Lots of direct Disk access & Other Alerts with new version

I have just upgraded the firewall from 3.0 to 3.5. All works well but I now get lots off applications making direct disk access that never did before. This includes firefox and internet explorer. I have blocked firefox and internet explorer and get lots of defence+ log entries about disk access. It does not appear to be stopping anything from working. Is this real direct disk access or not?

Did a clean install on Vista SP1 and manually typed in my special settings.

im not sure if this is related, but my av scanning is really slow.
it takes 8-15 secs to scan a single mp3 file, where as avast would have scan like over 100s by then.

looking @ the task manager though, i notice that the number of page faults caused by the comodo processors is rising crazily. 14 milllion after scanning for 10mins, whereas other processes hardly hit 100k

meanwhile my rig will slow to a crawl, and become at certain times unresponsive.
my page file is located on a separate partition from my windows partition, although both on the same drive.

3.0ghz atlhon x2, 2gb ram here. windows vista business sp1. gaming rig.

Forgot to mention I am not using the anti-virus or safe surf. Still using Nod32.

I put this post in the feedback section in the hope that one of the developers who understands these things would read it. Will they see it here?

OK. Here are some images of what I am talking about. I must say they’re a small sample of what I have to answer everytime!

When I start my batch file, which I already removed a lot of other entries, otherwise I would become insane.





When I want to save files with Opera (pages), 'cos if I wish, for example, to save a zip file, I will have answer something related to a zip file in system32 folder (don’t remember the name).





By the way, when I tried to upload the images, I also was asked what do! Happens everytime, no matter if I allow or block. Crazy Defense+…

I know that Defense+ is just doing it’s job, but in Safe Mode is acting like in Paranoid Mode and doesn’t even remember if I allow or block.

Hi DarkButterfly,

The images shows that those applications are actually modifying executable files. Thats not really normal. Can you show me the batch file you used?

These file popups, normally happens whn you install something or copy some files, update some files. they should not have appeared all the time.


The same question. A lot of apps request direct disk access but I dont understand why they need it. For me it is very suspicious action that is rarely needed (in partition table editors for example).
From what I remember, this alert also appears when accessing “open file” dialog.

i got many alerts for DDA when i first installed 3.5 too

Can you guys post Screen shots?

It might to be similar to DarkButterfly’s issue (Reply #142) here.

I will appoint egemen to this thread. Also names of the applications showing DDA Alerts is worth noting.


Basically everyday apps from SAS to Winmail

:slight_smile: This little piece of code generates 3 alerts (does nothing, just shows open dialog)




[attachment deleted by admin]

Any news yet?

I guess I can post here too.

Using CIS Proactive Security, Everytime a download is downloaded in Firefox, This Alert appears (See Screen Shot). It happens for every download… Just wondering if it’s part of the weird Alerts. As DarkButterFly had a similar issue, and Egemen said it was not normal in How would you rate Comodo Internet Security? and what to improve? (Reply #143). Nevermind I just split and merged Egemens and Darkbutterflys posts here.

EDIT (again): Settings Firefox as a Trusted Application resolves having all the alerts for downloads.

XP SP3 32bit, Only CIS.


[attachment deleted by admin]

It is normal, because *.exe is in protected files by default. I just added download folders in Allowed list for apps that need them.

More false alarms ???

When app tries to output sound, it is “about to access the Service Control Manager”. If blocked, sound dont work.
When some key is pressed for some seconds, app that received this key is “about to access the keyboard directly”. If blocked, looks like nothing breaks.

This is still a bug in 3.8.65951.477.

I test program I have written using windows API (no direct disk access) to read and write to disk logs in defence+:

Direct disk access, suppressed.
Direct disk access, suppressed.
Direct disk access.

However the reads and write both succeed.