I ahve the same problem (= Varan-de-C0m0d0) in OLD CIS: 12.2.4.8032
I using Win 11 up-to-date
I know that is not 100% compatible… but I ma wait more time…
Only in last year start appear what Varan-de-C0m0d0 wrote.
So I have enable all “popups”! But in this situation never appear.
All I have “Custom Ruleset”
And is impossible to create a rule to permit this!
Some help?
However, despite the fact that it is a misuse of system functions and that it is not signed, and that it intervenes and knows my Internet requests, Comodo CIS did not flinch and asked absolutely nothing, nor even warned.
For software like this, I imagined having a HIPS alert and another from the firewall… Negative.
Before the beta version, I would have had alerts. That seems safe to me. (I did not change configuration)
True but that’s automatically done in CF/CIS with Cloud Lookup and Analysis enabled by default so no need to manually submit the file but would be good to have links to a detailed report of file submitted to Valkyrie if it turns out to be malware.
Thank you all for your intervention and for taking the time to detail the procedure and I am sure that it will be of interest to other people.
I will happily use this setup on another PC.
However, it is also because it has the HIPS function that I chose Comodo CIS. Like many others I imagine. Disappearing it or not activating it could be counterproductive in my opinion.
I’m going to keep it on for three reasons:
Because I often use unsigned software and very very small publishers, or even no publishers at all, since they are independent programmers. Including amateur programmers. So I feel more at ease with that and the HIPS function has already proven itself several times.
I also leave HIPS it on the beta version, because I want to contribute as best I can to resolving the problems encountered and deactivating certain functions would only hide and report certain bugs.
I hated my test of the new ZoneAlarm. If this continues there will be no more personal parameters and settings in this software.
Quite the opposite of Comodo CIS!
Well, what you need to remember from this message is that I want to test the beta version thoroughly!
Varan,
I not use Edge. But I have another Laptop, that could be test what you suggest. But not sure, because is Win10.
Well, about my problem I think I can add more information about my problem.
I will try use Cloud, but I think the problem is other that some of you could help.
Also I write this, because could help for Comodo 2024…
1.º Some minutes ago I use Outlook, and I do not have problem use. Comodo never blocked. I have a rule for it how I have for others.
2.º What I see now:
I try to delay an send an email. I use the “Schedule send” and I also use in past - I do not know when. But I use some months ago without problems.
Well, the email not continue because appear this problem:
I check Comodo and…I see this
“Windows Operating System” is blocked.
This problem start to appear in many software thar I use.
And the software that I write in last my message is other and not use add-ins.
I think it is not possible to try manual define in firewall a custom RuleSet for this.
Also I try see what Outlook have on addin, but I find 3, but not none of them have the name …
But, If I define a rule, like I have many, that some software could access he must have access all with them inside (like add-in) etc.
More, in past year, I do not have this problem. Perhaps something that Microsoft do it on some update.
But I will try not write more here, because is for 2024, But I think this could help 2024.
And only write this because Varan-de-C0m0d0 list the same problem with … windows operating system…
Regarding the CIS deosn’t allow to upgrade Windows 11 22H2 to 23H2 issue.
We required all the CIS components logs so that we will check which windows file is blocking. View CIS Logs, Firewall Software, Log Monitor, Defense+ Filter|Internet Security (Refer this link to how to collect CIS components logs) Note: Upload the log on any online storage and share us the download link.
Providing any related screenshot/video of the issue would be helpful for us to understand the issue and fix it quickly.
I have “Malware Crusher Inc” which appeared in the publishers without rating, yesterday at 11:22 p.m. (and which should be “malicious” in my opinion) in the publishers table.
I noticed that editors with “unknown” status are sometimes added depending on the installations I use.
Are they added by Comodo without my intervention and unrelated to my installations? I don’t think otherwise Comodo would know how to classify them, good or bad. (and then there is the chronology)(chance)
If I start from this principle, that it is following one of my installations, this raises other questions:
I would have liked with an option to be able to find the executable which caused this entry in the table. (Because I did not try to install Malware Crusher)
Did it appear in the list following a scan of one of my hard drives?
Doesn’t Comodo classify Malware Crusher as harmful? (PUA)
I believe that Malware Crusher is a “fake” malware-hunting system optimizer that uses intentional false positives to convince users that their systems have problems. Then they try to sell us their software, claiming it will eliminate these problems. In real life, it’s a scam!
Can Comodo not comment on the validation of an editor that it would itself bring into the picture?
it would be nice if we could click on all the “unknown” editors and send them to Valkyrie for evaluation.
(I think it should be possible to do cross-searching internally to bring publishers closer to the programs they produce), right?
Would be nice have a different alert sound on the new CIS.
Like user can switch themes, a different alert sound maybe more modern and more nice will give also a great experience. Some user think the same?
I find this only happens when Alt+Tabbiing to Comodo UI in background if you press Alt with Comodo UI Open and then Alt+Tab to another app or back to itself. Pressing Alt makes them go away. Those letters just show you what the Alt+ Command is to access them if just using keyboard. For example, Alt+Z brings up the Network Intrusions Log.
Blocked Apps
The Blocked Apps shown in the list are not actually blockable, it can be said that they are displayed for informational purposes only. When executing an application, e.g. unrecognized, alerts will appear and the application will also be added to this list with information for the user which module (be it HIPS, firewall or sandbox) caused this event with the possibility of unblocking this application and adding it to the rules, e.g. HIPS as a custom rule and in Sandbox rules as ignored.
Regarding the Windows Operating System
When it comes to that unfortunate Windows Operating System, it’s already hands down. If you’re using a Desktop or Laptop computer and don’t use them to connect to public networks, you can turn off this setting (Enable ARP spoofing protection) without worry.
As for the Windows Operating System that is shown on the list as blocked, it is therefore visible because the Windows TCP/IP network stack handles all network packets in the kernel and is labeled by comodo as a Windows operating system. When you see blocked events coming to the Windows operating system, it means that the packet has been blocked from reaching the Windows kernel to be processed by the Windows network stack.
It also happens that if cfw can’t determine the process establishing the connection, it assigns it to the Windows Operating System, that’s the whole philosophy and unnecessary further topics on this subject.