast's interaction with browsers is limited to intercepting the http calls it makes at the network level and the same goes for the unsecured POP/SMTP calls of mail clients, again at the network level.  avast knows nothing of the internal working of any given browser or mail client.

I think that there is a probability during the changes you were making to get the USB drive installed SeaMonkey may have had difficulty getting to the stored profile information for your browser and email client and created a new clean profile.   
« Last Edit: January 12, 2009, 09:17:57 PM by alanrf »

Offline Tech

  • avast! team
  • Certainly Bot
  • *
  • Posts: 64880
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #2 on: January 12, 2009, 10:56:02 PM »
Strange, like Alanrf, I see no correlation...
Any other security program installed?
Any other antivirus in the past in this computer?
The best things in life are free.

Offline edsacks

  • Newbie
  • *
  • Posts: 10
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #3 on: January 12, 2009, 11:20:13 PM »
Thanks to both of you.

To tech:
Spybot/teatimer and iolo firewall. These have been running for years (with updating).
No other AV ever.

Offline Tech

  • avast! team
  • Certainly Bot
  • *
  • Posts: 64880
  • Gender: Male
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #4 on: January 12, 2009, 11:24:02 PM »
Sorry, out of my knowledge...
The best things in life are free.

Offline Eddy

  • avast! Evangelist
  • Serious Graphoman
  • ***
  • Posts: 9882
  • Gender: Male
  • Watching (over?) you
    • Malware removal, Biljart and other things.
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #5 on: January 13, 2009, 03:28:29 PM »
Well well well, look what we have here "out of my knowledge" that is something you only see once every 100 years from Tech  ;D
Quote
I had to uninstall Avast AV 4.8 and reinstall it as part of a troubleshooting procedure related to a new USB external HDD.
Why uninstalling avast? Did it gave a warning or something when you connected the drive or tried to use the drive? If not there was no reason to uninstall avast and the problem was caused by something else.

1]
Avast does not deleted passwords nor a password file. Unless it is detected as being infected, but then it will notice you, unless you have told avast to automaticly delete infected files without asking. But in that case you can see in the log file that it has happened. Unless you disabled logging ofcourse which is not very likely.

2]
Basicly the same as 1

3]
It is SSL(!), avast wil not do anything to/with it unless you manually configure avast for SSL connections (if already possible)

If you still need/want help, please provide more information like:
Errors? If so which ones and from wich application
Does e.g. Opera work fine?
What SSL settings? In what application, etc?

Offline GreenEyedLady

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #6 on: March 29, 2009, 12:33:03 AM »
Simply - avast does not make these changes to browsers, and avast never has a clue what POP mail client is being used and does not make any changes to them.

Oh yes it most certainly DOES!!! I just had the same thing happen to me.

Avast 4.8 Home
Win98SE
SeaMonkey 1.1.11
ZoneAlarm 5.1.033
Spybot (but not teatimer)

All except Avast have been working fine for just ages. Used to use AVG 7.5 but that is going to stop getting signature updates soon so I uninstalled that, rebooted, installed Avast, reboot, look through settings.... try to download some email and all my passwords are gone????? Unlike edsacks, I was not doing anything with any USB devices to need any troubleshooting, and I did not do any avast uninstall so that is not the reason.

avast's interaction with browsers is limited to intercepting the http calls it makes at the network level and the same goes for the unsecured POP/SMTP calls of mail clients, again at the network level.  avast knows nothing of the internal working of any given browser or mail client.

That may be true for the scanning process but the email setup wizard does indeed muck with your email profile. It presents a list of email accounts to select which ones should be screened and which should not, then demands that you pick a "default server" for both POP and SMTP. Now for those of us having multiple accounts from each of several providers, that seems a nonsensical request, but one must comply to finish the wizard. Anyway, it then does inconsistent changes to email profiles - some but not all of the selected accounts have their server settings changed to 127.0.0.1 as described in the help file. Unfortunately not all selected accounts at the "default" server get this treatment, and it is also applied to some but not all selected accounts at different providers that formerly had unrelated server settings.

I think that there is a probability during the changes you were making to get the USB drive installed SeaMonkey may have had difficulty getting to the stored profile information for your browser and email client and created a new clean profile.

As noted, I didn't have the USB drive issue, so that would be a red herring. SeaMonkey has no trouble finding my profile even now, it knows all my email accounts, or at least their names - it is the server settings and passwords that are mangled. No new profile was created, the wizard has changed the existing one.

