comodo,antivir PE guard strange behaviour

I had posted here about some kind of confliction between comodo firewall and antivir PE classic.When I choose to block all in comodo, antivir guard also deactivated.I thought that it happened after I updated antivir.So I posted to the antivir forum, but I could not get any answers.
Now after installing comodo 2.4.16.174 I thought that the problem was solved.I was wrong.I found out that the real problem was comodo.Now please try this and give me a feedback,if it happens with you:COMPONENT MONITOR LEARNING,block all,nothing happens to antivir guard.NOW CHANGE COMPONENT MONITOR TO ON,BLOCK ALL,ANTIVIR GUARD DEACTIVATES.But there is not a security notification from the security center.Why does this happen is it a bug?

 

I had also a problem with avguard.exe. I solved it by making a rule to allow it destination: IP 0.0.0.0, port TCP 18350 incoming.

More about that in this thread:
http://forums.comodo.com/index.php?...8de845fb424baa07&topic=5535.msg41115#msg41115
Rather than answering your question, I hope maybe that rule helps. Now I don't get antivir guard shutting down after reboot, but it still does what you described though

 

Since you are the only one who understands me(lol very romantic) I would like to ask you another thing.Surfing with firefox :doorbell rings and I block all in comodo.After a few minutes I come back, change comodo to custom and try to surf again.I can surf but very very slow,firefox CPU usage 99% ,I have to restart firefox once or twice to make it work properly again.
I got win XP SP2.comodo,antivir PE classic,SSM free,firefox with no scripts,spywareblaster.
ON demand AVG antispyware,spybot and adaware.I use sandboxie sometimes.
I have not had any conflicts between sandoxie and comodo.But I use sanboxie only for windows live messenger.
I think we nearly have the same configurations and same problems.I never think of giving off Antivir but I can change my firewall.Maybe going back to jetico 1 can be an easy solution.It was the best firewall I have ever used.What do you think.Jetico is an old firewall??

 

Interesting catch.
On my system, componant monitoring learning, block all disables guad.
Compo monitoring on-- block all disables guard as well.
So guard is disabled in both cases.
Can u pls post on Comodo forum.

 

That 'Block All'. It really is no use to me. I always allow the traffic, withing the made rules. 'Allow All' could be useful to test if the firewall is blocking something undesired, especially since Comodo has such poor logging.
I run my computer 24/7, so it is always connected with cable modem.

I don't get that 100% CPU usage or slow connections after back to normal = custom. So no idea why yours do so.
How about 'Allow All', still slow? I know you should not normally run without a firewall and that is what it is, but you can make your system very safe by disabling certain unnecessary windows services. Easiest way to do is with this program http://www.firewallleaktester.com/wwdc.htm

I don't really see any serious problem you have with that guard shutting down since it turns back on when the firewall is in normal mode?

I have never used Jetico 1. The reason being that it does not run as a service and I don't have a router. And Jetico 2 is not free. Would be interested to try to tackle with it and perhaps since my PC is pretty secure by closing those services, it would still be possible.
At the moment I see no serious problems with Comodo, other than that nonactive and localhost connections are not shown anymore in 2.4 version. Makes me suspicious that something would be revealed, some vulnerability and they are purposely hidden. That's just a paranoid thought, propably baseless

 

I posted to the comodo forums today.

 

Here is the answer :I submitted my ticket I am waiting for the answer.

 

Mine does it to, except it says the status of the guard is unknown. The umbrella stays open in the task bar, so I feel kind of protected.

 

Thanks,
Interestingly I found similar problem with ZAP. If I do in sequence--- Engage internet lock and then Stop all internet Activity, guard turns off. But not if I do same steps in another order or only one of these steps.

 

They say the problem is resolved**

 

It has allways been the case.Antivir needs internet access.

 

Do you have any real problem with it?

I know Comodo forum is not a good one to find answers, real one.
I still have no idea how this firewall really works.

When I boot up, I get prompted about svchost.exe. Do I allow it to act as server? For udp 123, that is timeserver port. Of course and i have allowed from my computer generic host, from CPF to time server UDP port.
There was that talk with Comodo Melih and Stem, I followed all that talk, but from comodo there was no clear reply how it works. SPI existing or not.
Sometimes I go to my clock, try to update ... it works, most time it doesn't.

Same also to DHCP rule. I have allowed that outbound to my isp server from svchost, but I do get prompted sometimes, I usually answer no. As SPI should take care of them?

I do get disgusted since knowledgebase in comodo forum is non existent or hidden in many user messages. That is my opinion anyways. All so easy and clear with kerio 2.1.5 but not at all with Comodo.

EDIT

No Antivir does not. You can apply my rule for 0.0.0.0 or perhaps localhost address with running Comodo too for avguard is enough, but main thing is what was raised up by me, some person before that and now by cet is, Comodo needs rules to apply and maybe as I found out they were not found out with that low level of alerts setting.
But, no need of internet needed for antivir guard to work.

 

Sorry to hear about your problems.
Normally I run KIS but have been having some problems lately with the puter going down at least once a day. So I uninstalled it to see if that was the problem. It wasn't.
In the meantime I put in commodo and avira. I allowed all for Avira and had no problems with either in the week I had them running.
Once all was allowed they ran great together. At least on my system.
Both are quite impressive by the way. Very smooth running and little system resources used.
Good luck!

 

Unfortunately from the comodo forums I understand that their answers will never satisfy me.I am thinking that the comodo firewall seems good,passes all the leak tests BUT is it as good as it claims.Sometimes lab tests differ from the real life.The outer part of the apple is very red polished but inside
Comodo works well with antivir (to danny9) but I am trying to discuss something different here.In the comodo version 2.3.681 some programs bypassed the firewall and connected to internet before I allowed or denied them.I sent the pic to the forum and after 2 days they removed it from the forum.
Since I am behind NAT router I may go back to the solid rock jetico1 or there are some very good comments about sensive guard which I may give a try.My PC is 6 YRS old ONLY 512 ram Sensive guard uses less memory than comodo.

 

By default it allows their trusted white listed applications to connect without popups, may be it was the case. U need to change settings to control everything.

 

Maybe Aigle, but I doubt.
Anyone serious of security should anyways check that Comodo thing off. So thanks for reminding.
For you, pls try to change that U to you. I know it is a minor inconvinience and you are understood, but kind of hurts my reading to take you seriously etc. Sorry for being so blunt.

 

One thing I have noticed is avguard.exe and avgnt.exe never show up in the application traffic in Comodo with the newest version; they were always listed in the last version.

 

You must be happy now. It is my habit with poor typing!!. Also I like some things simple and easy.

 

It was only a joke dear aigle. Hope you don't mind that comment on "U" since reading you is always a pleasure.

Though now, for some reason I don't know, I am back to kerio 2.1.5.

It was really OK with Comodo for 2 weeks. But today, I could surf internet for something like 2 hours and then needed always reboot and I could not find any real rules I had made to block my internet connection.
So Comodo started to act strange and I am not happy about it.

I feel also apologized to all that it may have been just some of my setting and not Comodo cause I cannot pinpoint that, just happened. Really strange.
I know I was after examining Comodo SPI etc., but nothing to do with loosing my internet connection, so no idea. Just happened. End of this thread particiment from me. Sorry guys and girls, really liked to have Comodo working for me.

 

No problem at all.