Advice Request Should I unblock any of these apps?

[codswollip]

I noticed that comodo blocked some app that should be safe,

I see you decided to turn on HIPS against advice. I'm surely not going to take responsibility telling you which blocks to delete, but I will say that you should use the CS setting now that you've had a taste of HIPS.

Besides... you are imaging your drive daily... right? So if a catastrophic malware incident took control, you'd be able to be back in service with little delay.

 

[Back3]

I've been running Commodo Firewall for a year. The first 6 months, I had Kaspersky Antivirus Free with ComodoCs. And a bug with system restore. Then, I uninstalled Kas and got back to Windows Defender. No bug with system restore. I then activated HIPS the easy way: I put it in training for 15 minutes and clicked on my main apps.
My experience: Comodo is environmentally sensitive so if you already have an antivirus, don't add any other security apps.If you like to experiment with apps, don't use CF. I like it very much but never installed it on my friend's computers.

Most security experts will tell you that you need layers to get better protection. I believe they're right. But with CF if you add layers, you add problems.Cruel didn't recommend layers in her videos not even an antivirus. In the last year, I had Adguard (extension) alerts in my browser but nothing else....

 

[shmu26]

If you are asking this, you shouldnt be using Comodo, especially with HIPS enabled.

I totally agree. Unless you want to be your own guinea pig.

But if you do continue with your current setup, I suggest that you ask for support on the official Comodo forum. Let them provide support for their product.

 

[blackice]

If you want set and forget I'd go with Sophos, literally the only AV I would install and not change a single setting with, because the defaults are both simple and optimal.

Sophos Premium might be a good solution for our home with multiple devices. After looking for more info here and around the web it sounds pretty tempting as a suite.

 

[Zorro]

I noticed that comodo blocked some app that should be safe, but not sure if to unblock or just leave it be:

This is not a complete lock, but some control. ShareX (taking screenshots, recording screen) tries to access the webcam, and Comodo Firewall controls this activity.

 

[hexam]

This problematic is discussed there:

Comodo Forum

Comodo community forum to discuss and help people using security products

forums.comodo.com

Comodo is making a total mess. As usual, it is blocking system files. That's why I can't stand it.
By the way, it is blocking OSArmor from functioning properly, and some of your other programs.

There is an expanation of this problem:

Comodo Forum

Comodo community forum to discuss and help people using security products

forums.comodo.com

Q: Blocked Applications shows HIPS reporting CIS blocking certain programs and unblocking fails. What does that mean?

A: CIS will protect its self by denying programs to access CIS processes in memory.

In a nutshell:

• 99,999999% of the programs will work when access to CIS processes in memory is denied
• Memory access has always been logged in the background in the HIPS logs
• Blocked Applications brings memory access to the front which worries people
• Blocked application offers to unblock the blocking of memory access but can not deliver; that's a design flaw and causes people to worry even more
• 99,999999% of the programs work without getting access to CIS processes in memory
• Even though Blocked Application fails to allow memory access to CIS processes programs will work normally

In the end this is just a storm in a tea cup because of a usability issue. Programs will continue to function normally and there is no security risk. People get worried and think something is wrong even though programs are functioning normally and get freaked out when unblocking is not working.

The confusion shows that the decision to let Blocked Applications log memory access was a big mistake. Memory access should only be logged in the background in the HIPS logs only as it always has been. Information about memory access to CIS processes is only needed for 0,000001% of the programs.

As I was reading this thread I was near to uninstall comodo. I'm not able because of the lack of deeper, very deeper knowledge, but as long as I use comodo I never had problems with viruses, malware, trojaner a.s.o., and I'm doing onlinebanking, too. Remembering this again I wan't uninstall or get rid of comodo.
Yes, comodo isn't a simple software maybe to complecated in this or that way but it never has made problems to my programs or PCs.
There are points which are indeed "mysterious" as far as the block of CIS-programs like comodo dragon and some others for example, are concerned and I really don't quite understand the explanation above.

Really? But it is so featured right in this forum

This is not a complete lock, but some control. ShareX (taking screenshots, recording screen) tries to access the webcam, and Comodo Firewall controls this activity.

