Resources for bug reporters

[Guest]

[mouse1]

To back up

• In 6.x navigate to Advanced Settings ~ General Settings ~ Configuration. In 5.x go to More ~ Manage Configurations ~ Export
• Export your current settings to a .cfgx file with a distinct name of your choosing, in a folder *outside* the Comodo directories, saving if asked
• Go to Program files/Comodo/Comodo internet security/Database, copy the files named Trusted.db, Vendor.h and Vendor.n

To restore

• Go to More ~ Manage Configurations ~ Export
• Import the configuration, highlight it, and then choose 'activate'
• Copy the Trusted.db, Vendor.h and Vendor.n files back to their original location over writing existing. If this causes an access error, try the same in safe mode if you know how, or PM a currently active mod for help
• Reboot to ensure all software is running under the imported rules

NB if asked to test for a bug after a clean re-install of CIS please do not import your settings before testing.

[mouse1]

You'll hardly lose any settings if you follow this guidance:

• How to back up and restore your settings so you don't lose them.
• Doing a clean re-install of CIS

If you have been asked to do a clean reinstall to see if it solves your problem please do not restore you settings until you have done the test. Clean re-installs also clear CIS log, so please make sure you have created any log screenshots you need before doing this.

[mouse1]

FOR MODS ONLY - Needs updating when Comodo tracker is introduced

Mods enter bugs into the mod's issue tracking system - Bugzilla - at their discretion. However mods may, if they wish, use the following criteria to determine which user-reported issues are tracked.

These are in addition to the normal criteria given for issue reports in the format and guide.

• BSODS and crash reports with dumps normally get a Bugzilla entry with a cc to Head of Development
• Other issues should meet the following criteria:
  
  • Importance. Be likely to have have a significant impact on a significant proportion of users, or a substantial effect on a smaller number, or a small effect on a substantial proportion of users. This means that they will enter Bugzilla with a severity of 'normal' or above.
  • Replicability. Be reported by at least 2 users, or be replicable on a mods/devs computer, or be accepted by devs as a valid issue, or be from a user whose expertise the mod is familar with
  • Resistance.
    • be unlikely to be resolvable by trying further, more advanced, settings changes [1].
    • Has continued despite trying disabling or uninstalling potentially conflicting security software from other vendors. This test is relevant even if the problem, does not seem to involve security software from other vendors. Such conflicts can cause complex and indirect effects.
  • Persistance. Not solved by a clean reinstall of CIS - ie not a transient version update/import problem. Not solved by a new AV database, TVL, whitelist update.

Bugs that do not fulfill these criteria may be marked [NBZ] if the mod feels they are never likely to, or be left flagged [WBZ] if they may given further information, user tests or user reports.

Footnote:
[1] Only the standard settings changes will have been tried by the time the bug reaches format verified - so others may be tried before the issue enters Bugzilla. But these changes should of course be without significant side effects. Issues with work-arounds are still bugs.

[mouse1]

CIS stores your current customised configuration in your currently active configuration, which may (confusingly!) bear then name of a standard configuration. So to be sure to load a clean configuration you need to do the following:

• In 6.x Navigate to Advanced Settings ~ General Settings ~ Configuration. In 5.x Navigate to More ~ Manage My Configurations
• Backup your current configuration to a non-comodo directory by choosing export, navigating to the directory, agreeing to save if asked, and naming the resulting export file with say your name and the date. To avoid confusion do not give the file the name of a standard configuration.
• Choose import and navigate to the Program Files\Comodo\Comodo Internet Security directory
• Choose Comodo Internet Security configuration (the default - use to test a problem under default settings) OR the Comodo Proactive Security configuration (slightly higher security) OR Comodo Firewall Security configuration (same as IS config but no AV). To be double sure choose the details view on the import dialog and check that the file date is the date of the last CIS update - if not ask for help.
• Make this configuration your active configuration by selecting it then pressing the activate button
• Reboot to make the configuration fully effective
• Test to see if your prefer this configuration - for example test to see if any bug has disappeared?
• If you want to go back to your backup configuration simply import it and activate it as above then reboot.

 

[mouse1]

FOR MODS ONLY: How to distinguish an 'issue' from a 'wish list item'

A report refers to a valid issue if:
a) it would be a perceived as a problem by the average user
AND
b) a possible remedy would fall within a notional design specification for the CIS product, given the CIS product's current requirements scope (what sorts of security it tries to address) and design philosophy (the approach it takes in addressing it).

