I set my defense + security to paranoid mode, and it was working good for all exe files. but it could not able to block Mydefrag.exe. Even I added this “Mydefrag.exe” application into defense rules+ and then set the custom policy to block all rathar then ask or allow. even then defense + could not able to block it.
At 1st stage in paranoid mode it warn about Mydefrag.exe application then at that moment I blocked it by remember this setting. after this, I executed it again then it did not show me any warning or alert.
I saw in programs folder this Mydefrag.exe application runs scripts and those scripts having extension *.myd. My main purpose to say is that it should block also this Mydefrag application if I set to paranoid mode or I made custom rule to block it.
Please check this application. If comodo defense not able to block this so, its means any other rootkit or virus also might not be block.
PLease solve this problem if you want i can upload the video.
Can you see if in D+ rules there is a rule called “All Applications” and see if your rule for Mydefrag.exe is somewhere underneath the “All Applications” rule.
If that is the case drag and drop the rule for Medefrag.exe to a place above the “All Applications” rule.
No, My rule is NOT underneath the “All application”. My rules is on the top. One more thing, At first step I set it to block and remember it. PLs check it by yourself. I am using x64 windows 7 and also comodo is x64 bit. PLease check yourself it.
Did you tick block and remember on the alert to create this block rule. When I did it, the rule worked, and was remembered, but did not appear under blocked files — wierd.
I dont think if you tick remember & block any app it will appear under Blocked Files. The blocked app will appear under Computer Security Policy - D+ Rules, the same as when an app is allowed & remember is ticked.
I think Blocked Files category is for manual blocking & files moved from Unrecognized to Blocked Files.
When reading the topic I understood it like My Defrag had gotten Blocked Application Policy in D+.This does not exist in D+ of course hence why I tested using blocked file.
I just tried blocking by not allowing Explorer to start My Defrag and that also works. I disabled sandbox and was using Paranoid Mode. See attached image.
At neil40m. Can you try importing a clean Proactive Configuration? It can be found in the CIS installation folder and import it with a different name like CIS Proactive Security for testing for example.
Then try again. This is to see if a corrupted configuration is causing this or not.
Also I think he may have had cloud lookups enabled. Mydefrag gets checked as safe in the cloud, even in paranoid mode, maybe the lookup just failed first time?
I checked with 5.5 & default setting, only sandbox disabled & cloud behaviour & unrecognized lookup unchecked & system restarted. In my case an entry is there in D+ rules when I tick remember & block. But if I run the mydefrag executable again the same D+ popup is there which I blocked selecting remember.
Thank so much for bottom of my heart bcoz all of you trying to help. I am gonna check it again deeply and accurately. if the problem persist then i am gonna attach video. Anyway I like comodo bcoz they are doing alot for us by giving this firewall for free so, thats why i want to help comodo to be perfect.