Avira's sched.exe and windows updates

I'm running Avira free ver. 9.0.0.442 on XP Home SP3. I only update Avira manually as well and Windows. I also don't have any jobs scheduled within Avira. On occasion sched.exe asks for internet access and then it connects to Windows updates. During the past week it's happening daily. Why is this happening and why is connecting to Windows updates?

I did get a notice that Avira needs a program update but I have not done that yet. I would like to stay with version 9 and I'm afraid that it will update to version 10. I'll have to experiment later with Returnil's Session Lock enabled.

 

I updated Avira manually and now have version 9.0.0.429. I'm also still seeing sched.exe wanting to connect to Windows updates at boot up. Automatic updates are disabled and I only have WGA Validation installed and not WGA Notification. I thought the latter may be my problem.

Does anyone have any idea what is going on? I'll even entertain wild guesses at this point.

Thanks

Edit: Here is my firewall log while booting.

12/11/10 00:37:52 [TDI] ICMP, Listen, 0.0.0.0 <- 0.0.0.0, System(4/212)
[TDI] Passed by rule.
12/11/10 00:37:52 [TDI] RAW, Connect, 0.0.0.0 -> 0.0.0.0, System(4/212)
[TDI] Passed by rule.
12/11/10 00:37:52 [TDI] UDP, Connect, 0.0.0.0:50019 -> 192.168.1.1:53, C:\Program Files\Avira\AntiVir Desktop\sched.exe(1512/2724)
[TDI] Blocked by rule.
12/11/10 00:38:07 [TDI] UDP, Listen, 192.168.1.4:68 <- 0.0.0.0:0, C:\WINDOWS\system32\svchost.exe(916/1012)
[TDI] Passed by rule: "UDP, <-- svchost.exe, [68], +(*)"
12/11/10 00:38:07 [TDI] UDP, Connect, 0.0.0.0:65075 -> 192.168.1.1:53, C:\Program Files\Avira\AntiVir Desktop\sched.exe(1512/2724)
[TDI] Passed by rule: "UDP, --> sched.exe, [53], +(*), (session)"
12/11/10 00:38:22 [TDI] UDP, Connect, 0.0.0.0:56785 -> 192.168.1.1:53, C:\Program Files\Avira\AntiVir Desktop\sched.exe(1512/2724)
[TDI] Passed by rule: "UDP, --> sched.exe, [53], +(*), (session)"
12/11/10 00:38:22 [TDI] TCP, Connect, 0.0.0.0:1026 -> 65.54.81.184:80, C:\Program Files\Avira\AntiVir Desktop\sched.exe(1512/2724)
[TDI] Passed by rule: TCP, --> sched.exe, [80], +(*)

 

I'm experiencing the same behaviour, although I am using Avira 10 and it occured after the installation of SP1.

Have you tried in the Avira forum? I have started a thread there asking the same question as you (I've yet to get a response so far though).

This is my post at Avira - http://forum.avira.com/wbb/index.php?page=Thread&threadID=121735 - if you would like to add your concerns to that thread, you're more than welcome. Maybe if more people ask this question, we'll be more likely to get a response.

 

Thanks for your reply. I couldn't reply to your thread so I started my own. http://forum.avira.com/wbb/index.php?page=Thread&threadID=122414

What firewall are you using qwerty?

 

Avira is updating the MS certificate list, it doesn't update the software.

Here are the details:

http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/545

 

Thank you very much Stefan. At least that partially explains why I have been getting errors like the one below in my event viewer. Now I have to figure out why the list isn't updating or do away with it.


Event Type: Error
Event Source: crypt32
Event Category: None
Event ID: 8
Date: 11/16/2010
Time: 11:13:52 PM
User: N/A
Computer: NAME
Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

Stefan, do you work on Avira? If so, it's nice to see you post, even if it isn't at your own forum. I posted the following on the Avira forum, but got no response, would you (or anyone reading this who works on Avira AntiVir) care to comment?