Issue With Firewall Update - Revisted

I earlier posted an issue with the last firewall update at;
https://forums.comodo.com/index.php/topic,6499.0.html

In response,Soyabeaner suggested that I disable any other real-time security software during any future updates to Comodo Firewall. That made sense to me, and left me satisfied.

However, a few minutes ago I checked for anti-virus db updates for my virus protection program (Avast), I received a warning from Comodo that Avast was trying to connect to the internet. I’ve never gotten that warning during a virus definition data base update before. But taking a second look at the update window for Avast, I realized that there was also a program update as well, so I was not concerned. I responded to Comodo to allow (checking the box to remeber setting), and continued with the download. I disabled Comodo during the rest of the download, as well as Spyware Terminator so I would not have to deal with any pop-up warnings when the installation began.

When the download completed and installation was finished I, of course, had to re-boot. When my system came back I had a warning from Avast that it would not be able to scan email. I ran the “Scan for known application” wizard in Comodo, restarted Comodo, and then re-booted again. The issue was resolved. My email was scanned.

I can understand the first warning I got from Comodo regarding the Avast program update (not the virus definition updater) trying to connect to the internet. But should’nt that have been the end of the story? I don’t mind going through these extra steps myself, but this is exactly why I don’t allow automatic updates of any kind on my PC. I’m not the only person using my computer. Other users either wouldn’t know how to deal with this type of situation, or don’t have the patience to try. I realize that both a firewall and anti-virus program are high profile real-time process, but shouldn’t they work seamlessly together? I never had this problem with the firewall I previously used;it would advise me of the change, but never blocked email scanning.

I am still satisfied with the overall performance of Comodo, but feel that the situations in this post and my previous post should not have occured. Hopefully, as Comodo Firewall evolves further it will learn to recognize programs such as Avast anti-virus protection, and deal with them differently. I am, by no means, an expert in this area, but the average PC user should not have to deal with these little glitches where one security software interfers with another.

Again;
I’m running Windows XP Home Edition, SP2.
I use Thunderbird email client with a POP3 account.
My virus program is Avast.
Also using Spyware Terminator

Thank you,
MLReynolds

I haven’t had this problem myself, but a friend have had it after an “double-update” (VPS and program update in avast!). He also got problem with the mail after the update, but he just deleted the ashMaiSv.exe entry in the application monitor in the firewall, and then he checked his mailaccound from Thunderbird, and he got a popup from the firewall (about ashMaiSv.exe), he clicked on “Allow” (and remember the setting), and then his mail was working just fine, and have done that since then.

I had some problems with surfing once, after a program update of avast!, but after a similar procedure as above (I just deleted the entry ashWebSv.exe, and then started my browser, I accepted the popup from the firewall, and everything was working fine again).

Thank you for your input, Bluesman.

MLReynolds

I understand, MLReynolds about other users on the computer, and your concern for them not knowing how to handle the popups. Unfortunately (from your perspective) CFP is just doing its job in a very thorough way; it’s not a matter of CFP not recognizing these programs; it’s a matter of the program changing from what it previously was, and CFP is alerting to that (since for all practical purposes, it could be a virus…)

If you know that AV is updating, you can edit the Application Rule(s) for those executables, go to the Miscellaneous tab, and select “Skip Advanced Security Checks.” OK. Certainly after the next reboot CFP should ignore those changes, as this turns off Application Behavior Analysis for that application only.

Perhaps that will clear up the issue.

LM

Little Mac,

I agree with what you are saying. However, when Comodo was updated, I don’t feel that I should have had the same situation as I described in my previous post; https://forums.comodo.com/index.php/topic,6499.0.html.

But at least I know that it is eaisily resolved. Thanks for your input.

MLReynolds

Thanks, I reread your previous post, and see what you’re saying. In my mind I had the other way around - that it was an AV update that was at issue, not the CFP update. That is a bit odd. Perhaps there was something else going on behind the scenes at the same time, some process involving the AV, that caused a conflict to occur. Security applications are a bit quirky that way. That’s no answer, I know; a better answer would have to come from the development team, I’m afraid.

LM

Thanks again Little Mac, and everyone else who posted a repy to this and my other post. It’s a small issue, perhaps I made it out to be more in the beginning. I know how to deal with it, and perhaps someone else will have a similar problem and learn how to deal with it from our post’s in this form.

I have learned a lot from this forum, as well as the forum at Avast. I would just like to give back a little myself. Perhaps I will, if so, I’m happy. I’d also like to say that I am not unhappy with Comodo Firewall or Avast anti-virus software. But it does seem to me, still, that an update of CFW shouldn’t block a funtion of a virus program. But again, a small thing; easily fixed.

Thank you to all who post here with positive and helpful subjects intended to help others, and thanks to the folks at Comodo who must work very hard at maintaining a a very complex piece of software, and keeping it easy to use for people like myself.

Best Regards,
MLReynolds