 

[hexam]

Most security experts will tell you that you need layers to get better protection. I believe they're right. But with CF if you add layers, you add problems.Cruel didn't recommend layers in her videos not even an antivirus. In the last year, I had Adguard (extension) alerts in my browser but nothing else....

Layers? Does this mean addons/plugins like umatrix for instance?

I've read this advice, too. Not in comodo forum. But I'm too paranoid plugins like privacy badger, umatrix, HTTPSeverywhere not to use/to deactivate or to remove. In 'secure shopping' I deactivate according to the advice he gave in his article where I read this: They all want your date (or so)

Shall I remove all the plug ins but comodo's 'Online Security Pro'?

 

[Back3]

Layers? Does this mean addons/plugins like umatrix for instance?

I've read this advice, too. Not in comodo forum. But I'm too paranoid plugins like privacy badger, umatrix, HTTPSeverywhere not to use/to deactivate or to remove. In 'secure shopping' I deactivate according to the advice he gave in his article where I read this: They all want your date (or so)

Shall I remove all the plug ins but comodo's 'Online Security Pro'?

Addons/ plugins /extensions are a layer I have a few myself. But I have disabled Comodo web filter that isn't very good by itself to make sure everything runs smooth.
When I was talking about layers, I was thinking adding security software like VoodooShied or others over Comodo...It would be overkill and over...
So I have: antivirus, Comodo, on demand anti malware,VPN,and browser extensions. And no conflicts.

 

[hexam]

Thank you for your answer!

 

[camo7782]

Sometimes fanboyism creates false impressions here at MT.

Is this about CruelComodo only or also SysHardener, OSA, Emsisoft software?

Besides... you are imaging your drive daily... right?

Who ever is doing this? Full system image every day??

Comodo is environmentally sensitive so if you already have an antivirus, don't add any other security apps

Including SH and OSA?

 

[shmu26]

Is this about CruelComodo only or also SysHardener, OSA, Emsisoft software?

Comodo suffers from a lot of fanboyism, and probably this has a lot to do with CruelSister's personal flair and flamboyant personality. She granted glamour to PC security.

Who ever is doing this? Full system image every day??

Many people make incremental images after significant system changes or when data has updated.

ncluding SH and OSA?

I am not sure why someone would want to run OSA + Comodo firewall.
SystemHardener is a tweaking tool for advanced users and does not run in real-time.

 

[camo7782]

I am not sure why someone would want to run OSA + Comodo firewall.

is it a bad combo? Like one or the other?

 

[shmu26]

is it a bad combo? Like one or the other?

Well, the primary purpose of OSA is to add script protection because AVs are naturally weak in that area. But Comodo firewall is relatively strong in script protection.

 

[Back3]

I agree with shmu26: why would someone would want to run OSA + Comodo? Despite this, if you absolutely want to add OSA, wait for a few weeks to make sure you don't have any bugs on your computer, make an image and try it. And then live with it for a few weeks. If an issue arises and you don't know where it comes from, you'll be able to get back to a previous state.

As for SH, I tried it, uninstalled it but kept the firewall rules. No issues after 3 months.

 

[camo7782]

As for SH, I tried it, uninstalled it but kept the firewall rules.

Why did you uninstall it? this program is not active once it sets the rules.

 

[Back3]

Why did you uninstall it? this program is not active once it sets the rules.

I installed SH for only one reason: to set secure firewalls rules easily. I didn't want to change other settings to get issues with Comodo. So I don't need SH anymore.The job is done.

 

[camo7782]

I installed SH for only one reason: to set secure firewalls rules easily.

I understand that, but isnt Comodo doing this overriding Windows Firewall?

 

[shmu26]

I understand that, but isnt Comodo doing this overriding Windows Firewall?

Unless you go and disable Windows firewall, it keeps working even after you install Comodo firewall.

 

[Back3]

Since I have not disabled Windows firewall, my SH firewall rules are integrated in Windows firewall. I never had conflicts with both firewalls on Windows 10.
Check that thread

Advice Request - With COMODO, should Window's Firewall be shut off?

Hi all. I watched a video by C/S on setting up Comodo Firewall. I'm sure she said to leave Window's 10 firewall on when Comodo was installed. What does everyone else think, right now I have Window's firewall off but don't want to screw anything up. Please let me know your thoughts.

malwaretips.com