For those that saw my signature but had no idea what i'm on about, this thread will shine some light on the stuff. Since I ran out of ideas how to solve this, I thought asking here is the last resort. So I had a Comodo FW(10.2 version, 11 is a POS) combo with ESET, ESET can be disregarded in this matter. I have an application that has anti-tampering measurements and after setting said application as a trusted/allowed/excluded application inside Comodo FW, it still refuses to leave it alone and attempts to open a handle to it. I tried disabling every module of Comodo, tried exiting it, tried shutting it's service down, nothing helped. Well one thing helped, uninstalling it completely. Does anyone know how to force Comodo to stop tampering with applications entirely? or is it even possible? Other AVs obey exclusions, reinstalled KIS 2019 and it's fine and dandy, I just can't get used to the new KSN rules of Application control, they made it so strict it's worse than a default-deny
i usually think like this: would you rather fear a proper company of potential stealing stuff than malware that is made by an anonymous guy that will 100% steal from you.
not surprising, back in V8 Comodo already ignored some exclusions or files set as trusted; one reason i ditched it.
happening with 10.2 and 11 too, tried everything, even almost bricked my windows with disabling "auto allow trusted files" lmao
and you didn't crossed yet the 10+ years old bug when "out-of-the-blue" all your rules & settings will reset to a blank slate LOL
prepared for that, have the settings exported. i would be very happy with going back to KIS but the 2019's KSN rules are ridicolously strict, every install/uninstall has a blocked .bat or .exe and can't even configure it to ask before blocking.
@mekelek, I think this is the setting you want: Settings --> Advanced Protection --> Miscellaneous --> Disable shellcode injection detection for these applications