xml Posted February 26, 2006 Share Posted February 26, 2006 hi, i would like to know why paint.net (including the installer) tries to connect about 10+ times to the internet (usertrust.com). is this really necessary i have to keep blocking it because its severall diferent exes trying to connect. Link to comment Share on other sites More sharing options...
chew Posted February 26, 2006 Share Posted February 26, 2006 maybe you have spyware :shock: Link to comment Share on other sites More sharing options...
BuzzKill Posted February 26, 2006 Share Posted February 26, 2006 Look under "Updates" and see if you have "Automatically check periodically" checked. If so, uncheck it and see if you still have the same problem. I'm not sure why the installer tries to connect. It only tried to connect a single time when I first installed 2.6 Cr2. Other than that, it hasn't tried to connect to the internet anymore. Also, you can check the program controls in your firewall to see if you are or are not allowing Paint.NET access to the internet. Good luck with that! - DO NOT contact me asking for the .pdn of my avatar or the PDN logo. Thank you. Have a nice day. Link to comment Share on other sites More sharing options...
Rick Brewster Posted February 26, 2006 Share Posted February 26, 2006 Paint.NET will only try to connect to http://www.eecs.wsu.edu/paint.net , for the purpose of checking for updates every 5 days (unless you tell it not to of course). The installer has no network access code in it at all. If any other activity happens, you have spyware/malware that is injecting threads into the PaintDotNet.exe process and doing other stuff. The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
Rick Brewster Posted February 26, 2006 Share Posted February 26, 2006 Looks like usertrust.com is some site dealing with digital signatures. Every EXE and DLL in Paint.NET is digitally signed with our code signing certificate. It is possible that you have configured some setting somewhere to do some kind of online double-checking/verification of signatures attached to EXE or DLL files. I don't know where or what this setting would be, but it's the only thing I can think of. The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
xml Posted February 27, 2006 Author Share Posted February 27, 2006 i disabled the check for updates when installing and i use kapersky firewall. here's some screenshots this is the first time a program tried to connect to that url on my pc and i run windows on a limited user account (im no begginer on pc usage). Link to comment Share on other sites More sharing options...
Rick Brewster Posted February 27, 2006 Share Posted February 27, 2006 Like I said, our code is not doing this. There is some other software on your PC that is causing this. The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
chew Posted February 27, 2006 Share Posted February 27, 2006 you can fix this couple diffrent ways, two ways i recommend is scanning your pc and running it over with your car Link to comment Share on other sites More sharing options...
xml Posted February 27, 2006 Author Share Posted February 27, 2006 i suggest another one for you: drop dead Link to comment Share on other sites More sharing options...
SearedIce Posted February 27, 2006 Share Posted February 27, 2006 i suggest another one for you: drop dead Now, Chew, there's no reason to start arguments. Paint.net is nothing to fight over. You've all heard this before, but try following it: If you don't have anything nice to say, don't say anything at all. Link to comment Share on other sites More sharing options...
Rick Brewster Posted February 27, 2006 Share Posted February 27, 2006 Well, in xml's defense, chew could've exercised some restraint as well The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
hobbypainter3 Posted February 27, 2006 Share Posted February 27, 2006 I just downloaded and installed Paint.NET 2.6 and it shows the same behavior. Furthermore, when I hover the mouse over the menubar File - Acquire ->, the program WIAPROXY32.EXE, obivously part of Paint.Net, wants to have access to the IP's 216.126.201.89 and 66.249.93.104, which seem to be usertrust.com and google.com. This is reproducible. I'm an experienced user and I am sure I don't have any malware on my PC. Link to comment Share on other sites More sharing options...
Rick Brewster Posted February 27, 2006 Share Posted February 27, 2006 We do not have any code that accesses the Internet except that which pings our website for update checking. All it does it download a text file. To reiterate from a previous post, Every EXE and DLL in Paint.NET is digitally signed with our code signing certificate. It is possible that you have configured some setting somewhere to do some kind of online double-checking/verification of signatures attached to EXE or DLL files. I don't know where or what this setting would be, but it's the only thing I can think of. If you built Paint.NET yourself from our source code ZIP, and enabled code signing (set environment variables SIGNPDN=1 and PDNPFX=[path to PFX file]), you would see the exact same behavior. Most Windows components (Notepad, for instance) will not exhibit this activity because their signatures are stored in catalog files and are not retrieved as part of the normal loading process. However, you'll see above that the .NET Runtime Optimization Service is also being "flagged." This Internet access you're seeing is not necessarily malicious, there just seems to be something that is performing an extra verification of the digital signature. What other security-related software have you installed? The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
hobbypainter3 Posted February 27, 2006 Share Posted February 27, 2006 Only ZoneAlarm, nothing else. It's an XP machine with current updates and .NET 2.0 Runtime Environment. Link to comment Share on other sites More sharing options...
Rick Brewster Posted February 27, 2006 Share Posted February 27, 2006 To quote from http://www.webservertalk.com/archive53- ... 93670.html, Carlos,The most common reasons for the connection to usertrust.com is: 1. You have an SSL certificate from either Freessl.com or from USERTRUST. 2. Your website is configured to accept client authentication certificates. The reason your server connects to usertrust.com is to download CRL information pertaining to either SSL or Client certificates. This is not a virus. If you would like further information please feel free to email me. Nathan Luke USERTRUST Inc. nlmessageboard@usertrust.com The Paint.NET Blog: https://blog.getpaint.net/ Donations are always appreciated! https://www.getpaint.net/donate.html Link to comment Share on other sites More sharing options...
Recommended Posts