Comodo randomly blocking ALL network traffic [Resolved]

Hi,
I’m trying my best to like Comodo but it’s driving me crazy!! Doesn’t remember answers to “allow/dis-allow” pop ups and more importantly it randomly blocks ALL traffic. Until I figured what was happening (after calling the cable company to **** about their service!) I was having to boot in Linux to get an internet connection.
All I can tell you is I’m running XP sp2, the total lock outs seem random and when they happen I have to completely close Comodo and rely on the Windows firewall.

Sorry you’re having such difficulties, prowler8…

A few questions:

Under Security/Advanced/Miscellaneous, where is the Alert Frequency set?

Prior to installing CFP, did you have any other 3rd-party firewall installed?

When you installed CFP, did you have any active security product running (AV, antispyware, HIPS, etc)?

LM

Thanks for the quick response.

  1. Alert frequency is set to “Medium”
  2. Yes, I was running Sygate but this was un-installed prior to installing Comodo. (I don’t think this can be related to Sygate as it has only started happening the last few days - been trying Comodo for about two weeks now)
  3. Yes, I had/have AVG free running

Hope this helps. Thing is, I get no alerts for apps trying to connect when this happens - even Windows seems to think there is no network connection availavle - until I turn off Comodo - then all is good again!

When apps connect without alerts it either means an App Mon rule allowed it or it’s a certified app by Comodo. This option can be disabled by going to Security > Advanced > Miscellaneous > Configure > 2nd option (if memory serves me right).

  1. At “Medium” you will get Protocol and Direction-specific alerts (ie, TCP, UDP, In, Out) for each application. These will be apps listed in the Application Monitor, and may seem that CFP is not remembering what you’ve told it before; these alerts will only come where the connection info is different from the existing rule’s allowance.

  2. May not be related to Sygate then. However, it would probably be a good idea to make sure there aren’t any remaining registry keys. Might run a registry cleaner or do a manual search for Sygate entries just to make sure. Something could be left, and only conflict because of some recent system change…

  3. If you had an active AV running (ie, with “on-access” or “real-time” protection) while you installed the firewall, it may have caused some conflict with the install process. It is recommended to turn off or disable such security features while installing the FW, to prevent conflict. In my experience, this has shown itself thru strange behaviors by the FW. The solution would be to uninstall the FW, reboot; run a registry cleaner, reboot. Turn off active AV, install FW.

You say you have no alerts when CFP blocks your connection? And you have to reboot to cure it? Do you have any entries in Activity Logs during this time (specifically an entry showing svchost.exe being blocked)? Do you have an entry in the Application Monitor showing svchost.exe being blocked?

LM

  1. Ok, i’ll bear that in mind
    2)Just cleared a few Sygate references from the registry but to no effect
    3)I’ll try that if all else fails
    4)Activity log shows multiple rejexted in/out connections but no apps are listed - at all! If I start Comodo with say Firefox and Outlook running it doesb’t show them as running or connecting!

Are you referring to starting CFP manually after logging into Windows? Please explain more…

Tnx,

LM

Sorry, starting manually (I have it turned off right now because even after re-boots it’s not letting anything through now). I just manually ran it to check the logs to answer the previous question

Do you have it disabled from auto-start with Windows, and then running it?

or

Exit the firewall once you’re in Windows, and then run it as needed?

And, at what point did you start doing that?

LM

It’s set to auto start with Windows but I have to manually turn it off after a boot to get anykind of connection. Pretty much started to do that today. I said it was randomly happening but today it’s solidly refusing any connections.
Hmmmm, I did just set up a new Xerox scanner (usb) today - could that possibly have this effect on a firewall??

Thanks; I wanted to make sure you weren’t keeping it from auto-starting w/Windows, as that can cause some severe problems with the firewall.

With CFP running (and blocking you), will you do the following:

Go to Activity/ Logs. Right-click an entry and select “export to html.” Save the file, and reopen it. Copy/paste the current info as text into your post. You can edit your personal IP address for privacy; just leave enough to show a match where necessary.