1]
Avast does not deleted passwords nor a password file. Unless it is detected as being infected, but then it will notice you, unless you have told avast to automaticly delete infected files without asking. But in that case you can see in the log file that it has happened. Unless you disabled logging ofcourse which is not very likely.

This much seems to be true. The password file is still present in my profile,and the file contents even look similar to one of my old backups. I even tried temporarily replacing it with the backup copy but that does not restore access, so I put back the current one. There was no warning of it being infected or anything like that, and no mention of it in the log files. Nor did I turn off the logging or set automatic delete for infected files, the file is still present and it contents appear intact. Just not USEABLE. This makes me think there is something gone amuck when the wizard changed some part of the prefs.js file or similar.

3]
It is SSL(!), avast wil not do anything to/with it unless you manually configure avast for SSL connections (if already possible)

Not sure about this one, I think I had all those checkboxes marked anyway so can't really tell.

If you still need/want help, please provide more information like:
Errors? If so which ones and from wich application

No error messages. Just the problem that passwords are not accessible from SeaMonkey. Note this is ALL passwords - over a thousand of them - forum passwords, shopping sites, webmail, online banking, phone voicemail,  bulletin boards, etc -  not just the email ones. And yes, cookies too, though I only had a few dozen of those so not such a big deal.

Does e.g. Opera work fine?
What SSL settings? In what application, etc?

Don't know about Opera, never had it installed. I have not used anything else for browsing or email except prior versions of SeaMonkey (previously Mozilla, previously Netscape) since NS4.x days, so don't have other accounts to compare results to.

I expect there must be lots of SeaMonkey users hit by this, but not many postings. It becomes difficult to register for this forum to post about it when your email passwords are gone and you cannot retrieve the activation email!

So the next questions become:

What exactly did the wizard do to my profile? How can it be fixed? Would uninstalling Avast undo whatever it did since the password file itself seems intact? I need my passwords back a whole lot more than I need an antivirus program!!!


Offline alanrf

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 3866
  • Gender: Male
  • Just an avast user
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #7 on: March 29, 2009, 05:50:55 AM »
GreenEyedLady ,

I am impressed by your certainty, but certainty is often bolstered by lack of knowledge.

You may correct me .. but if, and only if, your are using an out of date and unsupported operating system (Win 95, Win 98, Win 98SE, Win ME)

Please note that these operating systems will not be supported by the upcoming avast 5 release. 

If you would provide us with some more information about your operating environment (operating system especially) then I will joust on a more even playing field .. and happy to do so.

Quote
Used to use AVG 7.5 but that is going to stop getting signature updates soon so I uninstalled that, rebooted, installed Avast, reboot, look through settings.... try to download some email and all my passwords are gone?Huh? Unlike edsacks, I was not doing anything with any USB devices to need any troubleshooting, and I did not do any avast uninstall so that is not the reason.


If you are running both AVG and avast on your system concurrently then you are begging for trouble and getting it.  Please decide on one and fully remove the other for peace of mind. 

Offline GreenEyedLady

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #8 on: March 29, 2009, 12:48:39 PM »
You may correct me .. but if, and only if, your are using an out of date and unsupported operating system (Win 95, Win 98, Win 98SE, Win ME)

Please note that these operating systems will not be supported by the upcoming avast 5 release. 

Yes, in my post I said I am running Win98SE. I realize most vendors are dropping support for this but upgrading OS is not an option for older hardware - that is the reason I had to uninstall AVG 7.5, they will stop updating in a week or two. As I understood it Avast would at least go to the end of the year so it gives me another 9 months before repeating this situation for the next product.

If you are running both AVG and avast on your system concurrently then you are begging for trouble and getting it.  Please decide on one and fully remove the other for peace of mind. 

Also in my post, they are not both running together, I uninstalled AVG and rebooted before installing Avast.

While I forgot to mention this in my earlier post, the email, antivirus monitor, and cleaner functions of ZoneAlarm were turned off a long time ago, just to rule those out, as they used to interfere with AVG that is now gone. And spybot has some cleaning functions but I did not use those either.

I'm less concerned about the email settings, I can re-enter them in seamonkey. The bigger problem is the thousand orphaned non-email-related passwords that cannot be used any more.

