Internet Timeout

Avast Free Antivirus / Premium Security
1

I am getting this popup message telling me that an “Internet Timeout” has occurred.

However, my connection to the Internet is OK.

There is no reference to what Avast is talking about - just this meaningless warning that keeps popping up about every 5 minutes.

I think I managed to shut it off by telling it to Cancel.

What is this?

2

You can increase both your avast! timeout: Internet Mail provider > Customize > Advanced (tab)
and your email account timeout (generally, right click the email account, choose properties and the Advanced tab of settings).

See pictures here: http://forum.avast.com/index.php?topic=17460.msg148474#msg148474 :wink:

3

What is Avast doing with my email? Why is it trying to connect to my mail servers?

4

Don’t increase the timeouts until you confirm exactly why the timeout has occurred.

This meaningless warning as you call it, could be giving you a good indication that there is either malware on your system that is trying to send email without your knowledge or a P2P program that is communicating using an email port.

Please give full text details contained in the warning or post a screen shot of the warning.

Do you use a P2P program, if so what is it ?
What is your firewall ?
What is your email program ?

5

I call it “meaningles” because it does not tell me its meaning. If it told me why it was happening then it would not be meaningless.

I discovered what is happening. One of my POP3 servers is broken. However, the message did not state the problem correctly. My Internet connection is OK- it’s the email connection that is screwed up.

Thanks for pointing me in the right direction. I increased the timeout and now it does not fuss.

6

But if you aren’t trying to connect and collect email when this warning pops-up, it could be a malicious spambot sending mail from your system as I mentioned and there is a lot of information contained in the error message which is helpful to us.

The warning has nothing to do with your internet connection (I believe, but without full information that is a guess), rather the lack of activity between your computer and the email server. So simply increasing the timeout without identifying the exact problem could leave you vulnerable.

We also ask questions to get to the rout of the problem in an attempt to help you, without them we are left guessing.

7

DavidR,

we have to keep in mind with this issue that rcktexas may be one of those users who have chosen to turn off the avast mail systray icon. If that is the case then this user will just see the popup message with no accompanying diagnostic information and I would have to agree with the assessment that such a bare popup is “meaningless”.

Since we have been told that this issue warrants no further attention until the next point release it is just something we will have to remember.

I will restate my view that if this timeout is on the receive side (port 110) then I am absolutely convinced that avast does itself a grave disservice by taking over the role of being the reporter of a problem that is none of its business and properly belongs in the realm of the user’s email client (or more frequently these days the user’s p2p client). I cannot imagine a malware writer foolish enough to connect to some mailserver to get its instructions and then take more than 2 minutes over receiving them. We have yet to see, I suggest, a single instance where the avast timeout on the receive side has proved valuable to any user and it takes up way too much time and effort of those trying to help out in this forum.

Further, if avast continues down this path we are likely to see more users taking the advice proferred by Tech and simply extending the timeout value which, since it covers both send and receive, may well cause users to miss infection by a spambot sending out unwanted emails from their system - of which quite a few have been only detected by the valuable timeout warning on the send side (provided, of course, that the essential diagnostic information always accompanies the popup).

Alan steps down from his soapbox … for now.

8

Mailwasher was trying to connect to one of my POP3 servers - that’s what it does every 5 minutes. But the POP3 server was broken. Then Avast popped up a meaningless message about Internet timeout. I did not realize the two events were connected until I posted here and received the reply that explained what was going on. I set the timeout longer which stopped the popup messages until the POP3 was repaired. Then I put the timeout back to its default value, 120 sec. Now I know what to look for so I will leave the timeout at the default.

Thanks for everyone’s help.

9

MailWasher since it uses the email ports will also be monitored by avast’s email scanner.

I have MW Pro and I have stopped avast from scanning its content. Since WM only downloads the headers, a small part of the email to analyse spam content (which is viewed in text mode) and no attachments I personally don’t feel the level of risk warrants being scanned.

If the email programs timeout delay is extended past avast’s delay then avast will pop-up first and in the case of MailWasher I’m not even sure there is even a way of changing or setting a timeout delay, so avast may well be the only indicator of any supposed timeout.

10

How did you do that?

11

By editing the avast4.ini file, [MailScanner] section using a text editor like notepad. It is best to save a copy of avast4.ini to another location in case of any problem, you can then copy the original back.

[MailScanner]
IgnoreProcess=MailWasher.exe add this line if you don’t already have an IgnoreProcess line.

12

I did that and rebooted. Now it appears as if Avast is not responding when I invoke MailWasher.

Since you are so knowledgeable about these matters I thought you might be able to shed some light on a problem I had which caused me to seek out a new AV product like Avast. I chose it solely on the basis that is was supported by this forum. I figured if that many people would take the time to make the forum active, it had to be a good product.

My problem was that Computer Associates EZ Trust AV (free from Road Runner) was corrupting my NTFS filesystem. I know it was CA because when I uninstalled it the problem went away and when I reinstalled it the problem came back. Fortunately Avast does not do this.

