avast!: Connection timeout

avast!: Connection timeout
Internet connection timeout elapsed. Continue waiting?
Yes/No

I keep getting that popup at odd intervals, for example starting maybe 45 minutes after going online. It doesn’t matter whether I click Yes or No, it may come back every few minutes, then it may stop for an hour or more. Right now it’s coming up every few minutes (maybe every 5 minutes, just a guess).

I have a dialup connection with the usual port 25 for SMTP. It’s working OK for other things such as browsing the internet, email, ftp, NNTP, etc.

avast! version 4.6 Home Edition
Build Feb2006 (4.6.763)
Current version of virus database: 0605-2, 01/31/06
Update check scheduled every 4 hours
Database and Program both set for Automatic Updates

So it looks like I’m getting updated OK.

Why do I suspect my ZoneAlarm 6.1.737 firewall? Maybe that’s a totally wrong hunch, but I’ll suggest it for possible consideration anyway. I don’t know why - just a Lone Ranger hunch… :wink:

How do I fix the anomalous ‘timeout’ popup?
::slight_smile:
JohnnyBob

I see where it’s probably coming from…

One of the POP3 email accounts that I’m polling automatically with Outlook Express every 20 minutes isn’t connecting. Outlook Express also puts up a popup to let me know that POP account isn’t connecting. Why does Avast bother to do so also?

I would like to get rid of that Avast! email timeout popup entirely, because it’s superfluous and I don’t need it. How?
JohnnyBob

You left out the most important part and that is what program is causing this? You can see that in the timeout message eg. Internet connection timeout elapsed. Continue Waiting?(javaw.exe → xxx.xxx.xxx:xx)

Also if you do a search on the forum with the keywords connection timeout you will find out that this problem is very common and has been answered many many times so you are likely to find a solution much faster with a forum search.

“Internet Connection Timeout” is very general wording and gave me no clue what was causing it. This has been happening for a fairily long time and I never figured it out nor had a clue. I thought it was probably the update scanner, trying to update the avast database or program. If it has said “Email Scanner Timeout” or something similar, then I would have known fairly quickly. So I would suggest that popup should be renamed to be more descriptive.

However, I finally got lucky and saw the Outlook Express popup shortly after the Avast! timeout popup. The cure is probably to set my Outlook Express timeouts to a little less than the avast! timeout, so the latter will never occur. I had my Outlook Express timeouts set for 2-3 minutes, while the avast timeout appears to be about 2 minutes. I’ve already tested that theory and it looks like the solution.

In a perfect world I would have searched the avast database, but I’m not always in an organized frame of mind. Also if it is a very common problem, as you say, then maybe it’s time to change the title of that little email popup timeout notifier so people will know immediately what it is! :slight_smile:

Thanks for your reply and help.
JohnnyBob

I regret that you have not paid attention.

As you have been clearly advised … avast does not give this timeout message without giving you the process name that was timed out, and either the IP address or URL name and port on which the connection timed out.

So, please avoid the rambling discourse and give us the exact details so that we may assist you further.

Peace also be with you.

Well, now you have lost me. I haven’t the slightest idea what you’re talking about! Also it sounds like you only want to be abrasive, not help, but I’m really not in a mood to argue with you about it.

My prior notion of a possible fix by changing the timeout durations for email scans in Outlook Express did not fix the problem. The unwanted annoying timeout popup from avast continues.

It didn’t happen before in the several years I’ve used avast, and nothing else has changed on my system to cause it. So I consider this to be a bona fide avast bug, sufficient to change antivirus software unless you fix it soon.

Johnny Bob

I think I understand your vague chatter, but you are wrong! You say that:

“As you have been clearly advised … avast does not give this timeout message without giving you the process name that was timed out, and either the IP address or URL name and port on which the connection timed out.”

However, it does NOT give any such information! Here is an exact picture of the popup…

http://img72.imageshack.us/img72/627/timeout3gq.gif

So where is this mysterious extra information that you mention??
JohnnyBob

You are preaching only to another avast user … however abrasive … but one who is willing to admit that you have confounded him with your snapshot. It is indeed the first time I have ever seen such a popup without the inclusion of further details.

