Problems with only one local profile?

Comodo Internet Security - CIS Resolved/Outdated Issues - CIS
#1

I’m using Comodo version 3.8.65951.477 on a Dell D620 laptop and XP SP2. There are 3 profiles on this laptop: work (for domain access), a local one for home use and the generic Windows Administrator account. All have local admin privileges. CIS has been installed for at least 4 months now, with just the firewall and Defense+ running.

Today, while working from home (using the local “home use” profile) the internet stopped responding just after I logged off the VPN. Suspecting a problem with the Juniper software I did an ipconfig /release then a /renew, but that didn’t fix the problem. So I rebooted and logged back in using the same profile (but never loading the VPN/Juniper software). Still no internet access. Checked the local System and Application event logs, along with the Firewall and Defense+ logs for CIS. No errors or problems noted in any of them. Reset my cable modem and wireless router, but still couldn’t get to the internet.

I rebooted again, but this time I choose the Administrator profile. That worked – I now had internet access. Rebooted, but this time I logged in using the “home” account. No internet access again! Rebooted, logged in using the Administrator account and I could access the internet. Seems like no matter what I do the “home” account won’t access the internet any longer, but another local profile on the same laptop can.

So my question is; can CIS block all the traffic from one profile and not another, but still not log anything saying it’s doing that? There’s nothing configured in Blocked Network Zones either. What’s even worse is that setting the firewall and Defense+ to disabled doesn’t fix the problem, but booting up with the Comodo service turned off does solve it with that “home” profile, so it definitely looks like a CIS issue. Is there any place else I can look to find where the problem might be? ???

#2

I found the solution… Apparently, my company instituted a new GPO for internet access, but they neglected to tell anyone.

When I disconnected the VPN yesterday I could no longer access the internet from my cable modem, which has happened from time to time in the past (the Juniper software doesn’t always like to let go of the network connection once I log out of the VPN). Resetting with ipconfig /release and then /renew clears that up. Well, except for yesterday. Rebooting didn’t even work, and there’s obviously no way anything from Juniper could have been interfering after that.

I went over my entire computer and then noticed there was a proxy server specified in IE’s configuration. My company has always used authenticating proxies for internet access but the browser was set to Auto-Detect in the past, and everything worked just fine. However, now it seems like they want you to access only one proxy, so they must have created a GPO to make the change.

That certainly explains why ipconfg and a reboot didn’t solve the problem; the configuration was modified in the registry, so no matter what I did it was always looking for that one proxy. Whenever I’m not connected to the VPN that proxy server isn’t available, because it’s behind the companies firewall, so IE couldn’t connect to the internet when I was just using my cable modem. Once I set the LAN Connection back to Auto-Detect everything started to work again.