Blocking System File and Not Showing Unrecognized Files

I’m already getting discouraged with Comodo, where is the update that never comes out? !! … I’m trying to wait for the update that said it would fix the bugs, but I think I’ll have to change antivirus. Too bad that!

…Umesh … when the promised update comes out ???

see the picture in the attachment.


if ports not config in global rules “windows system” is block, but allowed applications safe or configure in “Applications Rules”.
not showing unrecognized: files hide or bug visual

Update will come when it is ready not before, they are working on complete compatibility with the next Windows 10 release. As for blocking Windows Operation System, you only get that if you enable logging for the default global block rule. Also the default global rules only allow two specific ICMP messages to pass through.

Sorry, I replied that the program does not what was asked

Hi futuretech,

Yes I activated the lock rule log to check what is being blocked on my connection… and I noticed that this global lock rule is appearing in the log when I activate the Bitcomet program, which I created a global rule for port release. Can this be the cause of Windows Operating System being displayed in the log?

Do I have to open the ports for Bitcomet differently in Comodo and not within the global rules?

see the picture in the attachment.


The blocked events is for a different protocol so your rule is fine, but if you want the block events to stop appearing you need to add another global rule for ICMP destination unreachable, but the log does not specify which destination unreachable code it is blocking. I would just allow incoming all ICMP messages.

Hi futuretech

I understood.
And with respect to the ICMP permission rule, will not it leave my computer at risk?


No, but you can block incoming ICMP echo requests if you don’t want other systems to ping your computer.

Hi futuretech,

I created a new global rule and ran the Bitcomet program.
There is something very interesting about the Windows System Oparating logs, see attached image.

Yes as I said before, the log doesn’t give the exact message code it is blocking, it could be a different code from the destination unreachable type than the one you specified in you rule e.g. host unreachable, network unreachable, etc. See the wikipedia page on the different codes that are defined for dest. unreachable.

Hi futuretech,

So, there are 16 different situations for Destination Unreachable! … I can make 16 new global rules, or is this a problem in system security?..
… is there any way to solve this?

detail … I thought that because the log shows the destination unreachable only in the ports and not in the ip’s,
I deduced that the problem would be only the door, you see?

You could just create a global rule for ICMP and use any for message under ICMP details tab of the rule. CIS uses the ports column to show the type and code number when the text representation is not available for certain ICMP messages.


But that rule will not make my computer at risk, right? Sorry for the question, but prevention is better than cure, okay?

No ICMP does not pose any risk and is used for error messages and operational information.

There are 6 MONTHS ago (September 03, 2018), I opened a topic related to this bug and got the answer that would be fixed in a next update. Recently
I opened another topic (September 29, 2018), questioning that the problem persisted and asked for information when the fix would be done. I received a
Very rude response telling me that “The update will come when it’s ready, not before …”. If I had been a PRO user would I have received
a response as rude as this? … all users deserve respect, regardless of whether it is PRO or FREE!

I’ve been complaining about this bug for so long because I have to, EVERYDAY, clear my log which sometimes even shows more than 200 files! I have to stop
my job to be cleaning log files that come back every day constantly.

They are all System files!.. They are all System files … clean the log and return them, clean again and they return again!

see image in attachment

The bug is fixed but in order the get the updated version which has the fix is to manually update CIS using the installers available in the release topic, you either wait for the update to come to older versions or force the update yourself. Please do not create another topic on this issue.

Did you also make a matching application rule for Bitcomet? You need to make both a Global Rule and an Application Rule.

When CIS logs it blocks incoming traffic for which there is no program listening it will report it as blocking Windows Operating System. That is a confusing message.

Please notice that after closing down a p2p client you will see blocked traffic for a couple of hours until the network has figured out you are no longer off line.


You mean the same rule I created in Global Rules I will have to create in application rules for BitComet.exe, is that it?

Exactly. Incoming traffic first goes through Global Rules and then through Application Rules. Hence why you need to make rules at these two places.

You can follow the instructions in Enable File Sharing Applications like BitTorrent and Emule on how to make an application rule.

Hi EricJH,

Done. I’ll be checking to see if everything is ok with my torremt downloads.