Well - I’ve gone with avast! free 6 with Comodo Firewall installed as Firewall Only (so not using Defense+).

Seems to be the best working combination.

Just a note here:
I installed avast! free first. Then – after it was all setup and running (read below) – I first disabled all the shields permanently. Then I turned off the avast! self defence in the settings. This would then let me end the avastui.exe process via task manager. I also went to “Services” and stopped the avastsvc.exe service.

Once this was done I installed Comodo Firewall as Firewall Only then rebooted when asked.

On reboot – I then setup Comodo Firewall (described below).

Only after Comodo Firewall was setup did I re-enable the avast! shields and turn avast! self defence back on.

I have avast! on pretty much default settings (have not changed heuristics at all) except that I have:

  • Selected the “Load avast! services only after loading other system services”
  • Gone through the shields and selected the option to scan for potentially unwanted programs (PUP)
  • Gone through the actions for the shields and made it for viruses: repair, move to chest, delete ; for PUP & Suspicious: ask, repair, move to chest
  • Added comodo to exclusions under settings and file system shield
  • Gone through the shields and selected the “All Packers” option

For Comodo Firewall installed as Firewall Only:

  • Firewall Settings > General Settings: Set to Custom Policy and selected the options to “create rules for safe applications” and “enable IPv6 filtering”
  • Firewall Settings > Alert Settings: Unticked the “this computer is an internet connection gateway” option
  • Firewall Settings > Advanced: Selected “Protect ARP Cache”, “Block Gratuitous ARP Frames”, “Block Fragmented IP datagrams” and “Do protocol analysis”
  • Ensured that, under the Network Security Policy > Application Rules, that avastsvc.exe, avastui.exe and avast.setup are “Trusted Applications”.
  • Opened, ran “check for updates” etc, and closed every program on my machine in order to create the rules.
  • When prompted – added my network to the “Network Zone” and selected the option to allow other machines within the network to communicate with my machine.

I think doing this will allow general hassle free operation. Its the setup I plan on going with for my parents, sister and fiancee.