Almost every time I would reboot my Win2K SP4 system it would detect a corrupt NTFS filesystem and schedule CHKDSK on startup. 9 out of 10 times CHKDSK was able to repair the damage. 1 out of 10 times I would get a BSOD (STOP). To repair this I had to swap the corrupt disk as D: (I have removable drive bays) and run CHKDSK D: /f from another boot drive. The repair always worked despite multiple screenfulls of repairs.

Here are some error messages I was able to retrieve from Event Viewer:

+++
disk: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume System Disk.

ftdisk: {Lost Delayed-Write Data} The system was attempting to transfer file data from buffers to \Device\HarddiskVolume1. The write operation failed, and only some of the data may have been written to the file.

Application popup: Windows - Corrupt File : The file or directory is corrupt and unreadable. Please run the Chkdsk utility.
+++

Does anyone know what is going on here? Computer Associates “tech support” didn’t have a clue about how to diagnose this so I blew them off and found Avast.

13

Why would avast respond when you invoke MailWasher, you just told it to ignore it (unless you mean that it isn’t scanning and that is what you wanted)?

I’m sorry I never used Computer Associates EZ Trust AV so I don’t know how it works deep down. I also kept fat32 for my system rather than NTFS when I installed XP Pro, so I only have a very limited knowledge of ntfs.
For me at the time I installed XP Pro, the advantages for ntfs were out weighed by the disadvantages, so I stuck with fat32 format.

14

That’s exactly what I meant.

15

It’s very strange that an antivirus CORRUPTS the NTFS file system… ::slight_smile:

Bus, as you’re saying that avast does not screw up your system, well, welcome 8)

16

So strange that I did not think an AV product could either. I removed just about everything else and then someone on a Usenet forum reminded me how Zone Alarm used to corrupt filesystems, so I uninstalled CA EZ.

Here is a detailed report about what CHKDSK did to fix the corrupted disk.

+++
ftdisk: {Lost Delayed-Write Data} The system was attempting to transfer file data from buffers to \Device\HarddiskVolume1. The write operation failed, and only some of the data may have been written to the file.

The following boot-start or system-start driver(s) failed to load:
PCLEPCI

Checking file system on D:
The type of the file system is NTFS.
Volume label is System Disk.
The attribute of type 0x80 and instance tag 0x347 in file 0x9
has allocated length of 0x41200 instead of 0x41400.
Deleted corrupt attribute list entry
with type code 128 in file 9.
Unable to locate attribute with instance tag 0x347 and segment
reference 0x9000000000009. The expected attribute type is 0x80.
Deleting corrupt attribute record (128, $SDS)
from file record segment 9.
Cleaning up minor inconsistencies on the drive.
The security data stream is missing from file 0x9.
The security data stream size 0x0 should not be less than 0x40000.
Repairing the security file record segment.
Deleting an index entry with Id 256 from index $SII of file 9.
[…]
Deleting an index entry with Id 257 from index $SDH of file 9.
Replacing invalid security id with default security id for file 11.
[…]
Replacing invalid security id with default security id for file 6166.
+++

As you can see, it was quite a mess.

17

I did exactly that and now when I tell MWP to delete mail on the server, the little blue ball with the lower case letter ‘a’ rotates. IOW, Avast is processing that particular action of MWP.

The ball does not rotate when I invoke MWP nor when I fetch mail. But it does rotate when I tell MWP to remove spam from the POP3 server.

Do I need an additional command to stop Avast from accessing MWP completely?

18

I have no idea why that is happening, it doesn’t happen with my set-up.

That setting should work for all WM activity when connecting to email servers.

The avast icon will scan any file activity to initiate the deletions when you click process but the The Scanned Count: and Last Scanned: information on the Internet Mail provider detailed info, remain unchanged (remember there is more than one scanning module and they all rotate the avast icon when scanning, standard shield, etc.).

19

Maybe I put it in the wrong place in the “ini” file. Where should I put it - at the top of the group?

NOTE: Since I first posted this I put the command at the top of the group and rebooted. It made no difference - the little blue ball rotates when I tell MWP to delete spam.

The avast icon will scan any file activity to initiate the deletions when you click process but the The Scanned Count: and Last Scanned: information on the Internet Mail provider detailed info, remain unchanged (remember there is more than one scanning module and they all rotate the avast icon when scanning, standard shield, etc.).

I thought of that but no mention was made about telling Avast not to respond to other executables than “mailwasher.exe”.

The mailwasher directory has only one “exe” file, although it has several “dll” files.

Did you add extra commands to account for more than “mailwasher.exe”? If not, then I should not have to either.

20

It doesn’t matter where it is providing it is in the [MailScanner] section as you found. I made no other changes to avast4.ini or MW. However, I don’t bounce spam email, apart from it being a waste of time, I think that too would be ignored.

Have you checked the Scanned Count and Last Scanned as I suggested, is there any change ?
If so what is being scanned ?
You might want to enable ‘Show detailed info on performed action’ in the Internet Mail provider, Advanced, as a temporary measure to see what it being scanned.

http://img.photobucket.com/albums/v325/for-dwr/showdetailedmail.jpg