I don’t know which firewall you are using, but if it’s Comodo Firewall then you can use wildcard (*) for rules.
Which is not safe at all. Imagine a virus located in a subfolder of this wildcard path… then it could operate without any firewall action.
I really think that the solution/fix could not and should not be find in the firewall side but in avast side with a correct icarus.exe behavior.
There paths (at least "C:\Program Files\Common Files\Avast Software\icarus") are protected by Avast Self-Defense.
Ok so other people have to uninstall their favorite firewall just to not be bothered by a newly wrong behavior of icarus.exe?
I’m just saying, “if it’s Comodo Firewall then you can use wildcard (*) for rules”. Nothing more.
oh ok 
You can use wildcards, but that’s a shoddy workaround, not a fix. Because as stated it isn’t good security practice. Having to compromise firewall security because of poorly thought out behavior from an AntiVirus no less, really is mind-numbingly stupid.
Personally I’m not a fan of using extra external executables in the first place. Things like overseer and icarus seem like weird patch jobs for a more structural design flaw. At least keep icarus.exe the same and have whatever it loads/updates as a separate definition file, so the executable itself only occasionally needs to update and thus ask for firewall permissions.
Is Avast even watching this topic? There is just silence. Why? Avast: please respond.
And yet that is not the path where it runs from, instead it runs in the temp folder which in and of itself is similar behaviour of malicious software.
The Temp folder? That implies Windows/Temp. Is that what you mean?
maybe they realized that they made an embarassing mistake
I have a 10-user license and the same problem on all computers with different operating systems.
I have already contacted support about this, the idea of repairing or reinstalling, what is that supposed to do?
The support does not seem to be interested.
If the error is not fixed with the next program update, I will contact support again.
Unfortunately, my license runs until the end of 2026.
then my question now is what alternative can i/we consider?
is avira antivirus fine?
Hi guys, Icarus.exe is a regular part of Avast, it is the installer. As such it changes frequently and must communicate over the network. I am not aware of any change in the 24.10. that could cause this new behavior in your firewalls, but of course, we are looking at it already and we are trying to reproduce it. Can you, please, post screenshots of the alert? What kind of traffic is alerted by the firewall - unfortunately, as it is an installer it is connecting to the network and is downloading updates - both program updates and VPS updates.
Also, please note, that blocking icarus.exe means, the program will no longer be up-to-date and you will not get the VPS updates either.
Hi lukor, it’s 3rd party firewall that complaints, not Avast’s if you mean.
1 Like
My firewall events looks like this in regard to Icarus.exe. I Have 2 permenent events
(not shown here) and this bunch of ever growing temp requests, about 3 per days at least.
Some of 3rd-party Firewalls does not support wildcards (or users does not want to use it), and icarus sometimes runs from random GUID directory, that makes these firewalls complaints every time icarus runs because the paths are changed.
And I believe icarus is now (recently) dispatched into release channel (i.e. not only beta) right? I suppose that’s why so many are complaining now.
all you need is already posted in this topic, can you check it please.
which is normal, but this is not the problem.
before this bug we hadn’t alerts of icarus.exe everyday.
(all explanations/details are in the topic, repeated many times)
Hello,
We greatly appreciate your patience as we work toward a resolution
To provide some quick background on the product:
icarus.exe is the current version of our installer/updater/uninstaller used for most of our products. As you’ve noted, it’s gradually being integrated into Avast AV.
We strongly advise against blocking the icarus process in your firewall, as doing so will disrupt product and virus definition updates.
Regarding the issue you’re experiencing with Windows Firewall - this behavior is definitely not intended.
Could you share details on how your Windows Firewall is set up, including screenshots of the Firewall pop-up screen?
Also, it would help to send us data from our Support Tool, either from Setting->General->Troubleshooting page->[Send Logs],
or if it is not available for you, from our web - see details here:
Thank you
firewall is set up so that every new application that needs a network connection triggers an alert that asks if we want to allow the connection or not.
if a program is located in a folder and wants to connect then an alert is triggered.
if we allow the connection, the rule is saved and no future alert will be displayed.
but if it is in an other folder and wants to connect then an alert is triggered.
and this is precisely the problem, because now , the icarus program appears every time in a new folder, so triggers everytime a new firewall alert.
it is the normal behavior of a firewall, and there were no multi-alerts problem before something changed in avast/icarus.
Some users set their firewall so that every trusty program can connect without alert, these users won’t be bother with alerts (maybe avast firewall has this rule already set for avast program).
But personnaly, i prefer to be alerted for every new program that ask connection, and this is supposed to happen one time for each program since programs are supposed to stay at the same folder.