5.8 too many Defense+ Alerts

[Guest]

[coyote2]

Upon upgrading to 5.8 of the free firewall, I'm getting huge numbers of Defense+ alerts.  Even from components of the firewall itself!  (And when I try to change Windows settings in system components like "Scheduled Tasks".)

I have read the sticky on 5.8's changes at
http://forums.comodo.com/defense-sandbox-faq-cis/alert-reducing-settings-in-cis-why-how-when-to-use-draft-v58-onwards-t76410.0.html, but I'm still lost as to how to get back to the pre-5.8 situation.  (In part because, even as far as I understand that sticky, I can't find the settings alluded to.)

My Firewall and Defense+ Security levels = "Safe Mode".  I see the Sandbox got Disabled, so I just Enabled it (I don't imagine that will reduce the number of alerts I'm getting).

Windows XP Pro 32-bit sp3; also running Norton Antivirus 2012.

[Chiron]

It sounds to me like something could be wrong with your install. What happens when you run the diagnostics?

[coyote2]

It sounds to me like something could be wrong with your install. What happens when you run the diagnostics?

I just tried it: "The diagnostics utility did not find any problems with your installation."

At least it does now finally seem to be (at least sometimes) learning; perhaps with time the alerts will wane, much as they did when I installed the product for the first time years ago.

[Chiron]

On my system I get very few alerts. Were you saying that your Comodo Firewall was giving you alerts for things that Comodo Firewall was doing?

What adjustments, if any, did you make to the default settings?

[coyote2]

On my system I get very few alerts. Were you saying that your Comodo Firewall was giving you alerts for things that Comodo Firewall was doing?

Yes; for example, on system bootup, when Comodo checked for updates, I got a Defense+ alert.

What adjustments, if any, did you make to the default settings?

Other than the Security Levels I just mentioned, I don't think I have made any changes to the default settings.

[Chiron]

There may have been a problem with your installation. By that I mean that Comodo Firewall may not have installed properly.

Other than that it could be a problem with Norton Antivirus. I don't seem to remember Norton Antivirus playing well with other security programs, but this is just a guess.

Also, what version of Comodo Firewall did you have installed before 5.8?

If you do decide to reinstall Comodo Firewall then I would advise following the advice I give on this page and then configuring it as I describe in this article.

Thank you.

[captainsticks]

A view of D+ event logs or alert logs could assist in finding a cause for the alerts.

[coyote2]

A view of D+ event logs or alert logs could assist in finding a cause for the alerts.

Thank you very much for your reply, captainsticks!

I exported my D+ Events for today to .htm (the only format offered), but that can't be attached here.  Any suggestions, please?

[coyote2]

Other than that it could be a problem with Norton Antivirus. I don't seem to remember Norton Antivirus playing well with other security programs, but this is just a guess.

Thank you very much for your reply, Chiron!

All was well until 5.8

Also, what version of Comodo Firewall did you have installed before 5.8?

It was 5.5...1383

[captainsticks]

I exported my D+ Events for today to .htm (the only format offered), but that can't be attached here.  Any suggestions, please?

Hi Coyote2,
An attached screenshot of the logs would be another way.

[coyote2]

Hi Coyote2,
An attached screenshot of the logs would be another way.

Screenshot of the bottom of today's Defense+ Event log attached.  I'll happily post any number of additional screens if that would be helpful.

[captainsticks]

Hi Coyote2,
Thanks for the screenshot, you could also post/attach your Configuration Changes logs and Alerts Displayed logs for the Entire Period and this might show where it all started.
Please Zip the HTML files to attach to your post.

Also in case of a corrupt configuration you could choose an alternative configuration to see if that calms the monster.
Right click Comodo icon and choose between proactive/firewall configurations.
Thanks.

[coyote2]

Hi Coyote2,
Thanks for the screenshot, you could also post/attach your Configuration Changes logs and Alerts Displayed logs for the Entire Period and this might show where it all started.
Please Zip the HTML files to attach to your post.

Also in case of a corrupt configuration you could choose an alternative configuration to see if that calms the monster.
Right click Comodo icon and choose between proactive/firewall configurations.
Thanks.

Thank you very much, captainsticks!  Zipped logs are attached.

[coyote2]

Thank you very much, captainsticks!  Zipped logs are attached.

Never mind, sorry!!!

I just restored a backup image (of my system drive, taken just before I updated my video card drivers a couple days ago), which resolved the problem.  

Perhaps it was just that update attempt which went wrong; I'll try it once more and perhaps all will remain well.

[captainsticks]

Hi Coyote2,
No sorry required, it doesn't matter who solves the problem it is nice to see it fixed .
Thanks for taking the time to produce the logs.
All the best for the future, thanks from Captainsticks.

[Tags:]