OK … having admitted myself covered with confusion … will you go a step further to try to identify this issue?

It will probably be useful to create (for a while) a more detailed avast! log of your mail connections.

You can get the mailscanner to log your connections by editing the avast4.ini file (in Program Files\Alwil Software\Avast4\DATA folder).

In the section headed:

[MailScanner]

add the line:

Log=20

and save the updated file.

The log will be in Program Files\Alwil Software\Avast4\DATA\log\ashmaisv.log

If you are then willing to share the log … please first obscure any personally identifiable information in it … we shall have a better chance of understanding exactly what is causing the timeout you are encountering.

By the way … just trying to “turn off” the warning may, as many others have found, be ignoring malware that has invaded your system.

Yes, I’ll do as you suggest. Should I email the log somewhere? It’s probably longer than would post here neatly.
JohnnyBob

If it exceeds the limits allowed by the forum please advise, then I’m sure a member of the avast team will post further recommendations.

If forum limits allow (perhaps assisted by zipping the file) more of us will be able to try to assist.

Additional questions.

Are you using any peer to peer connection such as azureus or utorrent?

Have you made any change to the default ports being monitored by the avast Internet Mail scanner?

Is your mail client permanently active … if so can you please advise the client used?

Thanks.

I just find out that the extra info (program and address) is by mistake not displayed if user disabled the mail icon (in Internet Mail/page Advanced). Is it your case ?

vojtech,

it is good that you are several thousand kilometers from me … ok … just kidding … really.

How soon will this “mistake” be fixed?

JohnnyBob,

it seems possible that the lack of extra details may well be due to the “mistake” reported by vojtech and that you (as you thought) have identified a problem that the avast team needs to fix (and thereby thanks are due to you).

It may easier for you to delay taking action until the correction is available that could provide the extra process/address/port information that we are used to seeing in the popup you reported.

It will be fixed in the next update. I don’t think it’s much serious and an easy workaround is to enable the icon.

I’m reluctant to get involved with these tech problems. It takes a lot of work, and I’m busy otherwise
already, but here goes…

Q: Are you using any peer to peer connection such as azureus or utorrent?
A: Not that I’m aware of, but I don’t really know what you mean - except as mentioned in this thread above.
I’ve searched and found one instance of javaw.exe on my computer under C:\Program Files\PC-Doctor for
Windows\jre\bin, which is one of the utilities provided by this computer manufacturer, Compaq. However I
rarely if ever use PC-Doctor, and as far as I know it is inactive otherwise.

Q: Have you made any change to the default ports being monitored by the avast Internet Mail scanner?
A: No, not intentionally, because I wouldn’t know how or where to change them! Those kinds of technical
details are over my head. :slight_smile:

Q: Is your mail client permanently active … if so can you please advise the client used?
A: I don’t know what you mean by “permanently active”. I use a dialup connection, so it’s active when I’m
online. My email software (client, presumably) is Outlook Express 6, which comes with Windows XP Home (SP2)
and all the latest updates. I use it 95% of the time with POP3/SMPT, or (SSL) POP3/SMTP with gmail.com, and
only occasionally use Internet Explorer webmail interfaces such as provided by gmail.com, earthlink.net, etc.

Q: I just find out that the extra info (program and address) is by mistake not displayed if user disabled the
mail icon (in Internet Mail/page Advanced). Is it your case?
A1: I am using the Normal sensitivity setting for Internet Mail, and have not made any customizations. If you
mean: “Show tray icon when scanning mail”, that box is not checked under Resident Task Settings, Advanced tab.
However I didn’t uncheck it, as best I can remember, so that must be how it installed by default. I disabled
the tray icon and sliding box, and run updates in Silent mode, under avast! settings, Update Basic, Details
button. That’s because they started to become an annoyance.
A2: I’ll try checking the “Show tray icon when scanning mail” box and see if that makes any difference. But
will that work if I leave the slider on Normal sensitivity? Or do I need to move the slider to Custom? As you
can see, I am not an expert on avast! Maybe I’ll make a long study of it someday, but am normally pretty busy
otherwise. :slight_smile:

As you can see, checking that box worked to insert the extra information…

http://img382.imageshack.us/img382/2098/timeout20of.gif

However the unwanted avast! connection timeout popup is continuing to appear frequently, a major annoyance, so
that didn’t fix my problem.

