Tonight I was running a benchmark test for a game and as soon as it was closed I started getting popups for all of my running apps. When I brought up CIS I noticed that both network defense and proactive defense had reset themselves back to safe mode and when I checked the network security policies everything had disappeared from it except for System and Windows updater applications. Is this something I should be worried about? I ran malwarebytes directly afterwards and it didn’t find anything. I also rebooted just in case the configuration file managed to get temporarily “lost”. I’m running the current version and the updater said there were no updates. I’m also running Windows 7 RC.
That’s odd. I have only seen this reported here after a crash of somebody’s computer. The crash had apparently messed with the registry.
Since CIS stores the rules in the registry going back to a previous restore point could fix it. I would also like to advice after you restored your NSP to export your configuration to a folder that is not part of the CIS installation folder.
When using Vista of Win7 start system restore from the repair option of the installation DVD is much more successful then when starting from System Restore from Windows.
To export your active configuration go to Miscellaneous → Manage my configurations → select your active config → export → now follow the steps from there. Save it with an appropriate name.
After you saved the configuration would you be willing to run that benchmark again to see if the same thing happens again?
Thank’s for the reply. I was worried that it could have been a virus attack although I can’t see setting comodo back to safe mode would help it much. I’ll do a restore point and run it again for you and see if it happens again and let you know.
Well, after about 3 hours, several restore points and about 10 BSoD’s (apparently mostly caused by symantec antivirus although there were plenty of other errors listed) I had to undo all of the restore points. I did however try running the benchmark again without any problems.
Just a thought here,
Is it possible that you may have changed the “Configuration Profile” if you switch from let’s say “Internet Security” to “Proactive Security” you’ll also are starting with a “blank” policy.
No, I’ve had it set up exactly the way I want it for a long time and haven’t changed any policies since the day I installed it.
Okay i was just wondering…
Only thing i heard of and had trouble with my self is if you shutdown your system and CIS is still writing it’s policy to the registry in some cases it’s possible to lose the configuration because the shutdown was initiated before the write was completed…
Where did you get this benchmark tool ?
Is it possible to run it again and see if the same happens again (make sure you have a backup of your policy (export feature)) before testing of course.
There definitely wasn’t any shutdown involved.
The benchmark was part of the game, it was Resident Evil 5.
I’ve run it twice since then and didn’t have a repeat of the problem.
It’s not that big of a deal to me, I was just making sure it wasn’t a virus. It wouldn’t be the first time I bought software that “accidentally” had malicious software included. I’ve run multiple antivirus software on my computer since though and it seems to be clean.
If there’s anything you guys on the developers end need to know or want me to try to help you out in case you want to investigate this as a possible bug I’d be happy to help. If not, you can close this out. I’m pretty satisfied that this wasn’t viral and was more than likely just a one time fluke. I appreciate the time you’ve spent on it so far for me. Thank’s very much.
Okay thanks for the update.
I guess we’ll let it rest until it shows up again.