AVAST AV(free) e-mail filter conflict

Hi!

I got a problem using Comodo Firewall (Ver. 5.0.162) and free AVAST AV (Ver. 5.0.677).

Environment
Host: Windows 7 Prof. 64bit, Comodo Firewall, AVAST AV, VMware Workstation (for hosting Guest)
Guest: Windows 7 Prof. 32bit, Comodo Firewall (no AV while testing)

Problem
I can t send or receive e-mails with Mozilla Thunderbird (Mail client should not be important because mail client isn t “visible” at the Host System).
Connection to e-mail server seems to be timed out. Tested gmx.net, and others all pop3/smtp, with and without SSL.
(VMnat.exe is the responsible process at the Host for all network traffic of the Guest System.)
No Problems with if
Comodo Firwall is OFF and AVAST AV e-mail filter is ON
and no problems if
Comodo Firwall is ON and AVAST AV e-mail filter is OFF

I got this Problem on my “native” (no VM) Windows XP Prof SP3 Machines too.

Going to post in the AVAST Forum too, Hope this is okay.

Hey and Welcome!

I would recommend you to uninstall Avast and use comodo AV instead; as long as malware are not runing they can’t do any harm or damage, plus e-mail scanners can make more problems than helping you. Look at these websites

Part 1 Avast vs Avira vs Comodo vs Panda AV Test Part 1 - YouTube

Part 2 Avast vs Avira vs Comodo vs Panda AV Test Part 2 - YouTube

Have you looked if comodo firewall is not blocking Thunder Bird?

I hope I could contribute with some useful information.

Regards,
Valentin

I used Comodo AV since Version 4.

No offence! But I am not pleasured with Comodo AV 5 (4). sorry.

I just wonder what the firewall does… Or what I can do to ovoid the timeout.

Comdo Firewall at the Host can t block the Thunderbird mail client inside the Guest…
There s a Comodo Firewall inside the Guest too, of course, but it isn t blocking. (checked it, worked before avast…)

(I don t wan t to sound offensive in any way! My english is just bad and learned by TV)

no problem. firewalls are like filters you could say. Use only one AV and firewall at the same time.

Your English is not bad at all :slight_smile:

I have used Mozilla Thunder Bird myself but it’s nothing special if you ask me. I go the website where my mails are.

Regards,
Valentin

Hi !

Sorry for my late response

I am using just one Firewall and one AV at the time:
Comodo Firewall + Defence + Sandbox (NO Comodo AV)
[and one System with Comodo Firewall only)
and
avast AV (free)

Avast support told me that the network traffic is “controlled” by avast by avastSvc.exe, that is akting like a proxy. (Like or similar to HAVP at Linux systems I think)

I tried to “allow all” for that process but that did not resolv the problem.

Looks like there is no other way to fall back to Comodo AV for in time scanning. Sorry but I am not happy about that.

I am going to run a little testing in a VM, maybe I can report something back.

greetings

Hey! :slight_smile:

I hope you know that no all programs can run in virtual machines; the programs must be programed so that they can run on virtual machines. So it would be best if you make sure that the software you want to use in the virtual machine is runnable on a virtual machine.

I think CIS5 runs without any problems on virtual machines .

Regards,
Valentin

After a little testing I can not recomend to use the following components of AVAST 5 in combination with Comodo Premium (Firewall/Defence)
web av scanner
network av scanner

AVAST 5 uses a proxy to scan the traffic and because of this Comodo will only “see” the proxy process requesting permission to access the network. if you trust the proxy, just every application which is using the proxy is able to access the network “unseen”

It looks like that Avast 5 Behaviour Shield and Comodo Defence+ at the same time making decetions more like random()…

NOT your (Comodo) fault at all!

In case you get high cpu usage add avast in detect shellcode injects and this is how you do it CIS —> Defense+ —> Defense+ Settings —> Execution control Settings —> Detect shellcode injections (i.e. Buffer overflow protection) —> Exclusions —> Add —> Browse…

Look at this link Avast forum

Regards,
Valentin N

Edit by EricJH: fixed the link

avast Web Shield scans the traffic but it is not, technically, a proxy. I mean, the scanning is transparent and it does not have to be manually set as a proxy (i.e., port number and address). On contrary, if you use a proxy, you can configure it into avast.

[attachment deleted by admin]

Please respect other people’s choices.

I hope you know that no all programs can run in virtual machines; the programs must be programed so that they can run on virtual machines. So it would be best if you make sure that the software you want to use in the virtual machine is runnable on a virtual machine.

I think CIS5 runs without any problems on virtual machines.

Regards,
Valentin

Most programs will run fine in virtual machines. Actually is the vm that needs to be written “properly” to be able to support programs.

This is no a D+ problem. In the post before yours BRDM explains it. It is the Avast proxy that makes the traffic invisible for CIS. Please stay focused when reading a topic.

I will Eric. Sorry :frowning: I will change my previous posts here.

Please don’t change posts unless instructed. It makes topics go “strange”.