I dont want IE to have access to the web, and always block it in my firewall (use Firefox instead).
Now a problem has arised since I installed Avast (which seems to work great, except I think it doesn’t scan archivefiles for some reason…maybe have to pay for pro), IE gets through my firewall. I guess this is cause the browsers connect through some local Avast-proxy/filtering-mechanism and since Avast is allowed online so is IE and I loose all control over it.
Is there any way I can disconnect IE from this filtering proxy thing, or are there some way to block it in Avast instead?
Well, even if I remove the IE-rule from my Sygate Firewall I have use the last two years or so, it goes online without asking. So something makes IE go out undetected, and my guess is that Avast has something to do with it. Dont you think?
I’m pretty sure I’m right (and you are wrong ;)). A look in Sygates traffic log says its Avast who goes online when I open IE. To be precise, it says “ashWebSv.exe” is visiting www.microsoft.com (startsite in IE).
ASHWEB is the webshield monitor it is monitoring IE it is not starting it, IE is going to windows update and webshield follows . It can’t start its own instance of IE. When you open the main scannining interface, when you select the disc to scan a pop up shows where you can tick to scan archives
BUT, what about Internet Explorer? Now that Avast is installed it just goes through my firewall, which just says Avast is going online.
Isn’t it likt that for everyone else in here? Try blocking IE in your firewall and see what happens…
Avast does not use any browser except when you tell it to i.e get other skins etc. Otherwise all it does is scan your web traffic. When you delete the rule from your firewall and IE asks for permission what programme instigated it
IE dont ask for anything, it just goes online and the log in Avast says its Avast itself going online…like its hiding IE some way.
Stopping the web shield in Avast (dont know how to restart it now again lol) makes it all work again…IE asks and I press block, but as soon as Avast webshield is up again I’m sure it will be as before again, it goes through undetected
This is a known flaw in the Sygate firewall (localhost loopback), it can’t identify what program is using a localhost proxy, all it see is the proxy and if that is allowed it doesn’t prevent programs using the proxy.
How to disable transparent web shield proxy and allow only those browsers you want use it:
In avast! go to Web Shield provider, Customize…, Basic tab, blank the redirected HTTP port field (remove the 80). Now no browser can use webshield unless you manually configure it to use Web Shield.
Ok, thanks a lot for the help. So this way I can disable the automatic proxything and set it manually instead
Feels like I should put some other port instead of 80 there, but I just delete it as you said then and read up on how to set it up for Firefox.
I thought my Sygate was very good, but maybe its not anymore. Any idea of what free firewall to switch to? If its needed that is, its not like you need updated definitions in a firewall…
Hmm…I know there was some old reason I choosed sygate and not zonealarm a few years ago…maybe it was some issue with my Norton Antivirus, or it was some lacking feature.
I’ll have to read up on Zonealarm again.
But that still doesn’t answer the question as to why IE starts itself. There is something on your system that is starting IE, when it starts webshield will monitor the traffic, but that still doesn’t narrow down what the culprit programme is. I have just removed IE from my firewall permission list. Now to post this missive I must let it access the net again
Well IE doesn’t start by itself.
Anyway its already been explained in here, its my Sygate firewall that cant differ the two browsers, instead it just sees the Avast proxy as one single app.
I assure you nothing is starting IE without my permission…that would scare the hell out of me
Zone Alarm free http://www.zonelabs.com works fine with avast and has a reasonably friendly user interface. There are others, Comodo, Jetico, Sunbelt Kerio, etc.
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php.
There are some links that can actually force IE to be used as the browser, some specify IE rather than the default browser, which is often why it happens. There were links in avast that opened IE if you clicked on them and we asked for those to point to the default browser rather than IE, but there are many other programs with the same issue.
For instance open the avast help file, the Technical Support page and click on the avast forums link or the FAQ offline page, click the FAQ link and those for me opens IE (spit) even when Firefox is open. This is a real pain, in the rear, given the many security issues with IE and the fact that avast is meant to be securing my system ;D not giving malware a chance by using IE.
Yeah but with a proper firewall (from what I understood at least) it will work as it should, blocking IE in the firewall if you have set it to do so.
Gonna switch to Zonealarm soon I think…
I’m staying with my “old” free Sygate Firewall anyway. Turned off the automatic proxy and entered the portnumber and stuff in Firefox and now it works. Firefox goes through the proxy (can verify it by looking at firewall logfiles) and IE is outside it all and gets blocked by firewall as I wanted.
Not very hard to fix
Heard some bad stuff about Zonealarm so I’m staying with what I got, even though it has this “proxy-bug” not differentiating (is that a word?) between IE and Firefox through the proxy.
Heard Zonealarm slows traffic down and lacks lots of features…and people on a bunch of forums seem to prefer Sygate.
I was using Sygate’s last version and I configured my firewalls to use WebShield proxy, everything was fine. But ended up switching to ZoneAlarm Free after some BSOD issues after hibernations with Sygate. I haven’t encountered those issues anymore, I really recommend you to try ZoneAlarm Free.
Anyway is good idea to configure your browsers manualy:
There are other firewalls than ZA as I mentioned and the link to the firewall leak tests, shows a number of alternatives that do well in those tests (ZA free does less well than the ZA Pro version). I don’t think I would like to entrust my security to a firewall that isn’t being developed any more, the people trying to exploit firewalls haven’t been bought out by Symantec and thrown away.