Now herebelow is a portion of the AswMaiSv.log you requested. I had to cut it off to fit into your 10000
character maximum here. You can have the whole 128KB log via email if you want it. I am automatically polling
many different email addresses and domains every xx minutes with Outlook Express including earthlink.net,
gmail.com (SSL), all2easy.net/all2ez.net), dialup.cc, and a private domain which I don’t want to mention in
public here. Offhand I don’t see the dialup.cc domain in the log; it is not connecting, and apparently causes
the unwanted timeout popups.

02/01/06 09:24:04 000007F0: Started as serice, Log = 20(0x00000014)
02/01/06 09:24:04 000007F0: Build 4.6.763
02/01/06 09:24:04 000007F0: Windows XP Workstation (Service Pack 2)
02/01/06 09:24:04 000007F0: Using WinSock 2.0
02/01/06 09:24:04 000007F0: PID = 1988(0x000007C4)
02/01/06 09:24:04 000007F0: Tray icon settings changed 0(0x00000000)
02/01/06 09:24:04 000007F0: AutoRedirect settings changed 1(0x00000001)
02/01/06 09:24:04 000007F0: IgnoreAddress set
02/01/06 09:24:04 000007F0: IgnoreProcess set
02/01/06 09:24:04 000007F0: IgnoreProcess set avast.setup,winroute.exe,ccEvtMgr.exe,ccPxySvc.exe,ccProxy.exe,ccApp.exe,ccPwdSvc.exe,ccSetMgr.exe,ccLgView.exe
,SMPROXY.EXE,isafe.exe,TMPROXY.EXE,EMULE.EXE,WEBPROXY.EXE,NAVAPW32.EXE,SYMPROXYSVC.EXE,NETMONSV.EXE,CRAXY.EXE,
CZDCPlusPlus.exe,ABC.EXE,mpftray.exe,bitcomet.exe,V3P3AT.EXE,ypager.exe
02/01/06 09:24:04 000007F0: IgnoreProcess set avgemc.exe
02/01/06 09:24:04 000007F0: IgnoreLocalhost settings changed 1(0x00000001)
02/01/06 09:24:04 000007F0: POP Start settings changed: 1
02/01/06 09:24:04 000007F0: POP Listen settings changed: 127.0.0.1 12110
02/01/06 09:24:04 000007F0: POP Listening daemon starting
02/01/06 09:24:04 000007F0: POP Listen handler: 0x000000F4
02/01/06 09:24:04 000007F0: POP RedirectPort: 110
02/01/06 09:24:04 000007F0: Redirect set 110->127.0.0.1:12110
02/01/06 09:24:04 000007F0: IgnoreLocalAddresses set 110
02/01/06 09:24:04 000007F0: POP Listening daemon started
02/01/06 09:24:04 000007F0: SMTP Start settings changed: 1
02/01/06 09:24:04 000007F0: SMTP Listen settings changed: 127.0.0.1 12025
02/01/06 09:24:04 000007F0: SMTP Listening daemon starting
02/01/06 09:24:04 000007F0: SMTP Listen handler: 0x000000F8
02/01/06 09:24:04 000007F0: SMTP RedirectPort: 25
02/01/06 09:24:04 000007F0: Redirect set 25->127.0.0.1:12025
02/01/06 09:24:04 000007F0: IgnoreLocalAddresses set 25
02/01/06 09:24:04 000007F0: SMTP Listening daemon started
02/01/06 09:24:04 000007F0: IMAP Start settings changed: 1
02/01/06 09:24:04 000007F0: IMAP Listen settings changed: 127.0.0.1 12143
02/01/06 09:24:04 000007F0: IMAP Listening daemon starting