If it falls outside b) then it's a wish list item. If it falls outside a) then it's a design feature

The problem is we have no design documentation for CIS. The closest we have is an out of date help file. So this is always a matter of judgement.

[mouse1]

How to find and save event log files.

To find the logs, see these links:

Defence plus event logs.
Antivirus Defense logs.
Firewall event logs.

To save the file you can either take a screenshot of the log, or click on More in each log view and use the full log viewer to export a file.

[mouse1]

You can find your Killswitch process list by going to Advanced Tasks ~ Watch Activity. More details here.

When you do this please ensure:

• You show all columns, including CPU and Working Set
• You show all processes

This can involve multiple screenshots, so to make this easy try:

• Using Faststone screenshot software which can auto-scroll down as explained here.
• Exporting your process list (less easy for devs to instantly scan, but acceptable). On the Main Menu ~ Killswitch use 'Save current view'

[mouse1]

This information is normally available from Computer ~ Properties or My Computer ~ Properties

Version=the main version eg Windows 7

SP= Service Pack number. The main maintenance release number of a Microsoft Operating system.

x32/x64 is the number of bits the OS uses

[mouse1]

Please be careful to choose the right set of instructions (for CIS 5.x or 6.x) or you may lock-up your computer (reboot to resolve if you do!).  

CIS 5.x

• Disable Defense+ by moving the level slider in D+ ~ Settings to disabled
• Download and run Process Explorer from http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
• In Process Explorer, select  View->Lower Pane View->Handles.
• In Process Explorer Process window, click on cmdagent.exe in CIS 5.x
• At this stage, in the lower pane, you should be seeing handles opened by cmdagent.exe. You are particularly interested in "Type= File". Try and get as many of 'type file' on screen as possible and leave it visible
• Open CIS and Run a Scan -> My Computer. Do this overnight perhaps.
• Wait until the cmdagent hangs or the morning When it does you may get a crash dialog. Don't answer this dialog. When the scan hangs, please go to Process Explorer and
  
• Without deselecting cmdagent, check the Lower Pane for open "File Handles". You may or may not be able to scroll at this point - hence my suggestion about getting as much as possible in view. One of those handles are causing this issue. Probably an archive file. Make a list of the handles (if you can scroll, do) or take screenshots.
• If you cannot get a list of handles right click on cmdagent in process explorer and take a full dump using the menu.
• Please append file-list, or if you cannot, the dump. If you are willing to right click scan each of the files in the file handle list in turn until you get a crash and append the zipped file that causes it, so much the better, but this is not required.

CIS 6.x

• Open CIS and Run a Scan -> My Computer. Do this overnight perhaps.
• Open Killswitch from Advanced tasks ~ Watch Activity.
• In Killswitch right click on the cavwp.exe process (if two, the one consuming most CPU, which is the one that appears after you start to run a scan) and select  the handles tab
• At this stage, in the lower pane, you should be seeing handles opened by cavwp.exe. You are particularly interested in "Type= File". Maximise the dialog to try and get as many of 'type file' on screen as possible and leave it visible
• Wait until cavwp.exe hangs or the morning When it does you may get a crash dialog. Don't answer this dialog. When the scan hangs, please go to Process Explorer and
  
• Without deselecting cavwp, check the tab for open handles of type "File". You may or may not be able to scroll at this point - hence my suggestion about getting as much as possible in view. One of those open handles are causing this issue. Probably an archive file. Make a list of the handles (if you can scroll, do) or take screenshots.
• If you cannot get a list of handles right click on cavwp.exe in process explorer and take a full dump using the menu. If you get a refusal, you are trying to dump the wrong cavwp.exe, try the other one
• Please append file-list, or if you cannot, the dump. If you are willing to right click scan each of the files in the file handle list in turn until you get a crash and append the zipped file that causes it, so much the better, but this is not required.

[mouse1]

http://msdn.microsoft.com/en-us/library/windows/desktop/bb513641%28v=vs.85%29.aspx

http://blogs.technet.com/b/yongrhee/archive/2010/12/29/drwtsn32-on-windows-vista-windows-server-2008-windows-7-windows-server-2008-r2.aspx

[Tags:]