Tnx,

LM

As to the USB scanner, well, you never know… I guess anything’s possible… ;D

As requested ( a small sample as the forum doesn’t seem able to handle the full log) - my i.p addy is in the 82.44. range and has been replaced with ... in the log:

COMODO Firewall Pro Logs
Date Created: 20:22:25 05-03-2007
Log Scope:: Today Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 72.139.164.161, Port = 40000)Protocol: UDP IncomingSource: 72.139.164.161:7001 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 90.2.52.19, Port = 40000)Protocol: UDP IncomingSource: 90.2.52.19:27261 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 89.78.91.85, Port = 40000)Protocol: UDP IncomingSource: 89.78.91.85:19045 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 82.160.30.69, Port = 40000)Protocol: UDP IncomingSource: 82.160.30.69:31810 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.0.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1272 Destination: 62.30.0.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 194.117.134.19, Port = dns(53))Protocol: UDP OutgoingSource: ...:1272 Destination: 194.117.134.19:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.112.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1272 Destination: 62.30.112.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:21Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 75.17.62.220, Port = 40000)Protocol: UDP IncomingSource: 75.17.62.220:14674 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 84.67.57.164, Port = 40000)Protocol: UDP IncomingSource: 84.67.57.164:60543 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:16Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.0.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1272 Destination: 62.30.0.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.92.107.98, Port = 40000)Protocol: UDP IncomingSource: 83.92.107.98:62678 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.85.57.147, Port = 40000)Protocol: UDP IncomingSource: 83.85.57.147:16190 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.52.168.240, Port = 40000)Protocol: UDP IncomingSource: 70.52.168.240:61607 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:16Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 194.117.134.19, Port = dns(53))Protocol: UDP OutgoingSource: ...:1272 Destination: 194.117.134.19:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 219.78.141.238, Port = 40000)Protocol: UDP IncomingSource: 219.78.141.238:18802 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:15Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.112.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1272 Destination: 62.30.112.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.109.45.18, Port = 40000)Protocol: UDP IncomingSource: 80.109.45.18:48030 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 76.197.245.218, Port = 40000)Protocol: UDP IncomingSource: 76.197.245.218:49152 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 85.87.230.186, Port = 40000)Protocol: UDP IncomingSource: 85.87.230.186:55345 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 88.74.34.96, Port = 40000)Protocol: UDP IncomingSource: 88.74.34.96:17443 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 202.156.210.53, Port = 40000)Protocol: UDP IncomingSource: 202.156.210.53:65530 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 90.34.172.124, Port = 40000)Protocol: UDP IncomingSource: 90.34.172.124:49152 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 66.159.224.70, Port = 40000)Protocol: UDP IncomingSource: 66.159.224.70:22944 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 82.44.223.255, Port = nbdgram(138))Protocol: UDP OutgoingSource: ...:nbdgram(138) Destination: 82.44.223.255:nbdgram(138) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 81.202.6.250, Port = 40000)Protocol: UDP IncomingSource: 81.202.6.250:42878 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 68.145.168.100, Port = 40000)Protocol: UDP IncomingSource: 68.145.168.100:64489 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 84.171.116.213, Port = 40000)Protocol: UDP IncomingSource: 84.171.116.213:52525 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.193.145.37, Port = 40000)Protocol: UDP IncomingSource: 80.193.145.37:19854 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 84.49.88.43, Port = 40000)Protocol: UDP IncomingSource: 84.49.88.43:60695 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.61.148.234, Port = 40000)Protocol: UDP IncomingSource: 80.61.148.234:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.132.20.149, Port = 40000)Protocol: UDP IncomingSource: 70.132.20.149:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 90.15.132.185, Port = 40000)Protocol: UDP IncomingSource: 90.15.132.185:54972 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 68.198.144.228, Port = 40000)Protocol: UDP IncomingSource: 68.198.144.228:62151 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 60.12.166.202, Port = 1026)Protocol: UDP IncomingSource: 60.12.166.202:46799 Destination: ...:1026 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 69.142.27.129, Port = 40379)Protocol: UDP IncomingSource: 69.142.27.129:4497 Destination: ...:40379 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.109.45.18, Port = 40000)Protocol: UDP IncomingSource: 80.109.45.18:48030 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 24.88.25.189, Port = 40000)Protocol: UDP IncomingSource: 24.88.25.189:17742 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 20:22:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.139.75.126, Port = 40000)Protocol: UDP IncomingSource: 83.139.75.126:47969 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 89.129.144.45, Port = 40000)Protocol: UDP IncomingSource: 89.129.144.45:51228 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 218.212.185.45, Port = 40000)Protocol: UDP IncomingSource: 218.212.185.45:57832 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.193.199.92, Port = 40000)Protocol: UDP IncomingSource: 80.193.199.92:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.35.213.185, Port = 40000)Protocol: UDP IncomingSource: 83.35.213.185:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:16Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 81.151.196.234, Port = 40000)Protocol: UDP IncomingSource: 81.151.196.234:24013 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:11Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.121.86.239, Port = 40000)Protocol: UDP IncomingSource: 80.121.86.239:480 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:11Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.139.109.21, Port = 40000)Protocol: UDP IncomingSource: 83.139.109.21:56789 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 194.247.230.154, Port = 40000)Protocol: UDP IncomingSource: 194.247.230.154:64487 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 24.89.249.203, Port = 40000)Protocol: UDP IncomingSource: 24.89.249.203:30216 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:05Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 212.205.247.142, Port = 40000)Protocol: UDP IncomingSource: 212.205.247.142:17593 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 141.156.136.87, Port = 40000)Protocol: UDP IncomingSource: 141.156.136.87:50539 