02/01/06 09:24:04 000007F0: IMAP Listen handler: 0x000000FC
02/01/06 09:24:04 000007F0: IMAP RedirectPort: 143
02/01/06 09:24:04 000007F0: Redirect set 143->127.0.0.1:12143
02/01/06 09:24:04 000007F0: IgnoreLocalAddresses set 143
02/01/06 09:24:04 000007F0: IMAP Listening daemon started
02/01/06 09:24:04 000007F0: NNTP Start settings changed: 1
02/01/06 09:24:04 000007F0: NNTP Listen settings changed: 127.0.0.1 12119
02/01/06 09:24:04 000007F0: NNTP Listening daemon starting
02/01/06 09:24:04 000007F0: NNTP Listen handler: 0x00000104
02/01/06 09:24:04 000007F0: NNTP RedirectPort: 119
02/01/06 09:24:04 000007F0: Redirect set 119->127.0.0.1:12119
02/01/06 09:24:04 000007F0: IgnoreLocalAddresses set 119
02/01/06 09:24:04 000007F0: NNTP Listening daemon started
02/01/06 09:24:04 000007F0: Ignored PIDs: 1988
02/01/06 09:24:04 000007F0: Ignored Addresses: 127.0.0.1:119 127.0.0.1:143 127.0.0.1:25 127.0.0.1:110
02/01/06 09:24:04 000007F0: Ignored Processes: avgemc.exe ypager.exe V3P3AT.EXE bitcomet.exe mpftray.exe
ABC.EXE CZDCPlusPlus.ex CRAXY.EXE NETMONSV.EXE SYMPROXYSVC.EXE NAVAPW32.EXE WEBPROXY.EXE EMULE.EXE TMPROXY.EXE
isafe.exe SMPROXY.EXE ccLgView.exe ccSetMgr.exe ccPwdSvc.exe ccApp.exe ccProxy.exe ccPxySvc.exe ccEvtMgr.exe
winroute.exe avast.setup
02/01/06 09:29:00 000000F4: POP accept connection from: 127.0.0.1
02/01/06 09:29:00 000000F4: Connection handler: 0x000003E8
02/01/06 09:29:00 000003E8: Ignored PIDs: 1988
02/01/06 09:29:00 000003E8: Ignored Addresses: 127.0.0.1:119 127.0.0.1:143 127.0.0.1:25 127.0.0.1:110
02/01/06 09:29:00 000003E8: Ignored Processes: avgemc.exe ypager.exe V3P3AT.EXE bitcomet.exe mpftray.exe
ABC.EXE CZDCPlusPlus.ex CRAXY.EXE NETMONSV.EXE SYMPROXYSVC.EXE NAVAPW32.EXE WEBPROXY.EXE EMULE.EXE TMPROXY.EXE
isafe.exe SMPROXY.EXE ccLgView.exe ccSetMgr.exe ccPwdSvc.exe ccApp.exe ccProxy.exe ccPxySvc.exe ccEvtMgr.exe
winroute.exe avast.setup
02/01/06 09:29:00 000003E8: --POP command REDIRECT 64.202.165.92:110 624
02/01/06 09:29:00 000003E8: PATH: \Device\HarddiskVolume1\Program Files\Outlook Express\msimn.exe
02/01/06 09:29:00 000003E8: Connected to POP server 64.202.165.92 110
02/01/06 09:29:00 000003E8: received 53(0x00000035)
02/01/06 09:29:00 000003E8: <-POP +OK 31497.1138807740@pop04.mesa1.secureserver.net
02/01/06 09:29:00 000003E8: sent 53(0x00000035)
02/01/06 09:29:00 000003E8: received 1(0x00000001)
02/01/06 09:29:00 000003E8: received 1(0x00000001)
02/01/06 09:29:00 000003E8: received 1(0x00000001)
02/01/06 09:29:00 000003E8: received 1(0x00000001)
02/01/06 09:29:00 000003E8: received 1(0x00000001)
02/01/06 09:29:00 000003E8: received 1(0x00000001)
02/01/06 09:29:00 000003E8: received 1(0x00000001)

