Unable to access secure pages (continued...)

This follows on from my previous thread of the same name (now locked) and I must thank sded for the advice about disabling applications via msconfig before uninstalling and reinstalling CFP3. I was able to get a clean install without the ‘network firewall not functioning properly message’. Absolutely brilliant.
However - the very first problem I posted about is back and I can’t understand why. I fixed it the first time with help from the people here by adding Firefox and IE7 by means of Firewall/Advanced/Network Security Policy. I immediately did that again when I had my clean install of CFP3 and, cautious ■■■■■■ that I am, went to test it on www.nsandi.com. And there it was - the browser is just hanging on the second click you need to access the Direct ISA. So I went back to Network Security Policy and tried recording Firefox as Trusted Application rather than Web Browser but to no effect. Which means that once again I need to ask for help. What do I need to do to allow me to enter not just ordinary websites but the secure areas of Bank sites and suchlike? I’ve disabled Windows firewall and I have Windows Defender, BOClean and SUPERantispyware (currently looking for a new AV). I really want this firewall but the problems I’m getting will soon put me off it, I’m sure. Thanks in advance.

Have you looked at your firewall log-see if the block and log in the web browser policy is picking up anything? I dont use SAS in real time, but if it is acting as a proxy you may need to designate it as a web browser also to make things work properly. avast! and avira seem to be the most popular AVs here, along with NOD32.

Hello again, sded. Do you mean ‘View Firewall Events’? It says ‘There are no items to show’. I’ve added SAS to the list via Network Security Centre but I’m still locked out of secure webpages.

Do you have anything else that could be acting as a proxy-maybe another SAS process (check task manager)? Also check under firewall/common tasks/my port sets to make sure port 443 is included in your http ports. If it were being blocked by your browser, you should get a log entry. Another approach: Find all the entries for SAS, BOClean, your browser in Network Security Policy and Computer Security Policy and delete them. Set both the firewall and D+ to training mode from the tray icon. You should get popups that allow Comodo to make the proper rules for you then. Once you get it to work, you can do a little editing.

Under Firefox,go to “Tools” and then “Options” and then"Security".Now click on “Settings” do you have the top 2 boxes checked,and if so do you get the warning message when trying to access the secure page?
I can get straight through to said page.

An option which you could try is from the main interface choose Defence+/Advanced/Computer Security Policy:Find the entry for Firefox,highlight it and then click “Remove” “Apply” to close window.
Now put Defence+ in “Training Mode” and try to access the page.

Matty

ps also could you try this.When you try to access the page and it hangs,look under Firewall/Common Tasks/View active connections,can you see anything trying to connect using port 443(it will be the last 3 digits)

Hello sded and Matty-R. I really do appreciate the lengths you’re going to to assist me. Thanks. Task Manager shows 2 processes without a description: csrss.exe and winlogon.exe. All other processes look reasonable bar one I don’t understand: unsecapp.exe (sink to receive asynchronous callbacks for WMI client application). I’ve created a log from a program called System Information for Windows if you’d like to see it but it’s in html so I can’t attach it.
After taking everything out op NSP and CSP, there were no Firewall popups asking me what to do. I was able to fire up IE and FF no problem. They seem to have put themselves back into NSP and CSP of their own accord.
With those top 2 boxes in FF, the second only was checked so I checked the first also. Now I get a FF popup about an encrypted page when I go to Yahoo but nothing at all when I go to nsandi - I can still make the first click and then hang on the second.
Re Matty’s last point, there are 2 “443’s”, both under the Firefox ladder. Both are for TCP Out and both are in the Destination column.
■■■■, this is complex…!

This is a strange one,i seem to be able to get to the log-in page no probs.
Can you just check something else please.
Click “Start” and then “run” in the box type “services.msc”
This gives you a list of the services on your computer and what there set at.
Look down the list for HTTP SSL is this set to Automatic and Started?

Matty

When you look at your Logs(View firewall events) could you click “More” and see if there is anything relating to this in firewall/D+

Hi - I don’t see HTTP SSL. The closest I can find is WinHTTP Web Proxy Auto-Discovery Service which is Started/Manual. There’s nothing to view in the Firewall log and a dozen or so things in the D+ log but only to do with SAS etc.

You’re OK; Vista doesn’t use the http ssl service. You should be getting popups in training mode if you have removed the old rule sets, so don’t understand that. Did you remove your browser from the firewall list? Check firewall settings/alert requests to be sure all the alerts are enabled.

All alert boxes are ticked and Frequency is ‘Low’. Both browsers are currently in Network Security Policy.

Try moving frequency to very high-have seen posts on various logging problems.

