Current versions of XP and Avast! and all of a sudden last night I was unable to surf using IE or FF.
I rebuilt my PC over the weekend and it was working fine until sometime yesterday night.
I can ping, I can get email, I can FTP. I have a valid IP.
When I terminate web shield I can get around. When it is enabled I don’t go anywhere.
I tried uninstalling/reinstalling to no avail. I even used the uninstaller/cleaner utility.
I tried repairing and it didn’t do anything.
I tried manually configuring the proxy settting, and zip.
I tried completly trusting ashWebSv.exe as well, still didn’t work.
Disabling the Firewall didn’t help either.
I have isolated it to the web shield, in that I turned on & off the firewall while webshield was enabled and it didn’t work. I also turned on & off the firewall with web shield disabled and it worked.
Something with ashWebSv.exe isn’t playing nice anymore w/ Windows (which could be the source of the problems).
Not that it matters, I installed XP with my DOCS & Settings folders and my Program file folders on a different drive than my XP files (the windows folders). This was done during the install, and not some post-install move.
Well as you can see I use outpost pro 4.0 and no problems with web shield. In the past I have had problems were outpost blocked access despite ashWebSv.exe having trusted status, I deleted the entry for it and the next time I tried to connect to the internet outpost asked permission, I granted trusted status and back to normal.
I know nothing of the working of Outpost and whether it provides restrictions/permissions when applied to internal ports (localhost).
The avast intercept works by placing a redirect for calls to port 80. That redirect takes the calls to localhost:12080 where ashWebSv.exe takes control and then submits the real request.
Is there any possibility that your Outpost configuration is blocking the avast redirect?
I’m not sure if with the latest version with self protection, terminating or switching off may not achieve what you hope for. Also the new Anti-Leak protection also throws up numerous pop-ups for DDE, DNS, TCP/IP, etc. all of which could effect the ability of ashWebSv.exe to do its job.
Turning on detailed logs should have absolutely no effect on the ability of the web shield to connect, so I thing it is entirely co-incidental.
What plug-ins do you have enabled ?
Does your ISP require that you use a proxy ?
I have to admit to clutching at straws as I can’t see any obvious problem, but if you want to humour me and delete the ashWebSv.exe entry in the application section of outpost, if for no other reason than to confirm it doesn’t make a difference.
Otherwise I would suggest you try, an uninstall of avast, reboot, install, reboot.
It would probably be best to download the latest version of avast and save it to your HDD, somewhere you can find it again. Use that when you reinstall.
here is the latest –
uninstalled Avast.
rebooted
used avast cleaner
rebooted
deleted temp folders
searched and cleaned registry
removed all three avast rules from outpost
reinstalled avast
rebooted
outpost created the setup rule and the mail rule but it didn’t create the rule for the web shield
web shield active still keeps me from surfing and I don’t see that avast is scanning pages - scan cound doesn’t move.
I turned off leak protection and component control in Avast. Only plugin is DNS Cache.
I downloaded, earlier today, the newest version of Avast.
Why is Outpost not seeing the webshield program I wonder - it didn’t try and create a rule for ashWebSv.exe
As for the randomness of it working - I just realized that it was because I was visiting HTTPS sites (port 443) and not HTTP (port 80).
Your not the only one who is at a loss as to why outpost wouldn’t create a rule or at least ask permission for ashWebSv.exe.
Is there anything in the logs, for blocked activity (see images), I just tried connecting to ebay and a few other sites and then looked at the blocked log and found a few blocked connections for web shield (but not the issue you are having), which was for the HTTP port, yet the Reason given was Packet to a closed port. Now I don’t know why Outpost would consider HTTP a closed port and at the time I didn’t notice any browsing problems.
You could try in the Options, Applications, to Add a new aplication, navigate to the ashWebSv.exe location and select that, it will initially be added as a blocked application, Edit and change to trusted.
I have already suggested a reinstall of avast above, did you do that ?
If you have the next logical step id a reinstall of outpost.
