Much problems when running some applications

Hello!

If I run Cygwin 1.7.8-1 (a collection of tools which provide a Linux look and feel environment for Windows.) and try to rm any .exe, .com, .bat or .dll (maybe some others) file (i.e. run something like “rm a.exe” from bash shell), I get message “rm: cannot remove `': Permission denied”. But I’m able to delete any other files (like .tar, .xxx, .acm and others). Same with chmod and mv. I’m able to delete any files from windows. If I rename .exe file using Windows Explorer, I can then delete it using Cygwin.

Also if I run game “Lineage 2” (it is known to have anti-hack system called GameGuard which tend to be in conflict with Anti-Virus programs), many problems are observed. For example, if I click on sound management icon in tray (doesn’t matter which button I use), nothing happens. If I try to run notepad, if appears in task manager together with drwtsn32.exe and closes in a minute. In fact, the same thing happens when I try to run many different programs, for example Light Alloy. Ping can be launched, but can’t reach any site. Some other programs are working normally (for example, VLC player)

If I just exit from Firewall program, problems don’t disappear, but if I uninstall it and reboot, everything works. I have windows XP professional sp 3 and Comodo Firewall. The problem remains if I keep Firewall, but uninstall my anti-virus program (Avira).

It’s pretty interesting, that I had the same problem with Lineage 2 when I had no firewall, but Avast antivirus installed (disabling all protections wasn’t helping, only uninstallation). In fact, this is the reason why I have switched from Avast to Avira. Lineage 2 support team told me to ask Avast developers, and after reviewing similar topics at their forum, I realized, that they won’t provide much help as well because of nature of GameGuard. I haven’t had Cygwin that time so don’t know whether Avast and Cygwin had conflict as well. Since Cygwin problem is more serious, and should be easier to solve (at least I hope so), this time I’ve decided to write here.

Hope someone can help me. Would be appreciate.

Hey and warm welcome to comodo forums

Could you provide us a screen shot of your d+ logs

I know of game guard. If you find the specific file to game guard add it otherwise add the complete game here CIS —> Defense+ —> Defense+ Settings —> Execution control Settings —> Detect shellcode injections (i.e. Buffer overflow protection) —> Exclusions —> Add —> Browse…

Adding programs in exclusions of Execution Controll Settings can sometimes help.

Regards,
Valentin N

Those are protected files. Look under Computer Security Policy → Protect Files and Folder to see which files are protected.

But I’m able to delete any other files (like .tar, .xxx, .acm and others).
Those are not in the Protected Files list.
Same with chmod and mv. I’m able to delete any files from windows. If I rename .exe file using Windows Explorer, I can then delete it using Cygwin.
For my understanding. Chmod and mv are Linux command you run from within Cygwin? Is that correct?

Can you delete Windwos files with chmod and mv commands after you renamed .exe files with Windows Explorer? Did you rename the extension to an extension that is not on the Protected Files and Folders list? Then that is expected behaviour.

CIS is the nanny of program behaviour. It is not the nanny of user behaviour and allows the user to do all stupid things he or she wants.

Also if I run game "Lineage 2" (it is known to have anti-hack system called GameGuard which tend to be in conflict with Anti-Virus programs), many problems are observed. For example, if I click on sound management icon in tray (doesn't matter which button I use), nothing happens. If I try to run notepad, if appears in task manager together with drwtsn32.exe and closes in a minute. In fact, the same thing happens when I try to run many different programs, for example Light Alloy. Ping can be launched, but can't reach any site. Some other programs are working normally (for example, VLC player)
GameGuard.... sigh... ;) I remember that for some version people could make it work with CIS for other versions there didn't seem to be a workaround. Try a forum search it should yield various topics with strategies to try to make Game Guard work.
If I just exit from Firewall program, problems don't disappear, but if I uninstall it and reboot, everything works. I have windows XP professional sp 3 and Comodo Firewall. The problem remains if I keep Firewall, but uninstall my anti-virus program (Avira).
You probably exited the client program (GUI). That leaves the underwater processes running.

The problem with Game Guard is with Defense +. There are two ways of disabling it. Moving the slider to disabled or by ticking [url=http://help.comodo.com/topic-72-1-155-1115-General-Settings.html]Deactivate Defense+ permanently (Requires a system restart)

. The latter will probably work to be able to work with Game Guard. Then you will miss the full blown protection of D+ You could also try to disable the guard32.dll with Autoruns and reboot.

It's pretty interesting, that I had the same problem with Lineage 2 when I had no firewall, but Avast antivirus installed (disabling all protections wasn't helping, only uninstallation). In fact, this is the reason why I have switched from Avast to Avira. Lineage 2 support team told me to ask Avast developers, and after reviewing similar topics at their forum, I realized, that they won't provide much help as well because of nature of GameGuard.
Game Guard (used to) behave like straight up malware by unhooking everything from the kernel it thought that should not be there.
I haven't had Cygwin that time so don't know whether Avast and Cygwin had conflict as well. Since Cygwin problem is more serious, and should be easier to solve (at least I hope so), this time I've decided to write here.

Hope someone can help me. Would be appreciate.

I am awaiting your answers to my questions about using Cygwin.

Thank you for ur welcome
Clip2Net — screen capture tool for Windows, Android, iPad, Mac, Linux - is that what u wanted?
If you wonder, Nostromo is soft for my gaming keyboard.
Adding files to Exclusion haven’t helped (I know exact file list since GMs of Lineage 2 provided me with it while I was trying to solve problem with Avast), as well as disabling D+ temporary, but disabling D+ permanently helped. Still I don’t think that disabling protection is a good way of solving the problem.

Yes, those command are supposed to work in Cygwin Bash Shell, doing the same things they would do in Linux.

If I do “rm a.exe” in Cygwin Bash Shell, I get error. If I switch to Windows Explorer, rename a.exe to a.xxx, switch to Cygwin Bash Shell and do “rm a.xxx”, the file is getting deleted. It doesn’t matter, whether a.exe was created using Cygwin or other Windows application.

as I wrote before, that helped. Problems with Cygwin were solved as well in this way. Actually after I reinstalled CIS and added some Cygwin files as execptions, it began working correctly, so there’s no cerious problem with Cygwin. Only with Game Guard.

All topics end up with one of the follows:

  1. add files to exceptions
  2. disable D+ temporary
  3. disable D+ permanently
    The first two don’t help, and the last one leaves my system opened for viruses. The real problem is that Game Guard developers say: “Game Guard is working ok with other firewalls. Thus, the problems is in Comodo”. But Comodo developers say: “CIS is working ok with other anti-hack systems. Thus, the problem is in Game Guard”. And user says: "No love for little user :frowning: "

Any way, in the beginning I thought that solving problem with Cygwin may solve the problem with Game Guard, but that’s not the case. Thus, seems like there’s nothing to do in this topic any more. Gratz me with permanently disabling D+ :frowning:

P.S. Thanks everyone for answers :slight_smile:

Add nost_LM here CIS —> Defense+ —> Computer Security Policy —> Defense+ Rules → click on Internet Security and then edit —> Use a Constom Policy —> customize —> Protection Settings —> Access Rights —> Find Interprocess Memory Accesses and click on Modify —> Allowed Memory Applications —> add —> Running process/browse and then find the exe file.

Regards,
Valentin N