In dealing with a very rare, but very troubling, conflict between CFP 22.214.171.1248 and Avira AntiVir Free 8.1, I have defined a special Computer Security Policy “Avira Antivir”. This policy is currently identical to “Trusted Application”, but I chose a special name to allow simple tweaking of the situation if it becomes necessary.
I have assigned this policy to each AntiVir executable file, nine in all (I think). However, Defense+ does not reliably remember these assignments; instead, it occasionally reverts some of them to “Custom”. The three affected executable files have not been modified and still bear dates from several months ago. If they had been altered in an update, I could understand the problem, but this seems not to be the case. Two of the files (preupd.exe and sched.exe) are (or appear to be) associated with the update process and/or the scheduling of system scans; both of these occur on a daily basis. Any ideas about why the policy is changed by Defense+ would be welcome, especially if they tell me how to prevent the changes. The Defense+ log contains nothing about this.
I am using Windows XP Home SP3 on a 1.7 GHz P4 with 512 MB RAM. Note that I have not explained the “troubling conflict”, mainly because I don’t know yet whether the policy change will alleviate it. It has been 3 weeks since the last occurrence and six weeks since the one before that. The policy changes date from about two weeks ago.
I suspected that modification of an executable file by Windows (or whomever) would cause the cahcnge from “Avira AntiVir” to “Custom” (see my OP). But such alterations ought also to change the “Modified” date in the file’s Properties display. The changes I mentioned earlier do not do this. The Modified dates are months ago; the changes a day ago or so. Defense+ ought not to change things without reason!
Yes this does happen and it may be a bug. I put certain applications to “trusted” too in Computer Security Policy pre-set and then they are set to custom. I am guessing it’s the type off application (Whether if its an installer, a browser, an email client, etc) that has an effect on things that change to custom when you already pre-set it.
From what i have observed,this happens to executables which have been set to "Trusted" and then perform the action "Run an executable" which is the only one with an ask under trusted application. Have a look at Modify next to the run an exe for the apps set to trusted.
I think it`s to do with the registry entry \HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy(a number)\rules------->being changed.