Defense+ failed to block mydefrag.exe even after set to block


I set my defense + security to paranoid mode, and it was working good for all exe files. but it could not able to block Mydefrag.exe. Even I added this “Mydefrag.exe” application into defense rules+ and then set the custom policy to block all rathar then ask or allow. even then defense + could not able to block it.

At 1st stage in paranoid mode it warn about Mydefrag.exe application then at that moment I blocked it by remember this setting. after this, I executed it again then it did not show me any warning or alert.

I saw in programs folder this Mydefrag.exe application runs scripts and those scripts having extension *.myd. My main purpose to say is that it should block also this Mydefrag application if I set to paranoid mode or I made custom rule to block it.

Please check this application. If comodo defense not able to block this so, its means any other rootkit or virus also might not be block.
PLease solve this problem if you want i can upload the video.

here is the application
i am using mydefrag v4.3.1

Edit by EricJH: made a basic paragraph structure for a better read

Can you see if in D+ rules there is a rule called “All Applications” and see if your rule for Mydefrag.exe is somewhere underneath the “All Applications” rule.

If that is the case drag and drop the rule for Medefrag.exe to a place above the “All Applications” rule.

I just downloaded this application.

If I add it to Defense+ → Computer Security Policy → Blocked Files, the application is unable to run.

[attachment deleted by admin]

Once you have set a block rule on the alert and said ‘remind me’ it will not ask you again, just silently block.

Creating a custom D+ rule with actions set to block prevents just those actions, it does not prevent execution.

Hope this helps


No, My rule is NOT underneath the “All application”. My rules is on the top. One more thing, At first step I set it to block and remember it. PLs check it by yourself. I am using x64 windows 7 and also comodo is x64 bit. PLease check yourself it.

Just to check, you are saying Mydefrag.exe still runs:

  1. and you have checked this
  2. and it does this after selecting block, and ‘remember this’ on a D+ alert, but before creating the tailored D+ rule.

Best wishes


OK cannot replicate under XP sp3 x32, CIS 5.8 RC2, Mydefrag 4.3.1

I checked I had no D+ rules for Mydefrag.exe, and nothing in trusted files. (Latter should be irrelevant in p-mode).

I checked and you should check:

  • do you have both the cloud look-up settings disabled under image execution control
  • do you have automatically detect installers unchecked
  • do you have the sandbox slider set to disabled

I set my system as above and set it to paranoid mode

Then opened Mydefrag.exe and got a D+ alert, set it to block and remember, got OS block dialog

Restarted Mydefrag.exe, and it was blocked got OS block dialog

No rule was created in ‘Blocked Files’ strangely. I didn’t try rebooting.

Hope this helps

Best wishes


Bit worried that no rule was created under blocked files when I ticked block and ‘remember’- any mods or devs know why?

No way of deleting this block rule now apart from re-install?


It is working here with Win 7 SP1 x86 with CIS 5.8 RC2.

At Neil40m: is your situation like is shown in attached image?

[attachment deleted by admin]

Did you tick block and remember on the alert to create this block rule. When I did it, the rule worked, and was remembered, but did not appear under blocked files — wierd.

I dont think if you tick remember & block any app it will appear under Blocked Files. The blocked app will appear under Computer Security Policy - D+ Rules, the same as when an app is allowed & remember is ticked.

I think Blocked Files category is for manual blocking & files moved from Unrecognized to Blocked Files.


Good thought, but it’s not there on my system.

But thanks anyway.


You mean to say the blocked entry is not there or there is no entry at all for the app.


No entry at all. But the block is being remembered so far, though I’ve not rebooted.

Aha I’ve got it, it will have modified the explorer.exe entry.

Yup that’s it. Explorer.exe has Mydefrag on it’s blocked files list. Explorer.exe ~ Customise ~ Run an executable ~ Modify ~ Blocked files

Sorry had forgotten that’s how it is done. So long since I used paranoid.


When reading the topic I understood it like My Defrag had gotten Blocked Application Policy in D+.This does not exist in D+ of course hence why I tested using blocked file.

I just tried blocking by not allowing Explorer to start My Defrag and that also works. I disabled sandbox and was using Paranoid Mode. See attached image.

At neil40m. Can you try importing a clean Proactive Configuration? It can be found in the CIS installation folder and import it with a different name like CIS Proactive Security for testing for example.

Then try again. This is to see if a corrupted configuration is causing this or not.

[attachment deleted by admin]

Good thought

Also I think he may have had cloud lookups enabled. Mydefrag gets checked as safe in the cloud, even in paranoid mode, maybe the lookup just failed first time?


Let’s for now wait for neil to respond and see what his findings are.

I checked with 5.5 & default setting, only sandbox disabled & cloud behaviour & unrecognized lookup unchecked & system restarted. In my case an entry is there in D+ rules when I tick remember & block. But if I run the mydefrag executable again the same D+ popup is there which I blocked selecting remember.


Thank so much for bottom of my heart bcoz all of you trying to help. I am gonna check it again deeply and accurately. if the problem persist then i am gonna attach video. Anyway I like comodo bcoz they are doing alot for us by giving this firewall for free so, thats why i want to help comodo to be perfect.

Thanks and Regards

No problem, glad to be of help