Defence + new alert everytime I just click into something

Hello, I just updated to the new version of firewall and I have the following problem. Everytime I just click I get stated that Defence + blocked an intrusion. The files that are shown to have the intrusion in the access violation are “c:\windows\system32\taskeng.exe” and “c:\windows\system32\dwm.exe”.
What is happening? Please help

Exactly the same with me. I’m fairly sure it’s only been happening since I installed the updates yesterday, and I think it’s probably safe to OK it, but not knowing much about this stuff I’d just like confirmation before I do ;D

Also, assuming it is safe, how do I OK it?

Can anyone help on this? I’d really like to know

This is a build in CIS protection, if you had boclean installed you would notice it doing the same thing.
Those processes are trying to access CIS in memory and CIS won’t let them to protect it’s self.

There is no need to worry, just the intention of the logging is a bit high, i have the same in the logging.

Sorry but I don’t get what you mean. Is this a bug and we will have to wait or something permanent and there is nothing we can do? And if it’s not a bug why did it appear on this update and not before?

Are you saying you are getting real alerts for this ? i though you where referring to the entries in the D+ logging…

My dwm.exe and taskeng.exe are both set to “custom” with ask for executable, protect registry, protect files all others are allowed.

What is you Security profile, and what settings do you use for D+ ?

I get them as ‘Suspicious attempts blocked’ - there’s a whole bunch of them in the list that climbs higher every few minutes, always the same 2 processes though. If it’s a safe process, how do I allow it?

My security settings are set to ‘Clean PC Mode’.

Also (probably unrelated) - there is a file called drm_dyndata_7380007.dll from Sony DADC Austria AG in the ‘Waiting for review’ box - the funny thing is I allowed this earlier and it’s come back again. Do I just allow it again?

This can’t be continued. We will all get 1 million entries in the D+ logging per day.

I have the same settings for these files as you Ronny.

Can’t it be avoided?

I this case they should be “cached” during the session lifetime of the process at least.
Problem is that if you would filter them out, and they get infected you won’t notice it…

i guess dev’s need to review this, can you please post a screenshot showing this behavior so dev’s will have a better idea, then i can move it to the bug section.

I had to roll back to the previous version because of that so I can’t post a screenshot. Maybe jahsoldier can help.

Please do something. It’s a really silly but very annoying bug

As much as i would like to fix it, I’m not a comodo employee just a forum volunteer, spending some spare time here trying to help others…

Sure Ronny. And your help is greatly appreciated

I had something similar to this before, and all I did was to un- and re-install Comodo and everything was fine, probably cos it ‘learnt’ all my active processes again. Not sure if this is the way to go about things though - I really am a daft bollock when it comes to things computational.

Anyway, here’s a couple of screenies. hope this helps.

[attachment deleted by admin]

Any update on this?

EDIT - never mind, found a solution in the Bugs board

Here is a link to the fix so g_sakil and anyone else can find it easy.

Good work John B
https://forums.comodo.com/defense_bugs/2_d_bugs-t34865.0.html;msg250543#msg250543

Later

Thanks for the link Bad Frogger

You don’t happen to be infected with Virut: miekiemoes' Blog: Virut and other File infectors - Throwing in the Towel? ?