I have been a user of Comodo Firewall for 3 years now but only just started using Defence+ yesterday.
I think i have pretty well got it sorted but wanted confirmation that i have interpreted some log entries correctly.
I found the relevant post in the forums FAQ
If i am reading this correctly Comodo has blocked SAS & Mbam from scanning Comodo’s memory space (in other words Comodo self defense mechanism is in play)
I really just after re assurance that i am understanding this correctly
I assume it is probably best left alone, i don’t feel a great need for SAS & Mbam to be scanning what Comodo is trying to protect ie Comodo memory space
It is best to leave this alone. As each program you allow to access CIS in memory is a breach of its self protection. Suppose the allowed file gets infected then the malware could try to attack CIS.
Only when an application is not functioning properly without having memory access, which seems a bit of a questionable design practice to me, you should allow it.
Thank you for your response Eric it is much appreciated, i thought this was the case just wanted assurance that i was on the right track. HIPS is all very new to me but i think i am getting my head around it