Configuration according to Porkpiehat...

[porkpiehat]

I'm getting a Comodo HIPS alert that something is trying to connect to the internet, whenever I shutdown or reboot.... any ideas?

 

[hjlbx]

I'm getting a Comodo HIPS alert that something is trying to connect to the internet, whenever I shutdown or reboot.... any ideas?

Did you look in the logs ? Is the alert from Defense+ or Firewall ?

If you get an alert during shutdown, then you should hear the alert sound (if you have that setting enabled).

Sometimes at shutdown, Defense+ (HIPS) will alert when an app attempts to access System. If this is the case, you should see such alerts in the Defense+ logs.

If it is a Firewall alert, then the log will likewise tell you which app is attempting to connect (you'll have to pay attention to figure out if it is at startup or shutdown).

Does this explanation make sense ? Do you know how to access the logs ?

 

[porkpiehat]

it seems that if I exit ERP before I shutdown, I don't get the Hips message...no biggie really, as it has already done its job by then..

 

[Overkill]

How's RBRX working? nice config btw

 

[porkpiehat]

I'm still getting used to it... I rolled back to a couple of snapshots, that didn't really work out, but the initial snapshot did.... so I'm still undecided atm....

 

[porkpiehat]

OK, after 360 TSE falling out with my VPN, I've installed EAM, and Zemana Antimalware (giveaway prize)

 

[porkpiehat]

GUTTED...EAM has been screwing with my auto sandbox rules, and has had to go... so back to 360 TSE, and hope that they've sorted out the false +ve problem that I previously had....

 

[Rolo]

heh...I had to let 360 TSE go too--far too many false-positives even for my high tolerance (and I won't subject my wife to that either). I may run it on my test VM when I rebuild it.

Avira seems nice. One ad popup, so I don't know if it's a one-time thing or recurring thing. People keep saying Avira ditched that, so I dunno...

Since you have Comodo, you may want to try Avira free for the AV portion; @hjlbx (A-number-one Comodo fan) likes that combo, so it's probably without conflict and an effective solution.

 

[hjlbx]

Since you have Comodo, you may want to try Avira free for the AV portion; @hjlbx (A-number-one Comodo fan) likes that combo, so it's probably without conflict and an effective solution.

I like Comodo because it works for me, but I wouldn't rate myself as a "Fanboy" - although it might appear at times that I am. To the contrary, at times I am disappointed, befuddled and frustrated with both Comodo products and corporate. I will be the very first to state CIS can be a handful and has problems.

That being said, Avira Free antivirus and Comodo can work together - but Avira can tax the network since it is cloud-based. Avira is nothing but a scanner with some advanced tweaks that probably add little, if any, additional protections.

Unless a person is a click-download-happy-high-risk user I find that most AVs are sufficient for typical, daily use. I'm not saying they are perfect, but they do generally provide a base-line system security above that of Windows Defender.

The natural inclination for most users is to layer their system to the N-th degree... you know, "Impenetrable-Fortress-Syndrome." Anyone who spends time at IT security sites knows exactly what I am talking about.

My ideal security config:

1. Anti-executable
2. Virtualization
3. Outbound Firewall Notifications

This can be achieved in two ways:

A. Comodo Internet Security - properly configured

or

B.

1. AppGuard with NoVirusThanks Exe Radar Pro
2. Shadow Defender (and\or Sandboxie}
3. BiniSoft's WIndows Firewall Control

I would like to see\find a more robust firewall solution that Windows Firewall since its self-protection is quite weak... hence the definite need of an anti-executable.

Option (B) is both light on CPU and RAM usage... but at the same time, on my specific system, so is Comodo.

More importantly, the softs in option (B) are very dependable and reliable (except Sandboxie - in my experience - on my specific system).

If I only had the choice to have one security-related soft then it would be Shadow Defender...

 

[Malware Man]

I do understand about UAC set to minimum, I did have it disabled, but read a lot of comments both here and other forums, it really does help protect the system, maximum would drive me crazy. You have all the area's well covered against today's nasties.

I have UAC on maximum and have it set in group policy to make me enter my password (I can't just click yes or no). It helps me from reading the prompts fast and clicking the yes button by mistake. My password is long but I typed it out so many times it only now takes a few seconds to put it in without looking . I have to enter it just to open up task manager but hey, I rather have the added protection than to get a infected system. It really does block a lot of stuff. Especially with the option in group policy to only evaluate applications with a digital signature. That way if one doesn't have it, it can't even prompt me for admin rights.

UAC is a nice feature cause it provides protection on the kernel level which I believe a lot of software don't have access to this protected part of Windows (correct me if I am wrong)

 

[porkpiehat]

***UPDATE***
removed NoVirusThanks EXE Radar Pro
added Voodooshield (registered)... seems happy enough with UAC running..
added WinPatrol Plus
added MBAE