When I installed the windows update today (the one about URI handling) I restarted the computer and on boot it said avast mail scanner warning unable to scan mail make sure your firewall hasnt blocked it access, but nothing came up saying anything had changed with my firewall settings so it should be allowed. The logs are not showing the error message and as far as I know my firewall is saying access is allowed.
Is my Avast damaged due to Microsofts update and has anyone else experienced this after installing the patch?
I run Windows xp sp2
Edit: added screen grabs it says it wants permission but nothing came up asking me to allow it, should I have done (should ashmaisv be using shell32.dll) and how can I get it to prompt me again
ps the patch altered the shell32.dll file as part of the patch, what is the parent of ashmaisv so I can set it?
Also it said I had to allow itircl.dll is that safe as well?
Well the first image shows that services.exe is the Parent and also shows the access is your local port, 12110, which is the port that ashMaiSv.exe listens on for pop3 email.
Description:
shell32.dll is a library which contains Windows Shell API functions, which are used when opening web pages and files.
So I would say that shell32.dll is a component that it has to use and that component may have been updated in the windows update, I don’t know that for certain as I haven’t applied that update yet. I tend to wait a little while until I see there is no adverse effect from installing the patch, eNewlsetters, etc.
All in all since it all relates to localhost 120110 I would think it is legit.
I would reboot and se if it pops-up again, if not look in the program/application control (or check out the help file of your firewall, possibly component control) and see if you can find anything about shared components, etc.
I wouldn’t hold your breath it is likely to be at least 10 days possibly 14 before I install it. I give it lots of time for ‘others’ to test patches and get feedback from newsletters, etc.
The fact that we have different firewalls and likely different functionality I may net even come across this issue. Your best bet is to ask on your firewall forum.
That looks like a window from comodo. Comodo has a feature that tracks components of an application/program that has been given internet access. If a component is modified or a new one added, comodo will ask you to aprove the change before it will allow access. Windows update may very well have modified a component that the mail scanner uses. Since it is trying to acess the correct port for mail, I tend to agrree with DavidR, it probably is legit.
Check the component control to see if that file is there and any info, such as date, size path and compare it to the new one.
I just did the update and it happened to me. Here is what I did. I went into my firewall (Comodo) and removed the web mail. Rebooted and I didn’t get the error message and my firewall popped up to allow avast. Seems to have solved the problem. Hope this helps you.
Approving the component would probably have done the same thing. I suspect, as did DavidR, that shell32.dll was modified by the update. But no matter, you got it going. 8)
@ sanctuary24
One thing I didn’t think about is to check the file properties of shell32.dll and check the created/modified date as one or both of those should be very recent, e.g. corresponding to when you made the windows update.
If it does it confirms that it was the component that changed and not avasts use of it.
I did something else but hopefully it was right, I set allow for ashmaisv.exe and set it to learn parent and the error has not come up since.
ps what is the parent of ashmaisv.exe as I can set it myself
tbird did you encounter another comodo pop up for some other component on mine it said to allow inetres.dll and itircl.dll, the update must have changed these files as well
tbird did you encounter another comodo pop up for some other component on mine it said to allow inetres.dll and itircl.dll, the update must have changed these files as well
Sanctuary, sorry I don’t understand this tech talk. This isn’t the first time this has happened to me. The last couple of MS updates created the same problem for me. My Comodo showed that it wasn’t blocking avast so I removed it and then got a new popup and okayed it and rebooted. Then things worked okay. Don’t know why MS updates messes it up for me.
Each application that runs on your system often requires many supporting system files (components) for it to do its task, some firewalls are able to link these components to the application and if one or more of the components changes it will alert you to the change.
If you have just made an update to that application or have just done a windows update(WU) you can reasonably expect to have some files changed. If however you haven’t recently done a windows or program update then it is more suspicious and would require more investigation.
Find the file as I mentioned and open its properties, see who the owner is, system files will obviously be MS and then check the date modified and see if it coincides with a WU. Google the file name and get some information about it.