Defense+ not working

I have installed CIS 4.1.15
Some days ago i notised that when i downloaded new application from internet and run it, defense and sandbox not asking me anything. I don’t remember from what moment it happened, but now it’s not working.
I try reboot, change defense settings from paranoid mode to other and again to paranoid, disable and enable sandbox and defense but nothing work. I don’t recieve any pop-up from defense or sandbox when i try to run any new application or something else. All settings in defense set to maximum protection…
Please help, what happened?
P.S. Sorry for my English.
P.P.S. Firewall working well.

First question. In what mode are you running CIS? Look under More -->Manage My Configurations.

Please run Diagnostics (More → Run Diagnostics) and see what it reports.

What OS are you on?

1 - Optimum Security (config saved from old version 3)
2 - Diagnostics didn’t find any problem
3 - Windows XP SP3
P.S. Few days ago all works fine, I don’t change anything and don’t understand what’s happening…

I see that noone can help me… :frowning:
Some update: I disabled defence permanently in settings, then reboot, enable and reboot again. After that i recieve two messages(allow\deny) from defence and i was happy but not a long time… After this two messages i didn’t recieved anymore, no matter what i do.
What happening? Maybe bug or security hole?

i would suggest to erase the old setting from version 3. and make a new one.

maybe there is a problem with that old one, as version 4 has some added features that your old config isnt “knowing” about.

Maybe, but i changed version from 3 to 4 three month ago and 2 month all worked fine.
And 5 version coming soon… Again new config??? it’s very difficult.

I’m having the exact same problem.

For example, if I click an email link in my browser, it opens up my email program regardless of me specifying for it to ask if it’s allowed to execute a program. If I move the radio button to “Block,” it successfully blocks the opening of the email program. Ask, however, doesn’t seem to work.

LITbe. I see you are running an old v3 profile. Try activating a v4 profile and see what happens. Does the same thing happen?

I’m using a fresh 4.x configuration. Though I did upgrade from 3. Very strange issue. Is it not present for others? Will it indeed ask if you specify a rule for a program to ask upon trying to launch another application?

With the default settings safe programs are allowed to start other safe programs.

How would I go about disabling that functionality? I’ve unchecked “Trust the applications digitally signed by Trusted Software Vendors.”

You would need to notch up D+ to Paranoid. And don’t forget to edit the Explorer rule to remove all the programs that are allowed to be started by it.

Hmm, thanks for the help, but it still seems to be a no-go. Have it on paranoid, and have even removed MS programs from the safe list, but it still seems that my browser can launch the email program (Windows Mail) without asking.

Make sure you empty the list of executables the browser is allowed to start in Computer Security Policy.

Seems empty by default, but I checked to make sure, and don’t see anything.

The “All Applications” rule is on ask for everything with nothing listed in the allowed applications for run an executable, but when I noticed that it wasn’t following that behavior, I made a specific rule for my browser. Like I said, it works fine when I have it on block, but selecting “Ask,” it never seems to ask me. Very strange.

Okay, it looks like it’s finally working. I have no idea what the problem was, but it just started working all of a sudden. It was like all of D+ was off…and then today when I turned on my computer, it worked. Very, very odd.

Drag and drop the rule for your browser to a place above the All Applications rule.

All rules that are under the All Applications Rule use the rule set by the All Applications Rule (they are subordinate). That is regardless of the rule you would give an application.

Yeah, it was like that before. Nevertheless, the “Ask” functionality for the all applications rule is now working as it should. Very odd. Hopefully there isn’t a repeat of this issue with version 5.

Comodo 5 released, so i better install fresh new comodo(I don’t have time for experiments with my problem) and hope that will be no problem anymore or downgrade to version 3 that work fine. It’s very bad that configs from old versions has bad support in new versions