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 67.84.236.163, Port = 40000)Protocol: UDP IncomingSource: 67.84.236.163:49156 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:48:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 202.97.238.204, Port = 1026)Protocol: UDP IncomingSource: 202.97.238.204:51701 Destination: ...:1026 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 81.190.25.134, Port = 40000)Protocol: UDP IncomingSource: 81.190.25.134:50387 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.193.199.92, Port = 40000)Protocol: UDP IncomingSource: 80.193.199.92:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 62.194.196.45, Port = 40000)Protocol: UDP IncomingSource: 62.194.196.45:38444 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 76.175.166.74, Port = 40000)Protocol: UDP IncomingSource: 76.175.166.74:20550 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.109.16.217, Port = 40000)Protocol: UDP IncomingSource: 80.109.16.217:10846 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:55Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 172.174.146.173, Port = 40000)Protocol: UDP IncomingSource: 172.174.146.173:40355 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.57.74.214, Port = 40000)Protocol: UDP IncomingSource: 70.57.74.214:30265 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 86.58.31.33, Port = 40000)Protocol: UDP IncomingSource: 86.58.31.33:50000 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.23.177.169, Port = 40000)Protocol: UDP IncomingSource: 83.23.177.169:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 24.25.252.62, Port = 40000)Protocol: UDP IncomingSource: 24.25.252.62:25559 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 66.189.233.95, Port = 40000)Protocol: UDP IncomingSource: 66.189.233.95:15975 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.240.235.190, Port = 40000)Protocol: UDP IncomingSource: 70.240.235.190:13650 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:50Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.35.213.185, Port = 40000)Protocol: UDP IncomingSource: 83.35.213.185:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:45Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 80.193.199.92, Port = 40000)Protocol: UDP IncomingSource: 80.193.199.92:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:45Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 82.247.93.92, Port = 40000)Protocol: UDP IncomingSource: 82.247.93.92:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:45Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 84.122.134.132, Port = 40000)Protocol: UDP IncomingSource: 84.122.134.132:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:45Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:40Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:35Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 141.156.136.87, Port = 40000)Protocol: UDP IncomingSource: 141.156.136.87:50539 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:35Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:30Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:30Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 89.129.144.45, Port = 40000)Protocol: UDP IncomingSource: 89.129.144.45:51228 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 87.78.253.143, Port = 40000)Protocol: UDP IncomingSource: 87.78.253.143:64320 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 89.129.144.45, Port = 40000)Protocol: UDP IncomingSource: 89.129.144.45:51228 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 60.11.125.52, Port = 1027)Protocol: UDP IncomingSource: 60.11.125.52:41177 Destination: ...:1027 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 60.11.125.52, Port = 1026)Protocol: UDP IncomingSource: 60.11.125.52:41177 Destination: ...:1026 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 83.35.213.185, Port = 40000)Protocol: UDP IncomingSource: 83.35.213.185:6881 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 213.114.174.149, Port = 40000)Protocol: UDP IncomingSource: 213.114.174.149:11819 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:20Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 82.44.223.255, Port = nbname(137))Protocol: UDP OutgoingSource: ...:nbname(137) Destination: 82.44.223.255:nbname(137) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:20Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 151.50.236.175, Port = 40000)Protocol: UDP IncomingSource: 151.50.236.175:12023 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:20Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 67.183.202.212, Port = 40000)Protocol: UDP IncomingSource: 67.183.202.212:18680 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:20Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.240.235.190, Port = 40000)Protocol: UDP IncomingSource: 70.240.235.190:13650 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:20Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 192.168.100.1, Port = http(80))Protocol: TCP OutgoingSource: ...:1079 Destination: 192.168.100.1:http(80) TCP Flags: SYN Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 66.189.233.95, Port = 40000)Protocol: UDP IncomingSource: 66.189.233.95:15975 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 88.134.97.242, Port = 40000)Protocol: UDP IncomingSource: 88.134.97.242:62739 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.0.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1078 Destination: 62.30.0.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 194.117.134.19, Port = dns(53))Protocol: UDP OutgoingSource: ...:1078 Destination: 194.117.134.19:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.112.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1078 Destination: 62.30.112.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 10.95.64.1, Port = dhcp(68))Protocol: UDP IncomingSource: 10.95.64.1:bootp(67) Destination: 255.255.255.255:dhcp(68) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 74.56.212.183, Port = 40000)Protocol: UDP IncomingSource: 74.56.212.183:15646 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 141.156.136.87, Port = 40000)Protocol: UDP IncomingSource: 141.156.136.87:50539 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 82.44.223.255, Port = nbdgram(138))Protocol: UDP OutgoingSource: ...:nbdgram(138) Destination: 82.44.223.255:nbdgram(138) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 68.209.190.124, Port = 40000)Protocol: UDP IncomingSource: 68.209.190.124:7237 Destination: ...:40000 Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 194.117.134.19, Port = dns(53))Protocol: UDP OutgoingSource: ...:1078 Destination: 194.117.134.19:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.112.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1078 Destination: 62.30.112.39:dns(53) Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 192.168.100.1, Port = http(80))Protocol: TCP OutgoingSource: ...:1079 Destination: 192.168.100.1:http(80) TCP Flags: SYN Reason: Network Control Rule ID = 4Date/Time :2007-03-05 19:47:10Severity :MediumReporter :Network MonitorDescription: Outbound Policy Violation (Access Denied, IP = 62.30.0.39, Port = dns(53))Protocol: UDP OutgoingSource: ...:1078 Destination: 62.30.0.39:dns(53) Reason: Network Control Rule ID = 4

