[Merged topic] When will COMODO fix the problem with nProtect GameGuard?

Just as the title says when?

You say this like it is definitively a CIS issue… which to my understanding, it is not. Have nProtect now said otherwise?

i really think it’s CIS issue since nProtect GameGuard has no problems with other firewall…

Well… CIS is a bit more than a Firewall. I guess not many Firewalls have kernel level hooks installed to watch for rootkits (which is really CIS’s Defense+ component). The problem, as I understand it, is that GG’s method of installing its own hooks causes problems with CIS’s (often resulting in a BSOD or a system hang)… I think it actually tries to rip CIS’s out. Comodo did some work last year in attempt to mitigate this issue, but it only worked (at the time) with the latest versions of GG (which was not in all games) and Comodo don’t have any say over GG. If nProtect saw their way to installing GG’s hooks using the recommended method, then I don’t believe there would be a problem.

Do you know something different that makes you think this is a CIS issue?

I’ve read somewhere in the BETA section about some workarounds and found one solution that worked… Disabling DETECT SHELLCODE INJECTIONS solved the problem…

But i found out that adding the game into the Detect Shellcode Injections’ EXCLUSION does nothing… so does it mean that IMAGE EXECUTION CONTROL feature is not doing it’s job properly?

I believe Detect shellcode injections is specifically to protect against Buffer Overflow [wikipedia.org] attacks, which can result in DLL injections or the arbitrary execution of code on the host. So, with that component disabled you are not protected against that specific type of attack. And this also implies that the version of GG that your game(s) are using can be handled by CIS… otherwise you would need to disable the whole of Defense+.

edit: I guess adding your game(s) and all of the GG components to the Detect shellcode injections exclusions didn’t help?

Does this mean that my version of GG will run without a problem without disabling DETECT SHELLCODE INJECTION? If so, I want to know how…

Thought: Adding the game into the Detect Shellcode Injections’ Exclusion should have the same effect with it disabled… Am I right? I should be… :wink:

No, this issue of if the Detect shellcode injections uses kernel level hooks, is a separate one from that of Defense+ (as a whole) using kernel level hooks.

I’m uncertain. To my knowledge it has not been either confirmed or denied if Detect shellcode injections uses kernel level hooks. It depends what GG is objecting to… it might be the hooks (which means disabling) or it might just be the buffer overflow protection (then exclusions should work). But, I guess that there is fairly easy way to find out. :slight_smile:

I see…

You mentioned in your second reply,

The problem, as I understand it, is that GG's method of installing its own hooks causes problems with CIS's (often resulting in a BSOD or a system hang).. I think it actually tries to rip CIS's out

so, i disabled detect shellcode injections… i ran the game with GG… nothing happened to CIS… Would that make your statement wrong?

I don’t believe so, as I also said that Comodo did make an effort to resolve this issue with the latest version GG (as of that time) and that it was successful. So, it could be that your game(s) are using that version of GG (or later… assuming nProtect didn’t make any significant changes to GG).

Sorry, I probably wasn’t clear. I thought we had left it where this could be the situation and that this being the case, that we didn’t know if it was Detect shellcode injections, as a whole, being the issue or was there the possibility that by Excluding the game(s) & GG, this issue could be avoided. What I can say with fairly good certainty is that if you can resolve this issue by merely disabling Detect shellcode injections without a reboot, then the likelihood of Exclusions working is fairly high. As to remove kernel level hooks usually requires a reboot.

Of course, what we’re not sure about is if this problem you’re having now, is the exact same problem with CIS & GG that was first encountered a few years back or a completely new/different problem.

Ok… so i hope the developers will look deeply into it and hope it will be fixed soon (i’ve read that the latest beta doesn’t fix the problem with GG)…

if you want to know about the kind of problem i am having, please take a look here:
https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-4-and-application-incompatibility-problems-reporting-t52466.0.html;msg399574#msg399574

by the way, thank you very much for you replies and your time…

Don’t know where the fault rests here, all I know is that when I disable D+ my GG games work perfectly but with D+ on… I only get a restart everytime I try to run a GG game !!

I know this is an old issue between these two software, hope it gets some attention in v5 or a game mode being implemented or a whitelist for games or… something !

My daughter plays a GameGuard protected game called “Fly for Fun”. She runs 3 windows (dual boxing +1) of the game using the latest 4.1.X Comodo and has no issues on Win7 Pro x64.

What I’d like to suggest is that it may not specifically be GameGuard, it could be the way various game developers implemented using it.

In case it helps… The main changes I made to Comodo on her system post install are standard things I do every install:

  • Set config to ProActive Security
  • Run the Stealth Port Wizard twice to define my “Global Rules”, selecting options 1 and 3
  • Disable the ICS Server option in “Firewall Behaviour Settings”
  • set the firewall and D+ to create rules for safe apps
  • in Sandbox settings, I disable “run unrecognised apps in the sandbox”
  • in Sandox settings, I disable “detect installer and run them outside of the sandbox”
  • ensure all “timers” are set for 120 seconds… firewall, D+, and sandbox(

I am very happy to say that this problem doesn’t exist in windows 7 Ultimate…

NO MORE COMODO and nProtect GameGuard PROBLEMS ANYMORE!!!

That’s a shame that you stopped using CIS, but then again most people have issues with setting up the firewall to allow such things as nProtect GameGuard. I love playing games and never run into this issue but then again it’s also a matter of reading and allowing certain things, could also be the way I have CIS setup.

Using Windows 7 x64 Home Premium with CIS, I can play FFXIV Beta, Aion, GW, SC2, and even played Sword 2 and Shaiya.

You could try using Training Mode so it allows GameGuard or if you want I can give you my setup and see if that works for you.

I never said I stopped uising COMODO, I’m still using it like I always do…

nProtect’s GameGuard is a piece of ■■■■, to put it nicely.

I once had it installed by an MMO game called Silkroad

When starting it, it caused Motherboard Monitor 5 to think all my computer fans had stopped working.

I understand that GameGuard installs special Kernel hooks to prevent cheaters from hacking the game, but SCREWING UP MY HARDWARE MONITORING? What. The. F**k.

Needless to say, I uninstalled that ■■■■ quickly.

After searching around I also found out that installing GameGuard opens your computer to some rather nasty security holes which I would rather not have.

I wouldn’t care if it was GameGuard or Comodo’s fault - I wouldn’t have the piece of ■■■■ on my computer at all.

Have any of you tried build 1135 (public release) with all gameguard and game file software listed under buffer overflow protection?

Would like to know if this is fixed!

Best wishes

Mouse

Ok,so i heard that comodo has just released it new version 2011,i am excited,but what about the gameguard issue,can somebody tell me if it is already fixed?Games like A.V.A,Blackshot or Suddenattack.If the issue hasn’t fix,can somebody teach me a way to make it work or how u all setup CIS,i am using malwarentes free version and avira personal,i really wanted to use comodo but only bcoz of the gameguard issue i did not use it.

Have you personally tried it?
Why not do this first? Also try adding, as Mouse Suggested, adding these files listed under Buffer Overflow Exceptions to see what results you have.
Also, try Game Mode, that IS what it is for.