‘Very high’ hasn’t changed anything. I sense we’re struggling here, so I’ve done another reinstall and, this time, I immediately set both CFP and D+ to ‘Training’ and the Alerts to Very High. Not once did I get a Firewall prompt window and only one D+ prompt for something I can’t recall but it looked Windows related. But both FF and IE7 are sitting snugly in NSP and CSP but it wasn’t me who put them there. And I still can’t get past the first click en route to that Direct ISA page…
Am I really weird??

Sounds like it might be an uninstall problem-not getting your settings out of the registry. They are actually stored as a registry hive. How are you doing the uninstall?-from Vista, or by using the installer itself. If you run the installer with the program already there, it will uninstall first, then you can reinstall. Or see the instructions and uninstall script at https://forums.comodo.com/help_for_v3/comprehensive_instructions_for_completely_removing_comodo_firewall_pro_3_info-t17220.0.html
First thing to try, though, is to remove the firewall rules for FF & IE7 & SAS and see if it will let you do that, then reboot.

One other thing with Vista-try turning off UAC and doing the rule editing. You could be having problems with Virtual Store, although this is unusual.

Hi. I forgot to mention - last time I did a reinstall I ran CCleaner beforehand. And I have UAC turned off for Administrator (me). But this time I used your batch file after the uninstall and it told me all traces should be gone. Then I reinstalled. Guess what? ‘Network firewall not functioning properly’. So ran diagnostics and it found a few things to fix but couldn’t fix others - did I want a report? Yes, I said and even though it’s in txt format, I can’t attach it here for some reason. But here’s the twist - I can now access that nsandi.com secure page! So all I need now is my network firewall warning off my screen and I’m happy. But I’ve been here all day, I need a break. Thank you SO much for your time, I can’t believe how good you’ve both been. See you tomorrow.

second attempt at attaching…

[attachment deleted by admin]

Well, it’s a new day and to start it off I’ve done another reinstall (making sure to disable all startup programs first and using the special batch file to clear up any traces of CFP).
Incidentally, I was asked previously about how I did my uninstall - via Vista or CFP. The only way I can see to do it is via Vista. I can’t see an uninstaller in CFP unless someone cares to enlighten me…
To recap last night’s reinstall, I ended up with the ‘Network firewall is not functioning properly’ message but I COULD access that secure/encrypted page on nsandi.com. Point of interest: during that reinstall I had a Windows message about unsigned driver but did I want to install it anyway? That’s the first time I’ve had that choice to make. Although it may have occurred before as I saw something flash up and disappear in a nanosecond during previous installs.
With this morning’s reinstall, I had no ‘install driver anyway?’ choice to make, no ‘network firewall’ error messages but now I’m back to being locked out of secure webpages. Also, I’m getting no CFP or D+ popups despite Alert frequency being Very High. That can’t be right, surely? Or is it because of being in training mode? (Tell a lie, I had one popup at the very start regarding WmiPRVse.exe which I allowed.) Both browsers (FF and IE) are stored in NSP and CSP along with my modem and antivirus (AVG) (although Superantispyware isn’t there despite being active). Like I said, I’ve not been asked by CFP how these apps should be treated…
Another observation: Network Security Policy shows the browsers being treated as Custom even AFTER I’ve edited them to Web Browser. Problem there maybe?
My conclusion: when this ‘network firewall’ is not functioning properly, I can access secure pages. When ‘all systems are active and running’ (the opposite message to the network firewall error warning) I’m unable to surf properly. If anybody can solve this riddle for me, I’d be extremely grateful.

If you have the alerts set at high in the firewall it will be custom as you are asking for alerts for ports and address you usually use this level only if you set the firewall to Custom Policy Mode and only set it at this level if you want a very strict set of rules.
Dennis

Thanks Dennis2. Just to confirm, for the benefit of those trying to help me out (thanks again…) it’s not ALL secure sites I’m having trouble with. I can go to my main bank account no problem. Tiscali is another problematic site for me (can’t view my bill) but the nsandi.com page (to log on to their Direct ISA page takes two clicks and I ‘hang’ on the second) is the only example I can give where I don’t need to post up my passwords!
If we can determine what KIND of page/link this is would it help us?

Hi M8,i`m sorry to say this but i think you have run into THIS bug.I can offer one suggestion which you may not have tried.
When installing have you tried shutting down Windows Defender,this is an issue with inspect.sys file which the Devs are working on.I see from your script it says there is a problem with it.

Sorry again to be the bearer of bad news.

Regards,Matty

ps if you do try again look under C:\Documents and settings(every folder listed) and C:\Program Files for anything relating to Comodo Firewall even after running the “Batch File”