Arto 0 Posted April 1, 2013 Report Share Posted April 1, 2013 I Just upgraded to OA version 6.0.0.1736. Was previously on V5xx. I am also running Avast version 7.0.1474 (which I hav been running for a while now). Each program is excluded from being scanned by the other. My problem is that programs that I have blocked in OA (using Firewall rules) from accessing the internet are being allowed through. This only happens when Avast's web shield is active. If I deactivate the web sheild, OA blocks the traffic as expected. I saw an older post (http://support.emsisoft.com/topic/8326-online-armor-and-avast-web-shield/?hl=avast) where this topic was also discussed. There were references to posts on other forums that indicate that there is no such problem between avast and OA. However, I am definitely experiencing the problem. I enabled full firewall logging in OA, and noticed that when the avast web shield is active, there is no mention of the program I am blocking in the firewall log. There are only entries for Avast stuff. If I disable the web shield, I see multiple entries in the log, indicating that the program was blocked. Is there a setting I might need to change in OA, or is something wrong with my OA instal? I'm running XP SP3. Thanks; Quote Link to post Share on other sites
Fabian Wosar 390 Posted April 1, 2013 Report Share Posted April 1, 2013 What Avast does when the web shield is enabled is to route all web request through it's own process. So instead of connecting to an IP on the internet, a program accessing the web will connect to the Avast web shield proxy process instead. The actual internet access is then done from the Avast proxy process, that you most likely allowed to access the internet. There is no real solution for this problem as the way Avast chose to implement the web shield is just inherently incompatible with any software firewall. Quote Link to post Share on other sites
Arto 0 Posted April 1, 2013 Author Report Share Posted April 1, 2013 How is it that Avast can 'intercept' the request, but OA cannot. Quote Link to post Share on other sites
Arto 0 Posted April 1, 2013 Author Report Share Posted April 1, 2013 I just found a work around for this. Not perfect, but since I don't have many programs I need to block, it works. I basically to Avast that my program should be excluded from the web shield. Thus it allows OA to examine, and apply its ow rules. Quote Link to post Share on other sites
Fabian Wosar 390 Posted April 1, 2013 Report Share Posted April 1, 2013 The problem is not the intercepting. The problem is that with the web shield enabled all HTTP traffic is done on behalf of your browsers and HTTP clients by the Avast proxy process. Since that is allowed, all HTTP traffic is allowed as Online Armor can't possibly know which process the Avast proxy is requesting a web page for. Quote Link to post Share on other sites
Nick 10 Posted April 2, 2013 Report Share Posted April 2, 2013 @Arto I have never seen this issue on my system. I have mutually excluded both programs. In your original post you wrote that "each program is excluded from being scanned by the other" but you also wrote that "there are only entries for Avast stuff" in the firewall log. I suspect that you might still have some items related to Avast in the Firewall program list and/or in the Programs list and/or in the Autoruns list of OA. You may want to try deleting those Avast's entries in OA and then reboot. System Information:Win XP Pro SP3Avast! Free AV 8.0.1483Online Armor Free 6.0.0.1736 (Avast!/OA mutually excluded) Quote Link to post Share on other sites
Arto 0 Posted April 4, 2013 Author Report Share Posted April 4, 2013 Nick; In my autoruns, I have 2 entries related to Avast, and both are set to Allowed. In the Firewall section, there is nothing specific for Avast. In programs, there are no entries for Avast. In Options"Exclusions, I have 2 entries for Avast: One is the main program folder, and the other is the Avast folder under Documents and Setting/All Users/Application Data. I've had these entries for years. Without it, really bad things happen. Are you suggesting I remove these entries from the exclusions? Quote Link to post Share on other sites
Nick 10 Posted April 4, 2013 Report Share Posted April 4, 2013 Are you suggesting I remove these entries from the exclusions? Absolutely not. Since you have Avast excluded in OA, I just wanted to suggest that you should try deleting all the Avast related items in OA's Autoruns, Programs and Firewall lists and then reboot your system. If Avast is fully excluded in OA, there's no reason for any possible related item to be present in Autoruns, Programs or Firewall lists, in my opinion. As far as I know, the issue you described doesn't affect OA + Avast (also according to the Avast forum). Quote Link to post Share on other sites
Arto 0 Posted April 4, 2013 Author Report Share Posted April 4, 2013 Nick; I removed the Avast entries from the autoruns, and rebooted. The services started up fine (as they should have). As for the firewal rules in OA being bypassed, it is still happenning, unless I tell Avast web shield to exclude the program that I want OA firewall to block. I found a few threads that seem to indicate that OA is not affected by this problem, but since I am experiencing it, the problem is there. I did see mention of setting the Avast web shield to 'scan traffic from well known browser processes only'. That works, but I don't know what protection I am loseing be setting that option. Thanks; Quote Link to post Share on other sites
Nick 10 Posted April 4, 2013 Report Share Posted April 4, 2013 (edited) I did see mention of setting the Avast web shield to 'scan traffic from well known browser processes only'. That works, but I don't know what protection I am loseing be setting that option. Thanks; I have not enabled that option. If you enable it, basically Avast will monitor HTTP traffic only for common browsers (e.g., Firefox, Internet Explorer, Chrome and perhaps Opera), ignoring HTTP traffic generated by any other application, though. Obviuously the File System Shield should still take care of any possible malware that could find its way into your system... You might want to try asking also some other user on the Avast Support Forum - several people there use OA + Avast. Perhaps, someone else will confirm your issue and let the developers know,,, Edited April 4, 2013 by Nick Quote Link to post Share on other sites
trujwin 1 Posted April 5, 2013 Report Share Posted April 5, 2013 Has the Menu>>options>>Firewall >> intercept loopback interfaces been ticked on?? Download Accelerator plus downloads all the files thru AVAST proxy (all the shields incl Webshield active). For a test I blocked it in Menu>>Firewall>>Programs. Now DAP is not able to connect to the internet. I have attached the history tab of the action , where OA is blocking DAP's attempt to connect to the AVAST proxy , rightly so. Hope this is relevant to the issue. 1 Quote Link to post Share on other sites
Nick 10 Posted April 5, 2013 Report Share Posted April 5, 2013 Yes, with an AV like Avast (which basically uses its own web proxy), the "intercept loopback interfaces" option should be enabled. Do you have VLC Media Player on your system? Try blocking it in Firewal/Programs (OA) then open VLC and go to Help/Check for Updates. OA should prevent it from looking for updates - and VLC should show you some error message. 1 Quote Link to post Share on other sites
Arto 0 Posted April 12, 2013 Author Report Share Posted April 12, 2013 Finally got around to trying this. Sure enough, enabling the intercept loopback interfaces in OA work perfectly. Any reason it is not enabled by default? Will it cause a slowdown on all network traffic? Thanks again. Quote Link to post Share on other sites
Nick 10 Posted April 12, 2013 Report Share Posted April 12, 2013 You're welcome. Happy to hear that you solved the issue. Will it cause a slowdown on all network traffic? No, I don't think so. However, I don't know the reason why it's not enabled by default. Perhaps, it's uncked just to avoid some pop-ups that may result a bit confusing for some users?... Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.