D+ blocked the file SynTPEnh.exe (component Synaptics)

Here’s a messy situation. Mode Defence " Clean PC. " I just have not tried it: add to trusted files added to the exclusion of Shell- code. Neither of which does not help. Only mode is “disabled”, he did not block ;D

OC: Vista SP2, Avira Free, Comodo Firewall ( latest version )

hello Black Star,

you could try giving it the predefined policy installer/updater and enabled in sanbox settings :
Automatically detect installers/updaters and run them outside the sandbox
Automatically trust files from trusted installers


These two options will only help if he is installing something.

Hi HeffeD,

No I think it helps when applications are quite “recalcitrant” as Mouse explain in this FAQ topic


The program may require greater permissions than trusted files, but be unable to ask for them. To get round this apply the installer updater predefined policy to all executable files in the program's directory, and any other executable files you know it uses, using Computer Security Policy ~ Defense Plus Rules ~Add. Remove the same files from trusted files, and any other entries for these files in the computer security policy ~ Defense plus rules. Then reboot. For security reasons do not do this for applications that you will use to run other unknown files.


The two quoted options have nothing to do with the Installer or Updater security policy.

I 'm sorry HeffeD, but I understood from another FAQ from Mouse1 that there were necessary to get the installer/updater really effective in CSP.

◦Installer/updater policies used in the CSP, which always have precedence over autosandbox Job and Security rules, but have precedence over autosandbox Defense+ rules when and only when 'automatically detect installer/updaters' is ticked. (This setting is effective even when the sandbox is disabled).
•Making something an installer/updater in the CSP will not be fully effective unless 'autodetect installers' is ticked

And I remember having help other members with a similar problem and they had to enabled the 2 options you refer too to avoid their program being blocked by Defense+ even after giving that program the installer/updater policy.


Sorry Boris, you’re correct. :slight_smile:

I’ve always thought those options only come into play when installing something. I just disabled them and recompiled an application on my system and low and behold, the application is unrecognized. Enabling those two options allowed the Installer or Updater policy to do its thing and the application wasn’t sandboxed.

My apologies.

Are you seeing SynTPEnh.exe being blocked from accessing CIS files in memory? That is the self protection of CIS.

You can let things be and have it being logged or allow the memory access. We are going to make an exception for the program so it can access CIS in memory.

Here is the drill. First go to Defense + → Computer Security Policy.

Now look up Comodo Internet Security → select it → Edit → Protection settings → click on the Modify button behind Interprocess Memory Access.

We are going to add your program to the exceptions: Add → Browser → now browse to SynTPEnh.exe and select it → Apply → Apply → Apply.

Now start the program and see what happens.

No problem HeffeD, no need to apology. One can’t have everything in mind at every moment.


Hi, I have the same situation with CIS DB ver. 23796 and I have problem with errors. See attached screen shots. I have allowed this application to access in firewall. What could be the problem?

[attachment deleted by admin]

The firewall and Defense+/HIPS are two different components and you creating an allow rule for the firewall doesn’t affect the HIPS part of CIS. You need to edit the HIPS rule for COMODO Internet Security rule and edit the Protection Settings Interprocess Memory Access exclusions and add SynTPEnh.exe to the list. When you click modify use add running process and select syntpenh.exe from the process list and ok out all windows for the change to take effect.

[attachment deleted by admin]

Sorry but still the same. Here my settings:
Please help.

[attachment deleted by admin]

It is the other way around. You need to edit the rule for Comodo Internet Security and add the SynTPEnh.exe executables to the exclusions of Comodo Internet Security. You edited the rule for SynTPEnh.exe. It’s a mistake that is easily made.

Worked! Exactly as you wrote. Thanks!
Martimoo :-TU