HIPS warns that System is trying to modify/create an etl file.

On your post No 4 you show a screenshot of your Defense+ rules.

On the right side it shows Firewall under that if you expand File rating you will find the file list etc.


Yes you were right (see attachment).
Safe mode, Trusted Vendors, Cloud.

How does this affect the thing of creating rules automatically and the setting “create rules for safe applications”?
I am considering reinstalling Comodo and I would like to avoid problems the next time.

Oh, I had forgotten the screenshot. Here we go.

[attachment deleted by admin]

If you want the highest protection just import the default proactive configuration located in the comodo internet security program files directory then activate it once its been successfully imported. Go to advanced tasks, open advanced settings, then configurations, import and select proactive configuration, ok out all windows and you should be all set.

That looks fine I presume you have a full list in Trusted Vendors list as you have cloud enabled.

I see little point in uninstall/reinstall as you are not having major problems, only missing rules which can be easily fixed by importing a new configuration.

Export your current configuration before importing any.

You can always check with diagnostics to make sure there is nothing wrong.


Diagnostics did not find any error.
Now, I have two more questions.

  1. does it make any sense that before importing the default configuration I activate again the “create rules for safe applications”?
    We understood that there may be a bug, so if I activate that option after importing the default configuration it may delete it again.
    The reason why I would like to have that option active, even if I will import the erroneously deleted default configuration, is that I am supposing that that option can be helpful, and that as far as the default configuration is also active, it can be better to have that option active. I am not sure though.

  2. why should I export my current configuration? As far as I know I cannot merge two configurations, right? Once I import the default one, if I try to import the exported one it will cancel again the default one. Or do you mean “just in case, if you do not like the default”?


  1. When import the default configuration and activated all setting are reset back to default, does not matter what you do with the current configuration it will not affect the new one.

Please note all settings are return to default so you need to change any settings you do not want at default.

For both 1) and 2) When you import a new or old configuration you can always choose a different name.

  1. It really is best practice to export your configuration from time to time in case it becomes corrupt.

For myself I usually do this every 3/6 months or if I make any major changes.


Edit Yes, just in case you do not like the default one

Ok, I did it.
But now I have a doubt.
I have noticed that there are three configurations, Internet Security, Proactive, and Firewall.
At first I thought "ok, the messed up rules are just for HIPS, so I only need to import the default of the Proactive.
And so I did.
I gave it another name, so I would not lose the “messed up” one (although I had exported it as suggested.
And when it was ready I was asked if I wanted to save the changes in the active Configuration before switching.
So I have noticed that actually only one of the three configurations was saying “active”: the Internet Security one.
And I wonder, why is only one of the three active? Are they not three parts of one same big thing? Antivirus, Firewall, and Defense +?
Or what are these three Configuration there for, and which one should I import and use now? Internet Security?
I did that, as I then have thought "hmmm, if the active one now is “internet security, then I should import that one”.
But there is no “Advanced Mode” or Advanced View anymore, not even in the menu on the taskbar icon. Just not there. And I had it.
While, if I import the Proactive Configuration, the option for the Advanced view is there again.

I am getting confused.
Can you tell me which one I should import?


Please let me know if I missed any questions.

There are three different configurations all at different levels of protections the active one is the only one being used and the one you need to import.

The Internet one is the lowest few alerts and less likely to cause any problems with applications, Proactive highest more alerts are likely, Firewall is more for ones who install the firewall only.

The default setting for Hips is now disabled even though it is still active in certain circumstances.

It always asks to save the configuration, in the past it did nothing unless you clicked yes now it does not matter it still carries out the task you are doing whether you click yes or no.

Not sure why you are losing Advanced view only used the Proactive config. so not sure if this is default in Internet.

The online help explains the different configurations better sorry do not have the link at the moment.


Oh well, I did not think about the online help for that. Yeah, I read that now. Hmmm, I think I will use the proactive but I will also post the lack of advanced mode as bug.
Ant the disappearing of the default rules too.

Ok, I think we are quite clear now, thanks a lot for the help to you all.

Oh, I have noticed that both default profiles, IS and Proactive, once imported, do not offer the option for the advanced view. Nowhere. Neither on the menu found by right clicking the taskbar icon, nor on the screen which opens when double clicking on the taskbar icon (you know, there normally is a little thing up left on that screen to switch between advanced or compact).

So I have finally deinstalled and reinstalled CIS.
On both Configurations there is the advanced option.

Well, let’s post it as a bug.