Author Topic: HIPS Dysfonction since Windows Migration  (Read 196 times)

Offline Xstof25

  • Comodo Member
  • **
  • Posts: 26
HIPS Dysfonction since Windows Migration
« on: June 09, 2019, 02:23:38 AM »
Hi everyone,

My configuration is: Windows 10 1903 X64, Comodo 12.0.0.6818.
Since the migration of windows I have a dysfunction of COMODO HIPS (HIPS in safe Mode). It blocks a lot of programs that before the migration of windows were not. For example Dashlane, Outlook, Adobe DC, searchProtocolHost, Comodo Dragon etc. etc. Even when unlocking them they come back every second or every time I reuse them.
I uninstalled COMODO completely and reinstalled but I still have the same problem.
What can I do now?

Best Regards
Xstof25
« Last Edit: June 09, 2019, 02:49:20 AM by Xstof25 »

Offline R2C2

  • Comodo Member
  • **
  • Posts: 44
Re: HIPS Dysfonction since Windows Migration
« Reply #1 on: June 09, 2019, 04:20:23 AM »
There is a bug with CIS on 1903 where CIS will log memory access being blocked where there is no memory access happening. It is a usability error; it's not an error that has  impact on functioning of programs nor is it a security risk.

CIS always has blocked memory access to its processes as part of how CIS protects its self. The blocking gets logged in HIPS logs.

Now with Blocked Applications this blocking is brought to the front and confuses people. Blocked Applications is not very informative and doesn't inform about the nature of a block. It was probably introduced to make managing certain blocking actions easily visible and manageable. But Blocked Applications  overplayed its hand by brining memory access to the front, offering to unblock memory access where it is not capable of doing so.

This freaks people where there is nothing to worry about. 99,9999% of the programs work normally when they don't get memory access to CIS processes.

Offline Just_An_User

  • Newbie
  • *
  • Posts: 15
Re: HIPS Dysfonction since Windows Migration
« Reply #2 on: June 09, 2019, 07:30:50 AM »
Hi everyone,

My configuration is: Windows 10 1903 X64, Comodo 12.0.0.6818.
Since the migration of windows I have a dysfunction of COMODO HIPS (HIPS in safe Mode). It blocks a lot of programs that before the migration of windows were not. For example Dashlane, Outlook, Adobe DC, searchProtocolHost, Comodo Dragon etc. etc. Even when unlocking them they come back every second or every time I reuse them.
I uninstalled COMODO completely and reinstalled but I still have the same problem.
What can I do now?

Best Regards
Xstof25

Same problem here, and my computer is sooo slow because of this. I  will give only another chance with the next update, if that doesn't solve the issue I will uninstall COMODO indefinitely .

Offline prodex

  • Comodo's Hero
  • *****
  • Posts: 232
Re: HIPS Dysfonction since Windows Migration
« Reply #3 on: June 09, 2019, 08:42:22 AM »

Since the migration of windows I have a dysfunction of COMODO HIPS (HIPS in safe Mode). It blocks a lot of programs that before the migration of windows were not.

Read this and....

There is a bug with CIS on 1903 where CIS will log memory access being blocked where there is no memory access happening. It is a usability error; it's not an error that has  impact on functioning of programs nor is it a security risk.

CIS always has blocked memory access to its processes as part of how CIS protects its self. The blocking gets logged in HIPS logs.

Now with Blocked Applications this blocking is brought to the front and confuses people. Blocked Applications is not very informative and doesn't inform about the nature of a block. It was probably introduced to make managing certain blocking actions easily visible and manageable. But Blocked Applications  overplayed its hand by brining memory access to the front, offering to unblock memory access where it is not capable of doing so.

This freaks people where there is nothing to worry about. 99,9999% of the programs work normally when they don't get memory access to CIS processes.

this:


Blocked Applications will amongst other things register when a program gets blocked when it tries to access CIS processes in memory. It registers CIS protecting its self. It has always done that since its conception as Comodo Firewall v3 back in 2006. CIS up to this day log memory access attempts in HIPS Logs which most mortals do not look at. 99,999% of the programs that try to access CIS processes in memory work without a glitch without getting memory access.

Blocked Applications is not capable of unblocking memory access confusing the users further and making them worried even more. It is my strong opinion that Blocked Applications should be removed from the UI. It simply creates too much confusion.

To add to the confusion. With 1903 there is a bug with which CIS will report memory access by 32 bits programs where they are not asking for memory access.

In short. 99,99999% of the programs will work without a glitch when memory access to CIS processes is denied. Blocked Applications is not thought through enough and creates confusion making users think something is wrong where it isn't.  Allowing memory access introduces an element of risk so we only advice to allow memory access when an application needs it to function properly.
« Last Edit: June 09, 2019, 08:45:22 AM by prodex »

Offline futuretech

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 4310
Re: HIPS Dysfonction since Windows Migration
« Reply #4 on: June 09, 2019, 08:59:09 AM »
Please use the search feature as this is a known issue.

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 25512
Re: HIPS Dysfonction since Windows Migration
« Reply #5 on: June 09, 2019, 09:41:24 AM »
Same problem here, and my computer is sooo slow because of this. I  will give only another chance with the next update, if that doesn't solve the issue I will uninstall COMODO indefinitely .
Your problem may not be linked to the erroneous logging. Please start a separate topic providing version information about Windows and CIS and how you updated CIS. Also post screenshots of the HIPS logs and Containment logs.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek