I am having trouble excluding an IP Address and/or process from Avast! Free. A little background:
I work for a company that produces electrical testing instruments. We connect to our instruments in a variety of ways, but one in particular connects via Ethernet and gives us trouble with many antivirus programs, Avast being latest to come to my attention. With other antivirus programs, I am able to exclude an IP address from monitoring or exclude the process name for the program, and everything will work as intended. I have not been able to do so for Avast as of yet.
What I have found so far is that if I Open avast! user interface then go to Settings and then disable Web Shield under Active Protection, I can communicate with my instrument. This would work, but I do not want to tell our customers to disable this wholesale. Within the Settings of Web Shield I have tried adding exclusions to URLs and Processes under Exclusions and also added URLs to Script Exclusions. I have also tried to add the IP address under Troubleshooting, to no avail.
The IP address I am trying to exclude is 169.254.1.1. Is there something I am missing? I have added all of the programs I am running to the process exception list, and it still did not work. Is there a registry entry I can make to exclude this IP address?
Try this - avastUI > Settings > Troubleshooting - scroll down to Redirect Settings > WEB and add your IP address to the Ignored addresses: field.
Note if you have other IPs you wish to add you need to separate each with a comma.
Which section under Exclusions? I added exceptions to File paths, URLs, DeepScreen, and Hardened mode, none of which worked. URL adds a http://, which isn’t what I’m looking for. Is there someplace else you were referencing?
@DavidR
I added the IP address there and it was still being blocked.
Is there anything special about this IP address normal whois checks don’t return any info.
You say that it is being blocked, are there any alerts/message dialogues (or browser based messages) ?
Are the programs are communicating using http ports ?
If they are they have to be strict on using http protocol otherwise the web shield might baulk on the connection/traffic.
You could try the Web Shield settings > Main settings and check the ‘Scan traffic from well-known browser processes only’ option.
IP range: 169.254.0.0 – 169.254.255.255
Used for autoconfiguration between two hosts on a single link when no IP address is otherwise specified, such as would have normally been retrieved from a DHCP server, as specified by RFC 3927
We have a message built into our program when it cannot communicate to our instrument.
I am able to access the web page that the instrument serves up, but when testing there is a lot of traffic being sent back and forth for calculations and adjusting current/voltage that the instrument puts out and this is where the problem comes from. The engineer said that it uses standard TCP/IP protocols.
I tried the setting you suggested and it did not help.
Yes, the instrument connects directly to the PC and autoconfigures the PC IP address since there is no DHCP. Was there something you wanted to suggest trying?
Sorry, I had though that this would work as this program and its communication wouldn’t be considered a well-known browser process. This essentially should have been the same as switching the web shield off for that process, but not effecting web protection for normal browsing.
Saying it uses TCP/IP protocols makes this a little more strange as the web shield is monitoring http traffic, so I (as an avast user not employee) don’t know how this would fit in with the web shield monitoring http traffic.
Reading through the topic again - you said you had also tried excluding processes - was this for the module/process if there is more than one ?
The instrument has its IP address configured during production, and its always 169.254.1.1. The PC that connects the instrument is assigned a random IP address.
I tried excluding the processes that are present when the program is running (this is the way we have to configure it for Trend Micro). The way we had to do it for them was to modify the registry. Do you guys know any tricks to add excluded programs/process/IP addresses to the registry?
Yes, I tried excluding the whole folder, but no dice.
Unfortunately avast! customer support is unwilling to help unless we pay for the support (we were never charged for ESET NOD32, Kaspersky, or Trend Micro support). We are just going to have to advise our customers to switch to a different product until the time that avast! is willing to help us out!
Thanks for all your help in the meantime gentlemen.