Whatya think?
JohnnyBob

Jumping into the fray here…be nice…I have recently started getting these timeout popups also. Probably for the past week. Like JohnnyBob, sometimes its every 2-3 minutes, other times, its twice a day. I am not aware of any changes I have made to my system, but that doesn’t mean I haven’t. I took a picture of my error message but have spent WAY more time than I have, trying to attach it to this, so here’s a direct quote from the pop-up:
“Internet connection timeout elapsed. Continue waiting? (OUTLOOK.EXE → ip-my ip address inserted here.secureserver.net:110)” Yes No
I have broadband/cable. My internet connection is not timing out, I’m staying connected. And I stay connected continuously.
One thing that just occurred to me (and is over my head), I use AVAST Anti-Virus and for about 1-1/2 weeks after the sweep (I sweep every night) it would give me a message about a possible rootkit. Tech support at Avast said they were working on it and would send the patch asap. My sweep last night did not reveal a rootkit so I’m assuming they got that worked out. Because of that, I ran a thorough sweep using Avast (took 4 hours!) today and it found no problems. I’m still getting the pop-up though.
I’m using WinXP, IE 6, don’t know what else to stay. Thanks to anyone who can offer some help.
Pat

Thanks for commenting. It’s always nice to know someone else is having the same problem… :slight_smile:

My wayward email account with dialup.cc started connecting again.

Also I went into:

–On-access Protection Control
–Internet Mail
–Customize button
–Advanced tab

and selected the radio button for “When this time is over: shutdown connection”. I also unchecked the box for “Show tray icon when scanning email” because I really don’t want to see it. My timeout there is set for 120 seconds. whereas the timeouts set in my email software (Outlook Express) are for 60 seconds.

With my fingers crossed, I can say that so far I haven’t had another avast timeout popup. :slight_smile:

Good luck with yours,
JohnnyBob

JohnnyBob,

While I have not seen the complete log you created of your mail connections I am fairly sure that I know what happened.

While I understand that you do not want to be bored with technical details maybe a high level view may help you adjust your timeout values appropriate for your needs and assist you in knowing what is going on when you see another timeout from Outlook Express.

Since you are on a dialup connection remember that, even if OE has exclusive use of the connection the maximum amount of data you can transfer is about 6Kb a second or 360Kb a minute. Also, files sent as email attachments actually become quite a bit larger than their real size when they are encoded to make it possible to send them through email systems.

When the avast email scanner is active it actually fools OE into thinking that avast is the email server. avast sends your login credentials to the email server and then it monitors all the POP3 activity of OE. When OE requests that a message be retrieved from the server it is avast that gets all the message blocks and it then caches them on your system until the whole email is received. It then can disect the message parts and ensure that none of the message parts is infected. Assuming the message is not infected it then passes the complete message back to OE.

By the way, I am certain that there have been no issues about connecting to the POP3.dialup.cc mail server. If there were avast would not wait around for 120 seconds it would return the error immediately to OE. This was confirmed by some tests I carried out with that server today.

Without seeing your complete log I am fairly certain the scenario went like this:

Remember at this time you had your OE timeout set higher than the 120 seconds timeout in avast.

At some point (coincident with when you started to see these timeouts) someone sent you an email to your account at dialup.cc with a large attachment let’s just guess at 800Kb.

When you started OE it processed your mail accounts (one at a time as it does) and eventually it got to the dialup.cc account. OE asked for the first unread message to be retrieved (the one with the large attachment). avast intercepted the message blocks and in two minutes was only able to read about 720kb of the message so the message was still incomplete. Then the timer popped and you got the message asking you if you wanted to wait. I assume you said no and the connection to POP3.dialup.cc was terminated.

OE of course will keep trying to access your account again and again, that it what it is supposed to do and the whole process repeated itself. And it can go on for days.

Many ISPs have a retention policy for unread mail and will simply delete it after a period. If that happened with this particular message then at a point in time you would find that suddenly are able to read the messages from that account again. Some confirmation of this scenario would be that you would find, once this “blockage” was removed, the first few message you were able to read might be older than you would expect.

To draw this to a close I think that your policy of keeping the OE timer slightly lower than avast timer is a good one. Only you know what size attachments you typically need to send and receive with your email. I have advised a couple of folks on dial up that I support to set their avast timeout to 300 seconds while keeping their mail client timers slightly lower. That still allows them to get and send reasonably large email attachments without being plagued with warnings.

PatP3005,

can I ask for a clarification of:

OUTLOOK.EXE -> ip-my ip address inserted here.secureserver.net:110

When you say “my ip address inserted here” do you mean the ip address of your own system?