D+ no files for review and blocked System32 attempts

I have two anomalies regarding my Defense+ for CIS:

  1. The Proactive Defense constantly (every few seconds) blocks a suspicious attempt from C:\Windows\System32dwm.exe and C:\Windows\System32\taskeng.exe and lists it as an Access Memory action targeted at CIS. Refer to the attached Screenshot 1.

Apparently this has been going on since I installed CIS in February. Refer Screenshot 2.

  1. As I type, Proactive Defense says I have 9617 files for review, but when I view the list of files, it turns up blank. Refer Screenshot 3.

Some info about my computer that may help:

Windows Vista Basic Service Pack 1
Avast! Antivirus 4.8
Spyware Terminator 2.3
CIS Version 3.8.65951.477

Any idea as to what’s going on?

[attachment deleted by admin]

First of all Proactive Defense does not produce pending files.

As to the other things. Can you tell me what your settings are for Image Execution Control (Defense + → Advanced ) and for Defense + Settings (Defense + → Advanced → )?

My Image Execution Control is set to Normal, and Defense + Settings is set to Clean PC mode.

Hi Riger, i notice your still on version 3.8.xx

There has been a substantial update to 3.9.xx which it would be wise to update to. You can use the built in updater or do a fresh install(IMO the better option)

Maybe uninstall using REVO uninstaller http://www.revouninstaller.com/ use the Advanced mode and don`t re-boot when asked then carefully go through the list and only tick the Bolded registry items and Comodo files. Then re-boot, download current CIS https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/comodo_internet_security_3995478509_released-t39202.0.html;msg284178#msg284178 and install.

Matt

REVO uninstaller? cant I just use the uninstall application within CIS or uninstall through Windows Programs and Features? why are those System32 actions blocked by CIS anyway?

To start the uninstaller copy/paste “c:\Program Files\Comodo\COMODO Internet Security\cfpconfg.exe” -u to the command prompt. (adapt the path when needed).

To open the command prompt go to Start → Run → cmd → push enter → you now get black Dos box type of environment → now paste the line and push enter. Now you can uninstall.

The system 32 reports you see are mostly the result of self protection of CIS. Nothing to worry about for now.

so basically, nothing is wrong with my CIS then?

Your CIS is perfectly fine.

alright, thanks for your time… :slight_smile: