I got a problem using Comodo Firewall (Ver. 5.0.162) and free AVAST AV (Ver. 5.0.677).
Environment
Host: Windows 7 Prof. 64bit, Comodo Firewall, AVAST AV, VMware Workstation (for hosting Guest)
Guest: Windows 7 Prof. 32bit, Comodo Firewall (no AV while testing)
Problem
I can t send or receive e-mails with Mozilla Thunderbird (Mail client should not be important because mail client isn t “visible” at the Host System).
Connection to e-mail server seems to be timed out. Tested gmx.net, and others all pop3/smtp, with and without SSL.
(VMnat.exe is the responsible process at the Host for all network traffic of the Guest System.)
No Problems with if
Comodo Firwall is OFF and AVAST AV e-mail filter is ON
and no problems if
Comodo Firwall is ON and AVAST AV e-mail filter is OFF
I got this Problem on my “native” (no VM) Windows XP Prof SP3 Machines too.
Going to post in the AVAST Forum too, Hope this is okay.
I would recommend you to uninstall Avast and use comodo AV instead; as long as malware are not runing they can’t do any harm or damage, plus e-mail scanners can make more problems than helping you. Look at these websites
No offence! But I am not pleasured with Comodo AV 5 (4). sorry.
I just wonder what the firewall does… Or what I can do to ovoid the timeout.
Comdo Firewall at the Host can t block the Thunderbird mail client inside the Guest…
There s a Comodo Firewall inside the Guest too, of course, but it isn t blocking. (checked it, worked before avast…)
(I don t wan t to sound offensive in any way! My english is just bad and learned by TV)
I am using just one Firewall and one AV at the time:
Comodo Firewall + Defence + Sandbox (NO Comodo AV)
[and one System with Comodo Firewall only)
and
avast AV (free)
Avast support told me that the network traffic is “controlled” by avast by avastSvc.exe, that is akting like a proxy. (Like or similar to HAVP at Linux systems I think)
I tried to “allow all” for that process but that did not resolv the problem.
Looks like there is no other way to fall back to Comodo AV for in time scanning. Sorry but I am not happy about that.
I am going to run a little testing in a VM, maybe I can report something back.
I hope you know that no all programs can run in virtual machines; the programs must be programed so that they can run on virtual machines. So it would be best if you make sure that the software you want to use in the virtual machine is runnable on a virtual machine.
I think CIS5 runs without any problems on virtual machines .
After a little testing I can not recomend to use the following components of AVAST 5 in combination with Comodo Premium (Firewall/Defence)
web av scanner
network av scanner
AVAST 5 uses a proxy to scan the traffic and because of this Comodo will only “see” the proxy process requesting permission to access the network. if you trust the proxy, just every application which is using the proxy is able to access the network “unseen”
It looks like that Avast 5 Behaviour Shield and Comodo Defence+ at the same time making decetions more like random()…
In case you get high cpu usage add avast in detect shellcode injects and this is how you do it CIS —> Defense+ —> Defense+ Settings —> Execution control Settings —> Detect shellcode injections (i.e. Buffer overflow protection) —> Exclusions —> Add —> Browse…
avast Web Shield scans the traffic but it is not, technically, a proxy. I mean, the scanning is transparent and it does not have to be manually set as a proxy (i.e., port number and address). On contrary, if you use a proxy, you can configure it into avast.
I hope you know that no all programs can run in virtual machines; the programs must be programed so that they can run on virtual machines. So it would be best if you make sure that the software you want to use in the virtual machine is runnable on a virtual machine.
I think CIS5 runs without any problems on virtual machines.
Regards,
Valentin
Most programs will run fine in virtual machines. Actually is the vm that needs to be written “properly” to be able to support programs.
This is no a D+ problem. In the post before yours BRDM explains it. It is the Avast proxy that makes the traffic invisible for CIS. Please stay focused when reading a topic.