Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Comodo Firewall Issues


  • Please log in to reply
12 replies to this topic

#1 ajv41266

ajv41266

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:35 AM

Posted 10 March 2010 - 08:23 PM

After running several scans trying to clean up any malware on my PC, I installed the Comodo firewall at the suggestion of the forum addict helping me to help protect my PC, No I am wondering if the figures I am seeing through Comodo are normal or indicate my system is infected.

Right now I just logged on and opened up firefox to send you this message. Comodo is reporting I have 70 outbound connections right now, I have no idea what those could be, looks like 20 to 30 at listed under firefox. Then I am watching the intrusion attempts steadily tick upward like one every second, right now Comodo has logged over 5500 intrusion attempts today on my PC, is that normal? or is that an indicator of something being wrong? Sorry for bugging you again, it seems like things are running much smoother on my PC, but I just wondered if these outbound connections/intrusion attempts are normal or not.

At the direction of my helper I am posting this problem in the firewall and the infection forums to deal with each issue.

Thanks for any help you can offer!
Adam

Edited by ajv41266, 10 March 2010 - 08:31 PM.


BC AdBot (Login to Remove)

 


#2 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 AM

Posted 11 March 2010 - 05:04 PM

That is definitely not normal, I have 20 outbound connections at the moment, and 0 intrusion attempts. You may still be infected.

#3 bluesjunior

bluesjunior

  • Members
  • 761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:35 AM

Posted 12 March 2010 - 08:23 AM

If you do a search on your problem at the Comodo site (see Link) you will find a lot of help and explanations for your problem. This was a common query on an earlier version of Comodo and I am guessing you do not have the latest version installed. It was normal behaviour on that older version with Firefox for example having multiple connections going on at the same time.
Motherboard: Gigabyte GA-MA770T-UD3, CPU: AMD Athlon II X3 450 Processor, Memory: OCZ 4GB (2x2GB) DDR3 1333MHz,Graphics: PowerColor HD 5750 1GB GDDR5,
PSU: Corsair 430W CX PSU 4x SATA 1x PCI-E, Hard Drive:Samsung SpinPoint F3 500GB Hard Drive SATAII 7200rpm 16MB Cache.

#4 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 AM

Posted 12 March 2010 - 04:52 PM

They just released Comodo Internet Security 4

#5 ajv41266

ajv41266
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:05:35 AM

Posted 13 March 2010 - 03:15 PM

So sorry for the stupid question, but should I just download and install this Comodo Internet Security 4? Is there any virus scan or firewall setting I can modify through Comodo or Windows to help fix the problem?

#6 JamesFrance

JamesFrance

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France/Spain
  • Local time:12:35 PM

Posted 14 March 2010 - 04:14 AM

You don't say if you have another antivirus program you want to keep. If so you can install the firewall without the av but you would limit the effectiveness of CIS.

The CIS antivirus in version4 seems to have a much better detection than older versions, even against very recent malware, so you may well like to try installing the whole suite having uninstalled your existing antivirus and firewall.

You can see two good demonstrations of CIS4 on YouTube which show it in action:




James

#7 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 AM

Posted 14 March 2010 - 08:54 AM

To be honest, I think the Defense+ feature of Comodo is what catches the majority of the malware, not the actual antivirus engine. The Defense+ feature is included in just the firewall as well as the firewall + av.

#8 JamesFrance

JamesFrance

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France/Spain
  • Local time:12:35 PM

Posted 14 March 2010 - 09:52 AM

To be honest, I think the Defense+ feature of Comodo is what catches the majority of the malware, not the actual antivirus engine. The Defense+ feature is included in just the firewall as well as the firewall + av.


Not with CIS4, watch the videos, I was surprised also as I thought the same with older versions.

The antivirus is stopping most zero day malware before Defense+.
James

#9 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 AM

Posted 14 March 2010 - 11:28 AM

I just watched the 1st vid (I've seen a lot of that guys reviews) and am surprised, but I do think that even without the AV, defense+ would block the stuff. Defense+ is behavioral based so I'm pretty sure it would block the malware as well.

#10 JamesFrance

JamesFrance

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France/Spain
  • Local time:12:35 PM

Posted 14 March 2010 - 02:00 PM

No the behaviour analyser will come in CIS4.1, for CIS4 the Sandbox is taking over a lot of the Defense+ alerts of the previous versions. The sandbox and the av are the important parts now.
James

#11 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 AM

Posted 14 March 2010 - 05:04 PM

Defense + was always heuristic based wasn't it? It is almost like Spybot's Tea Timer, it alerts you when files try to change things on your computer. I've been using Comodo for about a year now.

Edited by xblindx, 14 March 2010 - 05:10 PM.


#12 JamesFrance

JamesFrance

  • Members
  • 278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France/Spain
  • Local time:12:35 PM

Posted 15 March 2010 - 04:20 AM

Defense+ is a HIPS with a whitelist, I don't know about Teatimer as I haven't used it.
James

#13 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 AM

Posted 15 March 2010 - 03:52 PM

I know it is HIPS, I just never cared to look up what exactly HIPS stood for :thumbsup:
Well I uninstalled avast! and have installed the anti-virus feature of Comodo and am going to see if it runs any better than avast. I'll probably keep it because I hate switching AV's lol




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users