Avast 4.7.986 blocks mail client access to POP3 server

hi everybody,
I recently bought a new desktop system with Vista Home Basic installed.
After I installed AVAST (which I have been using on my WinXP for long time,
without any problems), I got the following problem (Avast version 4.7.986):

when all the AVAST fuctions are switched on, the mailclient which came along
with VISTA, i.e. Window Mail v6.0.6000.16386 (vista_rtm.061101-2205) cannot
get access to the POP3 mailsever of my provider. The same is true for the mail-client Mozilla Thunderbird (Version 2.0.0.0 - 2007326).
Interestingly enough, I have also installed Outlook 2002, and there is no POP
server access problem with this one. However, I do not intend to use
Outlook 2002 as my mail-client, since is is pretty much outdated.

Now comes the interesting part:
If in the Avast On Access Scanner, fraction “Internet Mail”, in the
“residential tasks”, under “POP”, I uncheck the box “check incoming mail”,
the problem disappears (for Window Mail as well as for Thunderbird).
If I check the box, the problem is back.

Remarks:

  1. The only other security software that is installed is the Windows
    Defender which came along with the system. Version is 1.1.1505.0, Modul
    1.1.2405.0
  2. My internet connection for the VISTA Desktop is done via Ethernet LAN
    connection to a WinXP Desktop (Home network). The XP Desktop connects to
    the ISP via cable modem.

The two questions I now have are:

  1. What can I get this situation repaired?
  2. How safe am I with leaving the box “check for incoming mail” unchecked?
    I assume this really means a security problem, right?

Thanks in advance for any help - best regards, Erich

Is ashMaiSv.exe allowed to connect the Internet?
Do you use any spam killer application?

It’s not good having it unchecked, of course.
You can do a workaround to it setting the Standard Shield sensibility to High level. But let’s try to solve your original problem…

Maybe you can add the following line to the [MailScanner] section of \data\avast4.ini:
Log=20
Then generate some traffic, simulate the problem (i.e. force the avast mail scanner to time out by sending an email with attachment) and then post here the contents of the file \data\log\aswMaiSv.log

Details: http://forum.avast.com/index.php?topic=12234.msg103474#msg103474

hi, I have made the testing as suggested by you, here are the results from the file \data\log\aswMaiSv.log (a little long, sorry …)
I am wondering why AVAST tries to connect to 192.168.0.127:110, 127.0.0.1:110, etc., instead of the the ISP POP server 195.34.133.11 ???
Best regards, Erich

