Probable Conflict between Avast! 6.0.1125 and Comodo Firewall 5.4

[MaxReed]

But with these changes,however, is my PC protected good? 

[SpeedyPC]

But with these changes,however, is my PC protected good? 

Yes your PC is protected keep in mind you don't need two sandbox running at the same time Comodo and Avast, the only sandbox you need is Avast not Comodo cause this is over killed.

Your Comodo Defense+ is still enable this is how it works without using Comodo Sandbox.

The Defense+ component of Comodo Internet Security (hereafter known simply as Defense+) is a host intrusion prevention system that constantly monitors the activities of all executable files on your PC. With Defense+ activated, the user is warned EVERY time an unknown application executable (.exe, .dll, .sys, .bat etc) attempts to run. The only executables that are allowed to run are the ones you give permission to.

Defense+ also protects against data theft, computer crashes and system damage by preventing most types of buffer overflow attacks. This type of attack occurs when a malicious program or script deliberately sends more data to its memory buffer than that the buffer can handle. It is at this point that a successful attack can create a back door to the system through which a hacker can gain access. The goal of most attacks is to install malware onto the compromised PC whereby the hacker can reformat the hard drive, steal sensitive user information, or even install programs that transform the machine into a Zombie PC.

Defense+ boasts a highly configurable security rules interface and prevents possible attacks from root-kits, inter-process memory injections, key-loggers and more. It blocks Viruses, Trojans and Spyware before they can ever get installed on your system and prevents unauthorized modification of critical operating system files and registry entries.


I forgot to tell sorry set your Firewall Security Level to Custom Policy and set your Defense+ Security Level to Paranoid Mode and finally look for Stealth Ports Wizard and pick Block all incoming connections that all

[DavidR]

Well this is becoming more prevalent by a number of security applications as it speeds up any scan/check as accessing this data is much quicker if the signature data is loaded in memory rather than on the hard drive.

So the rights and wrongs of it those signatures when loaded in memory should be encrypted or not, as they must know there is a possibility that the users resident anti-virus may well detect these signatures. Or is it just the case that, since comodo now only offer the suite version with an AV and feel there shouldn't be anyone who doesn't want their AV (or care).

If the signatures were encrypted in memory they wouldn't/shouldn't be detected, but then there is the overhead of having to decrypt the signatures first, losing some of the benefit of having them in memory.

So in essence it is up to the user, to do as I suggested don't run the memory scan in the custom scan or ignore the expected results if virus signatures loaded by security software are detected.

[Asyn]

A bit OT, but if you just need a quite slick FW (and eventually a HIPS) use an older version of Comodo. (See my sig.!) This version doesn't load any signatures into memory and does everything you can expect from a FW (and a HIPS).

[Para-Noid]

A bit OT, but if you just need a quite slick FW (and eventually a HIPS) use an older version of Comodo. (See my sig.!) This version doesn't load any signatures into memory and does everything you can expect from a FW (and a HIPS).

I noticed you mentioned HIPS, I have been using Online Armor Free which has HIPS and does not slow down my machine. I was wondering if Comodo does like wise? I am asking for my knowledge because I have never used anything from Comodo. I am constantly trying to learn. 

I found this link so anyone could download an earlier version.
http://filehippo.com/download_comodo/

[Asyn]

I noticed you mentioned HIPS, I have been using Online Armor Free which has HIPS and does not slow down my machine. I was wondering if Comodo does like wise?

You mean, if Comodo's HIPS (D+) slows your system..?
No, it doesn't.

[Para-Noid]

You mean, if Comodo's HIPS (D+) slows your system..?
No, it doesn't.
[/quote]
That's what I wanted to know. Thanks. 

[Asyn]

That's what I wanted to know. Thanks. 

You're welcome..!

[DBone]

I know an easy fix...............Uninstall Comodo, and use Windows FW.

[Asyn]

I know an easy fix...............Uninstall Comodo, and use Windows FW.

Whom do you address..?

[DBone]

Nobody specific, just what I would do.

[DonZ63]

SpeedyPC, have any suggestions for MBAM Pro that is loading 6-7 unencrypted signatures into memory? At least that is what Avast's memory scanner is saying.

It is a bit odd that Avast's memory scanner is not only flaging Comodo's cmdagent.exe but also MBAM's mbamservice.exe.

I am also curious as to why you are recommending that all Defense+ cloud settings be turned off. Know something amiss in that area?

BTW - cmdagent.exe is loading snxhk64.dll which is an Avast .dll. I was floored when I saw that. More so since Comodo really protects the hell out of cmdagent.exe.

[SpeedyPC]

A bit OT, but if you just need a quite slick FW (and eventually a HIPS) use an older version of Comodo. (See my sig.!) This version doesn't load any signatures into memory and does everything you can expect from a FW (and a HIPS).

The old Comodo FW v3.14 doesn't work on Win7 just keep this in mind

[SpeedyPC]

@DonZ63 I cannot answer your question about MBAM Pro I only used the free version, I'm also aware that has extra features in the Pro version so I cannot fully answer your question along side with Comodo FW.

The Comodo FW cloud feature is a bit over kill when Avast free has so many extra feature that protecting your PC, Comodo cloud can cause to many FP if your not very careful with it. I also have other software for On-demand on my PC and I also have CCE All I'm saying is with all the extra security feature in Comodo FW is over killed while Avast free is almost doing the same the job, so why add more when you over killed the PC can create a lot problems. The only way to balance this problem out you either remove Avast to have all the CIS feature, and if you want to used Avast than cut down the feature running inside Comodo FW you can't have both ways.

[CraigB]

DonZ63 if you are getting memory detections about malwarebytes then you must be running a custom scan with memory scan included, as this scan tends to delve deeper into memory than the normal scans which is why your picking up MBAM signitures, there is no way round it but to either untick the memory scan section or to stick to the normal scans, or simply just ignore the detections of MBAM as there harmless anyway.