I don’t agree with the “since the problem isn’t w/ the firewall.” statement if avast web shield is running, is in the task list (assume Task Manager processes) but not in the outpost applications list. Your comment, “Who knows why Outpost isn’t wanting to create the rule?!” in a backhand sort of way confirms there is something wrong with the firewall, what is the 64 million dollar question.
Did you try adding ashWebSv.exe to the applications list as I suggested ?
[url=http://Outpost logs looked OK.]Outpost logs looked OK. [/url]
By this I assume there were no entries for ashWebSv.exe, blocked or otherwise ?
If I suggest something can you please confirm if you try it and any result, otherwise I’m just groping around in the dark.
a rule w/in Outpost for allowing TCP ports 80 didn’t do anything.
completely trusting ashWebSv.exe in Outpost didn’t do anything either.
Outpost turned off doesn’t matter
Avast has been uninstalled & reinstalled.
Next step is to uninstall & reinstall Outpost.
The outpost logs showed nothing being blocked. It did also show successful processing of ashWebSv.exe.
I am fairly tech savy and all this has me stumped as well. Everything looks good, just aint doing what its supposed to. All signs point to Avast, but I cannot completelty eliminate Outpost or even Windows XP causing this.
Since it was working and then stopped, it almost points to XP and a corrupt file or setting somewhere.
I’m sure a format and reinstall of XP will fix things! Always has in the past.
Wonder if there is some kind of packet/process analyzer I can use to see where the call is stopping at? Maybe I can see that IE sent it to Avast and then see what Avast does with it.
I am at work now, and not sure that I’ll get on the PC tonight, so it might be 24 hours before I can do anything.
I didn’t intend to “insult” Avast! and I appreciate the time you’ve given to working on the problem!
I'm sure a format and reinstall of XP will fix things! Always has in the past.
Something not to be entered into lightly.
I don’t know if two programs from sysinternals.com, process explorer and tcpview might be able to sniff out something.
I’m just an avast user just like yourself, trying to get the best out of it like you and I have had few problems with outpost from the free 1.0 version to the latest Pro 4.0 but I do think there are some teething troubles with this latest version. It is extremely sensitive on the new anti-leak process to the point of distraction and I know this will cause inexperienced users to simply say OK/Allow to everything or end up with the program as a trusted application.
I have been on the Agnitum forums before, wasn’t terribly impressed but, at least you can find the questions people are asking or having problems with.
avast! has these days various options, tranparent shield, proxy, etc when you try to repair it in windows control panel.
I would, although i am not running OP to find a solution in there.
First to configure browser to use transparent proxy, no port 12080 thing, just direct connection. Then try avast to be configured running with no proxy, if I remember right, from windows control panel.
I had a lots of problems with my manual browser config the time i tested Comodo firewall.
Might be good idea to try various browsers you have, if someone does work and test it in eicar site if it works. For me all works fine, but it is the old kerio 2.1.5 so it is the most tolerant fw, hehe. Running manual browser proxy as always.
But i have noticed glitches how avast works and always need to test if i am covered by webshield from all those 4 tests. :
Make sure your browser is not set to “Work Offline” (this option is generally in the File menu).
Besides, I suggest you make avast working without proxy. Into avast! settings:
Left click the avast icon > Settings > Update (Basic) > Details > Proxy
Switching the proxy settings from “Auto-detect” to “No proxy” (I’m assuming you’re not connecting to the Internet via proxy).
Outpost and the new anti-leak it got to the point of not only being so annoying as to say yes to everything, it got to me turning it off. Same with component control. Haven’t had to just completely give a program complete trust, so I guess I’m lucky there. Initially I hated the “complexity” of Outpost, but have since grown to like the “customizability” of it. Don’t really use the plugins. Some features redundant w/ an up to date AV program. A good AV program and a router are adequate protection for me. leak protection and component control are beyond my needs (or my patience!) Sure multiple layers are better, but performance is important.
I will investigate forcing NO proxy in avast. My ISP doesn’t require a proxy.
TCPView might be a valuable tool. I think I can see if ashWebSv.exe is establishing connections.