Loopback Question!

“ESET EAV works great with Online Armor, which is an awesome firewall, anyway. Just tick “Intercept Loopback Interface” in OA and all programs seeking internet access are detected. No worries.”
This is is in reference to the current NOD32 v3 ekrn.exe proxy issue and how it limits the effectiveness of firewalls and the the many suggested solutions. How can a similar setting be enable in Comodo v3?
Thank You!

The same problems occurs with Kaspersky 7 A/V, it is a bit worrying that Comodo seems less effective with 2 such good Anti-Virus products

Same problem with Avast! Unless encrypted, all web traffic is through ashwebsv.exe, all mail traffic through ashmaisv.exe. You never see a browser except on port 443. Infamous as the “Sygate Proxy Problem” in the past. Since I even have Avast! checking encrypted email (via Stunnel) the only Thunderbird I see is on port 80 for embedded HTML in a message. HOWEVER, if D+ is also running, you will get an “ask” on loopback networking for new programs. So another concern if you are running Comodo firewall only, a good solution if you are also running D+. :slight_smile:

I’m not sure if this answers your question, as I don’t use either of those products. However, you can try this and see if it makes a difference.

CFP/Defense+/Advanced/Computer Security Policy

Find the entry for your AV and select Edit.
Select Use a Custom Policy the click Access Rights.
Halfway down you should see Loopback Networking, set it to Allow, the select Apply.

Comodo 3 and Avira Antivir seems to be a good trouble free combination.The detection rates are right up there with the best and no loopback problem.

"I’m not sure if this answers your question, as I don’t use either of those products. However, you can try this and see if it makes a difference.

CFP/Defense+/Advanced/Computer Security Policy

Find the entry for your AV and select Edit.
Select Use a Custom Policy the click Access Rights.
Halfway down you should see Loopback Networking, set it to Allow, the select Apply."

Anyone explain how that can happen? Thank You!

Edit: No longer applicable. Topic merged

When I installed v3, I had SSM installed, which comodo said was a ‘conflicting application’, so I had to install it as "basic firewall only’.
I did that, rebooted as per instructions, and was greeted by a whole heap of “d+ is learning!” messages.
My guess would be that as the firewall and HIPS components are both managed by the same processes (cpf.exe, cmdagent.exe and guard32.dll), it isn’t actually capable of disabling d+ 100%.

edit- Toggie, I believe that he is referring to the fact that although d+ was supposedly disabled, he was still able to use it to control process permissions, in this case the dns service.

I believe this is just a follow up question from the other thread, which I’ve now found. I’ll merge these.

Thanks qwerty, I had a stupid moment :slight_smile:

You are most correct, that is what I meant.

If you really want to turn D+ off, then go to D+\Advanced\D+ Settings and choose Deactivate D+ permanently.

I have to question whether or not that would work 100% though, as choosing to disable d+ from the very outset doesn’t seem to.

The installer option does seem to have some problems. I’m believe, however, the deactivate option, mentioned above, does work.