Offline GreenEyedLady

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Re: Avast 4.8 home changes Seamonkey settings
« Reply #9 on: March 29, 2009, 01:51:41 PM »
One other thing I just noticed. My normal setting for cookie retention was "Ask for each cookie". But this somehow got changed to "Accept all", and *I* did not make this change.

Likewise, the Forms Manager data has been erased too. Although the only items I used there were the "URL-Specific" entries.

Also changed is the "Allow websites to install extensions" which I keep cleared but now find the checkbox marked, and "Check for updates weekly" which I kept clear but is now checked.... until I clear them again right now.

Can't figure why Avast should care about changing these items but I am certain that at least the Password Manager, Forms Manager and Cookie Manager had their prior settings up until yesterday, their effects are pretty obvious while surfing.

Offline GreenEyedLady

  • Newbie
  • *
  • Posts: 4
    • Personal Message (Offline)
Hey alanrf,

Now that some of my earlier frustration has faded a bit, I hope my earlier posts didn't sound too snarky....  this one is meant as a sort of peace offering. I found a partial remedy that may help edsacks or other users with similar problems. It turns out recovery is a whole lot easier than uninstalling anything.

The password file is still present in my profile, . . . the file is still present and it contents appear intact. Just not USEABLE. This makes me think there is something gone amuck when the wizard changed some part of the prefs.js file or similar.
. . .
What exactly did the wizard do to my profile? How can it be fixed?

The prefs.js is exactly where the problem is, the wizard made some goofy changes to it. You can search for it, or for Win98SE it's default location for the default profile (and slightly different for other OSs or multiple or non-default profiles) is:

    C:\WINDOWS\Application Data\Mozilla\Profiles\default\*.slt

where * is a random 8 character alphanumeric string, different for each profile. Navigate an explorer window to this directory (it helps to show file extensions and hidden files or folders). In here you will have most of your profile files. (More detailed info on this folder and its files can be found at http://kb.mozillazine.org/Profile_folder_-_SeaMonkey )

Look for a file named #.s where # is an 8 digit number. Make a note of the filename, this is your password file. Also look for a file named %.w, where % is an 8 digit number but different from the # number, this is your saved forms data file, make note of this file name too. Finally, just to be safe, make a backup copy of prefs.js in case you mess up anything. (Later, just make sure SeaMonkey is completely closed first if you want to restore this backup version for any reason. But once you verify this fix is working, you'll want to discard this first backup of the partly broken prefs.js and make a fresh backup of the fixed version.)

Open a SeaMonkey browser window or tab, and in the url location bar type "about:config" without the quotes, then press Enter. Depending what version you are running and what settings you are using, there may be a dialog box with ominous warnings to discourage fiddling, but choose OK or whatever lets you proceed here. (It's been so long since the first time I did this that I have forgotten exactly what the phrasing is.) More info on using about:config is at http://kb.mozillazine.org/About:config

When the page fills, there will be a text entry box marked "Filter:". Type in "wallet.SchemaValueFileName" without the quotes. As you type letters, the list of entries in the main window will shrink to only include entries that contain the stuff you typed, so just a few letters can be enough. Left click on the entry with that name to highlight it. You should see a value like %.w in the column on the right that is supposed to point to your password file. The reason you could not use your passwords is that the wizard changed this 8 digit number and broke the pointer. To fix it, right click the entry and select "Modify" from the context menu. A dialog box will pop up showing the present value of the entry; adjust it to match the saved forms data filename you noted earlier (be sure to keep the .w suffix) and click OK.

Go back to the Filter box again, this time type "signon.SignonFileName" (no quotes), again a few characters may be enough. Select this entry, it should have a value like #.s,  right click and pick Modify. Adjust this 8 digit number to match the password file name you noted earlier (be sure to keep the .s suffix) and press OK.

(More info on specific config entries can be found at http://kb.mozillazine.org/About:config_entries - there's a *lot* here, plus even more that is not yet documented!)

Now close all SeaMonkey browser and email windows. If you are using the system tray quicklaunch feature you need to stop that process too - you need to completely exit the suite so it will write the prefs.js file.

Next time you open SeaMonkey your saved passwords and forms data should be working again.

You'll still need to adjust your mail server settings to point to the right accounts, but there are many posts here about that as well as stuff in the program's help file so I won't make this reply any longer than it already is.



 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now