04/30/07 16:12:21 00000A40: Log settings changed 20
04/30/07 16:13:55 00000BA4: SMTP accept connection from: 127.0.0.1
04/30/07 16:13:55 00000BA4: Connection handler: 000003B8 (520)
04/30/07 16:13:55 000003B8: Ignored PIDs: 2640 2540
04/30/07 16:13:55 000003B8: Ignored Addresses: 192.168.0.127:110 127.0.0.1:110 192.168.0.127:119 127.0.0.1:119 192.168.0.127:143 127.0.0.1:143 192.168.0.127:25 127.0.0.1:25 72.3.135.203:80 193.243.128.78:80 193.243.128.76:80 62.132.1.234:80 204.58.27.60:80 204.58.27.58:80 204.58.27.57:80 204.58.27.51:80 204.58.27.50:80 204.58.27.49:80 204.58.27.43:80 204.58.27.42:80 204.58.27.41:80 204.58.27.35:80 204.58.27.34:80 204.58.27.33:80 198.200.173.74:80 198.200.173.139:80 127.0.0.1:80 70.86.176.98:119 212.26.219.158:119
04/30/07 16:13:55 000003B8: Ignored Processes: forx.exe FXMadeEasy.exe aoltpspd.exe waol.exe avgemc.exe tor.exe wcescomm.exe utorrent.exe ypager.exe V3P3AT.EXE bitcomet.exe mpftray.exe ABC.EXE CZDCPlusPlus.ex CRAXY.EXE NETMONSV.EXE SYMPROXYSVC.EXE NAVAPW32.EXE WEBPROXY.EXE EMULE.EXE TMPROXY.EXE isafe.exe SMPROXY.EXE ccLgView.exe ccSetMgr.exe ccPwdSvc.exe ccApp.exe ccProxy.exe ccPxySvc.exe ccEvtMgr.exe winroute.exe avast.setup
04/30/07 16:13:55 000003B8: --SMTP command REDIRECT 213.46.255.2:25 3840
04/30/07 16:13:55 000003B8: PATH: \Device\HarddiskVolume1\Program Files\Windows Mail\WinMail.exe
04/30/07 16:13:55 000003B8: Connected to SMTP server 213.46.255.2 25 (532)
04/30/07 16:13:55 000003B8: received 127 (532)
04/30/07 16:13:55 000003B8: <-SMTP 220 viefep14-int.chello.at ESMTP server (InterMail vM.7.08.02.00 201-2186-121-20061213) ready Mon, 30 Apr 2007 16:13:55 +0200
04/30/07 16:13:55 000003B8: sent 127 (520)
04/30/07 16:13:55 000003B8: received 13 (520)
04/30/07 16:13:55 000003B8: ->SMTP HELO PCDoro
04/30/07 16:13:55 000003B8: sent 13 (532)
04/30/07 16:13:55 000003B8: received 28 (532)
04/30/07 16:13:55 000003B8: <-SMTP 250 viefep14-int.chello.at
04/30/07 16:13:55 000003B8: sent 28 (520)
04/30/07 16:13:55 000003B8: received 44 (520)
04/30/07 16:13:55 000003B8: ->SMTP MAIL FROM: doro.seidenschmiedt@chello.at
04/30/07 16:13:55 000003B8: sent 44 (532)
04/30/07 16:13:55 000003B8: received 47 (532)
04/30/07 16:13:55 000003B8: <-SMTP 250 Sender doro.seidenschmiedt@chello.at Ok
04/30/07 16:13:55 000003B8: sent 47 (520)
04/30/07 16:13:55 000003B8: received 26 (520)
04/30/07 16:13:55 000003B8: ->SMTP RCPT TO: umbra@gmx.net
04/30/07 16:13:55 000003B8: sent 26 (532)
04/30/07 16:13:55 000003B8: received 34 (532)
04/30/07 16:13:55 000003B8: <-SMTP 250 Recipient umbra@gmx.net Ok
04/30/07 16:13:55 000003B8: sent 34 (520)
04/30/07 16:13:55 000003B8: received 6 (520)
04/30/07 16:13:55 000003B8: ->SMTP DATA
04/30/07 16:13:55 000003B8: sent 6 (532)
04/30/07 16:13:55 000003B8: received 44 (532)
04/30/07 16:13:55 000003B8: <-SMTP 354 Ok Send data ending with .
04/30/07 16:13:55 000003B8: sent 44 (520)
04/30/07 16:13:55 000003B8: received 8192 (520)
04/30/07 16:13:55 000003B8: received 8186 (520)
04/30/07 16:13:55 000003B8: received 8186 (520)
04/30/07 16:13:55 000003B8: received 8186 (520)
04/30/07 16:13:55 000003B8: sent 32768 (532)
04/30/07 16:13:55 000003B8: received 6740 (520)
04/30/07 16:13:55 000003B8: ProcessFile C:\Windows\TEMP_avast4_\unp101449197.tmp
04/30/07 16:13:55 000003B8: ProcessFile Ausgehende Mail ‘Test’ Von: “Doro Seidenschmiedt” doro.seidenschmiedt@chello.at, An: umbra@gmx.net
04/30/07 16:13:55 000003B8: ProcessFile exit 1
04/30/07 16:13:55 000003B8: --SMTP Mail is clean
04/30/07 16:13:56 000003B8: sent 6815 (532)
04/30/07 16:13:57 000003B8: received 78 (532)
04/30/07 16:13:57 000003B8: <-SMTP 250 Message received: 20070430141355.VHGI26898.viefep14-int.chello.at@PCDoro
04/30/07 16:13:57 000003B8: sent 78 (520)
04/30/07 16:13:57 000003B8: --SMTP AavmReleaseScanResult
04/30/07 16:13:57 000003B8: --SMTP Delete Files
04/30/07 16:13:57 000003B8: received 6 (520)
04/30/07 16:13:57 000003B8: ->SMTP QUIT
04/30/07 16:13:57 000003B8: sent 6 (532)
04/30/07 16:13:57 000003B8: received 60 (532)
04/30/07 16:13:57 000003B8: <-SMTP 221 viefep14-int.chello.at ESMTP server closing connection
04/30/07 16:13:57 000003B8: sent 60 (520)
04/30/07 16:13:57 000003B8: connection closed 0 (532)
04/30/07 16:13:57 000003B8: --SMTP Finishing connection handler
04/30/07 16:14:03 00000F74: POP accept connection from: 127.0.0.1
04/30/07 16:14:03 00000F74: Connection handler: 00000ED0 (536)
04/30/07 16:14:03 00000ED0: Ignored PIDs: 2640 2540
04/30/07 16:14:03 00000ED0: Ignored Addresses: 192.168.0.127:110 127.0.0.1:110 192.168.0.127:119 127.0.0.1:119 192.168.0.127:143 127.0.0.1:143 192.168.0.127:25 127.0.0.1:25 72.3.135.203:80 193.243.128.78:80 193.243.128.76:80 62.132.1.234:80 204.58.27.60:80 204.58.27.58:80 204.58.27.57:80 204.58.27.51:80 204.58.27.50:80 204.58.27.49:80 204.58.27.43:80 204.58.27.42:80 204.58.27.41:80 204.58.27.35:80 204.58.27.34:80 204.58.27.33:80 198.200.173.74:80 198.200.173.139:80 127.0.0.1:80 70.86.176.98:119 212.26.219.158:119
04/30/07 16:14:03 00000ED0: Ignored Processes: forx.exe FXMadeEasy.exe aoltpspd.exe waol.exe avgemc.exe tor.exe wcescomm.exe utorrent.exe ypager.exe V3P3AT.EXE bitcomet.exe mpftray.exe ABC.EXE CZDCPlusPlus.ex CRAXY.EXE NETMONSV.EXE SYMPROXYSVC.EXE NAVAPW32.EXE WEBPROXY.EXE EMULE.EXE TMPROXY.EXE isafe.exe SMPROXY.EXE ccLgView.exe ccSetMgr.exe ccPwdSvc.exe ccApp.exe ccProxy.exe ccPxySvc.exe ccEvtMgr.exe winroute.exe avast.setup
04/30/07 16:14:03 00000ED0: --POP command REDIRECT 195.34.133.11:110 3840
04/30/07 16:14:03 00000ED0: PATH: \Device\HarddiskVolume1\Program Files\Windows Mail\WinMail.exe
04/30/07 16:14:04 00000ED0: Cannot connect to POP server 195.34.133.11 (195.34.133.11:110), connect error 10061
04/30/07 16:14:04 00000ED0: sent 90 (536)
04/30/07 16:14:04 00000ED0: --POP Finishing connection handler

This may actually be related to your router, and the changes implemented to the Vista TCP/IP stack.

Please try the following:

  • Click Start>All Programs>Accessories>Command Prompt
  • Right-click on command prompt
  • Click Run As Administrator
  • Type the following: netsh int tcp set global autotuninglevel=disabled
  • Press Enter
  • Restart your computer

Thanks
Vlk