Will you open your Network Monitor to full-screen, and capture a screenshot. Save the 'shot as an image file (jpg, gif, or png) and attach to your post under Additional Options. If your personal IP shows up there, you can edit/mask that out for privacy.

Reason is, your logs show that pretty much everything is being blocked by Rule ID 4, but it should be Rule ID 5, as this is the “block & log all” rule at the bottom of the monitor’s list. So something is changed with your Network rules, and that may be a part of the problem.

LM

PS: Rather than save the HTML file as text, a copy/paste of the file (when opened in the browser) should generate something that looks like this layout:

Date/Time :2007-03-05 11:09:38
Severity :Medium
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:10.0.0.2: :dns(53))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\Program Files\Mozilla Firefox\firefox.exe
Protocol: UDP Out
Destination: 10.0.0.2::dns(53)

Date/Time :2007-03-05 11:09:36
Severity :High
Reporter :Application Monitor
Description: Suspicious Behaviour (firefox.exe)
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\Program Files\Mozilla Firefox\firefox.exe
Protocol: UDP Out
Destination: 10.0.0.2::dns(53)
Details: C:\Program Files\Mozilla Firefox\firefox.exe is an invisible application

Date/Time :2007-03-05 11:08:50
Severity :Medium
Reporter :Application Monitor
Description: Application Access Denied (firefox.exe:85.91.228.149: :http(80))
Application: C:\Program Files\Mozilla Firefox\firefox.exe
Parent: C:\WINDOWS\explorer.exe
Protocol: TCP Out
Destination: 85.91.228.149::http(80)

Much easier to read… ;D

Sorry about that! :-\ IThe forum wouldn’t seemto let me post from Firefox so I pasted it into Notepad and pasted from there.
Anyways, I’ve resolved this! Uninstalled Comodo and re-installed with AVG turned off and it’s working a treat so far - no more unwanted blocking!
Thanks for your help

Great, I’m glad it’s working for you now! (:CLP)

The topic is marked as resolved and has been closed. If you need to re-address the issue, just PM one of the Moderators with a link to this topic and request it be reopened; we’ll be glad to do so.

LM