Unable to access secure pages (continued...)

[Guest]

[pooksahib]

This follows on from my previous thread of the same name (now locked) and I must thank sded for the advice about disabling applications via msconfig before uninstalling and reinstalling CFP3.  I was able to get a clean install without the 'network firewall not functioning properly message'.  Absolutely brilliant.
However - the very first problem I posted about is back and I can't understand why.  I fixed it the first time with help from the people here by adding Firefox and IE7 by means of Firewall/Advanced/Network Security Policy. I immediately did that again when I had my clean install of CFP3 and, cautious bugger that I am, went to test it on www.nsandi.com.  And there it was - the browser is just hanging on the second click you need to access the Direct ISA.  So I went back to Network Security Policy and tried recording Firefox as Trusted Application rather than Web Browser but to no effect.  Which means that once again I need to ask for help.  What do I need to do to allow me to enter not just ordinary websites but the secure areas of Bank sites and suchlike? I've disabled Windows firewall and I have Windows Defender, BOClean and SUPERantispyware (currently looking for a new AV). I really want this firewall but the problems I'm getting will soon put me off it, I'm sure.  Thanks in advance.

[sded]

Have you looked at your firewall log-see if the block and log in the web browser policy is picking up anything?  I dont use SAS in real time, but if it is acting as a proxy you may need to designate it as a web browser also to make things work properly.  avast! and avira seem to be the most popular AVs here, along with NOD32.

[pooksahib]

Hello again, sded.  Do you mean 'View Firewall Events'?  It says 'There are no items to show'.  I've added SAS to the list via Network Security Centre but I'm still locked out of secure webpages.

[sded]

Do you have anything else that could be acting as a proxy-maybe another SAS process (check task manager)?  Also check under firewall/common tasks/my port sets to make sure port 443 is included in your http ports.  If it were being blocked by your browser, you should get a log entry.  Another approach:  Find all the entries for SAS, BOClean, your browser in Network Security Policy and Computer Security Policy and delete them.  Set both the firewall and D+ to training mode from the tray icon.  You should get popups that allow Comodo to make the proper rules for you then.  Once you get it to work, you can do a little editing.

[Matty_R]

Under Firefox,go to "Tools" and then "Options" and then"Security".Now click on "Settings" do you have the top 2 boxes checked,and if so do you get the warning message when trying to access the secure page?
I can get straight through to said page.

An option which you could try is from the main interface choose Defence+/Advanced/Computer Security Policy:Find the entry for Firefox,highlight it and then click "Remove" "Apply" to close window.
Now put Defence+ in "Training Mode" and try to access the page.

Matty

ps also could you try this.When you try to access the page and it hangs,look under Firewall/Common Tasks/View active connections,can you see anything trying to connect using port 443(it will be the last 3 digits)

[pooksahib]

Hello sded and Matty-R.  I really do appreciate the lengths you're going to to assist me.  Thanks.  Task Manager shows 2 processes without a description: csrss.exe and winlogon.exe.  All other processes look reasonable bar one I don't understand: unsecapp.exe (sink to receive asynchronous callbacks for WMI client application).  I've created a log from a program called System Information for Windows if you'd like to see it but it's in html so I can't attach it.
After taking everything out op NSP and CSP, there were no Firewall popups asking me what to do.  I was able to fire up IE and FF no problem.  They seem to have put themselves back into NSP and CSP of their own accord.
With those top 2 boxes in FF, the second only was checked so I checked the first also.  Now I get a FF popup about an encrypted page when I go to Yahoo but nothing at all when I go to nsandi - I can still make the first click and then hang on the second.
Re Matty's last point, there are 2 "443's", both under the Firefox ladder. Both are for TCP Out and both are in the Destination column.
Damn, this is complex...!

[Matty_R]

This is a strange one,i seem to be able to get to the log-in page no probs.
Can you just check something else please.
Click "Start" and then "run" in the box type "services.msc"
This gives you a list of the services on your computer and what there set at.
Look down the list for HTTP SSL is this set to Automatic and Started?

Matty

When you look at your Logs(View firewall events) could you click "More" and see if there is anything relating to this in firewall/D+

[pooksahib]

Hi - I don't see HTTP SSL.  The closest I can find is WinHTTP Web Proxy Auto-Discovery Service which is Started/Manual.  There's nothing to view in the Firewall log and a dozen or so things in the D+ log but only to do with SAS etc.

[sded]

You're OK; Vista doesn't use the http ssl service.  You should be getting popups in training mode if you have removed the old rule sets, so don't understand that.  Did you remove your browser from the firewall list?  Check firewall settings/alert requests to be sure all the alerts are enabled.

[pooksahib]

All alert boxes are ticked and Frequency is 'Low'.  Both browsers are currently in Network Security Policy.

[sded]

Try moving frequency to very high-have seen posts on various logging problems.

[pooksahib]

'Very high' hasn't changed anything.  I sense we're struggling here, so I've done another reinstall and, this time, I immediately set both CFP and D+ to 'Training' and the Alerts to Very High.  Not once did I get a Firewall prompt window and only one D+ prompt for something I can't recall but it looked Windows related.  But both FF and IE7 are sitting snugly in NSP and CSP but it wasn't me who put them there.  And I still can't get past the first click en route to that Direct ISA page...
Am I really weird??

[sded]

Sounds like it might be an uninstall problem-not getting your settings out of the registry.  They are actually stored as a registry hive.  How are you doing the uninstall?-from Vista, or by using the installer itself.  If you run the installer with the program already there, it will uninstall first, then you can reinstall.  Or see the instructions and uninstall script at http://forums.comodo.com/help_for_v3/comprehensive_instructions_for_completely_removing_comodo_firewall_pro_3_info-t17220.0.html
First thing to try, though, is to remove the firewall rules for FF & IE7 & SAS and see if it will let you do that, then reboot.

[sded]

One other thing with Vista-try turning off UAC and doing the rule editing.  You could be having problems with Virtual Store, although this is unusual.

[pooksahib]

Hi. I forgot to mention - last time I did a reinstall I ran CCleaner beforehand.  And I have UAC turned off for Administrator (me).  But this time I used your batch file after the uninstall and it told me all traces should be gone.  Then I reinstalled.  Guess what? 'Network firewall not functioning properly'.  So ran diagnostics and it found a few things to fix but couldn't fix others - did I want a report? Yes, I said and even though it's in txt format, I can't attach it here for some reason. But here's the twist - I can now access that nsandi.com secure page!  So all I need now is my network firewall warning off my screen and I'm happy.  But I've been here all day, I need a break.  Thank you SO much for your time, I can't believe how good you've both been.  See you tomorrow.

[Tags:]