Question about recent Defense+ behavior.

I have been using Comodo Firewall and Comodo Defense+ for many months now.
I started with version 5.8, then upgraded to 5.9 and 5.10 as soon as they became
available. I do not use Comodo Anti-Virus.

Just today, I started getting cloud scanner alerts on files that reside on other drives
apart from C:. Those files reside on drives D: and L:, and are simply unused installer
files that are archived there. They also exist on my H: and Q: drives, but Defense+
has not alerted on them thus far.

I recall that when I installed CIS 5.10, I unchecked the option to enable “Cloud Based
Behavior”, so I found it curious that I was receiving these alerts at all. I opened the
control panel for Defense+ and made sure that “Perform cloud based behavior” was
unchecked. It was. However, I did notice that “Automatically scan unrecognized files
in the cloud” was checked. I removed the tick from that option.

I’m wondering why these alerts never occurred in the past, since as far as I can recall,
I’ve never changed any options in Defense+. I’m also curious about why it seems to
be ignoring identical files on the H: and Q: drives?

Can anyone shed some light on this?

Regards.

Thomas

Unfortunately, when you update CIS, I’ve found that a few settings change with the update. One item that constantly reappears is the Weekly Scans. I always have to delete them after an update. Hence, I always go through all of my settings after every update. It’s a PITA, but I find it necessary.

I too have mentioned this quite a lot of times.

And I have also observed another thing. I also untick the option detect new network automatically under firewall settings. CIS upgrade though doesn’t enable i.e tick it again but after upgrade when the system is restarted you get the new network detected window (though under settings the option remains disabled i.e unticked)

If I’m not mistaken, Defense+ should not alert on “sleeping” files. If they were not run, it seems strange to receive an alert at all.

That was my thought as well. The file that was alerted on hasn’t been run for years.
On top of that, it was a false alert on a known-good installer.

Since I de-selected the option to scan unrecognized files in the cloud, I’ve received
no further alerts. Perhaps this occurrence will simply have to remain a mystery.

Regards.

The files get most likely triggered by a running indexing program (either from Windows or other manufacturer) or an anti malware program that’s running a scan.

+1. Sounds indeed as the logical explanation.