Author Topic: TroubleShooting CIS  (Read 31664 times)

Offline John Buchanan

  • "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well armed lamb contesting the outcome of the vote." ~ Benjamin Franklin
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6683
  • Personal Dragons can be defeated. Improve yourself
TroubleShooting CIS
« on: November 14, 2008, 03:25:01 AM »
CIS 3.5 troubleshooting Guide

This guide was written to make troubleshooting errors easier than searching the forum postings (a daunting task at times).

Please note these solutions have come from you the users and moderators of this forum.
This is simply a compilation of those results, in no specific order.


1. Problem:
Right-click on file does not give manual scan in context menu.

Solution:
This feature requires a clean install of CIS.  The current upgrade doesn't install this.
There is a command line option post upgrade.
Open a command window (as administrator) and issue the following:
regsvr32 "%ProgramFiles%\COMODO\COMODO Internet Security\cavshell.dll"


2. Problem:
Firewall not displaying in Windows Security Center.
This usually happens when you upgrade to CIS3.5 from either the betas or CFP.

Solution1:
To get WSC to acknowledge CIS Firewall, follow these steps:
1. Uninstall CIS completely (if necessary, clean the registry after you reboot).
2. Reinstall CIS3.5 and reboot.  You should now see the firewall in WSC.

Solution2:
Go to Add/Remove Programs (XP) or Programs and Features (Vista), select Change/Uninstall
to bring up the installer, select the Modify option, run through the installer and reboot at the end.

Solution 3:
The problem may be resolved by re-starting the WMI repository:

1 - rt-click Command Prompt and select 'Run as Administrator'. Type the following command:
winmgmt /verifyrepository
If you get a message "WMI repository is consistent", run the following command:
2 - net stop winmgmt [Click Enter]
3 - cd /d %windir%\system32\wbem [Click Enter]
4 - ren repository repository.old [Click Enter]
5 - net start winmgmt [Click Enter]
If you get a message "WMI repository is not consistent", run the following command:
6 - winmgmt /salvagerepository
This will perform a consistency check on the WMI repository and resolve the issue.
7 - Restart your machine.
8 - If you again get the following message instead: winmgmt /salvagerepository is failed.
Ignore this message, and again run:
winmgmt /salvagerepository
Reboot.


3. Problem:
After updating from 3.0.25, an "Error 112: Unable to copy file: cfp.theme" message displays.

Solution 1:
Go to C:Documents & settings/user/appdata/roaming/comodo/firewall pro/data/tempfiles
and delete the file cfp (theme file).  Update again.

Solution 2:
Run cfpupdat.exe (in Comodo directory)  as Administrator!

Solution 3:
Completely uninstall it, then use a registry cleaner.  These will fix any errors in the registry associated with the uninstall of Comodo.  Then restart, and do a clean install of CIS latest version.


4. Problem:
"Error 106: could not complete update process"
"Error 109, update could not be completed"

Solution:
No specific result came of these.
Please completely uninstall CIS.  Use a registry cleaner and reboot.
Download the latest version, and do a clean install.


5. Problem:
While attempting to install the x64 version of CIS, you receive the following:
"the set up program is not a valid win32 application"

Solution:
Either you are trying to install the x86 version, or you may have inadvertently downloaded a corrupt file.
Please download the program again from another source (such as
http://us2.download.comodo.com/cis/download/setups/CIS_Setup_3.5.54375.427_XP_Vista_x64.exe ) and reinstall.
Notify the Admin or moderators about the corrupt file so that it can be remedied on the server.


6. Problem:
You receive the error "Not able to extract EULA.txt file. Aborting installation" after
choosing installation directory.

Solution:
Delete the content of the Windows TEMP folder. If there is one (another) eula.txt, the installer cannot extract itself.
%USERPROFILE%\AppData\Local\Temp
this is the defalut Windows TEMP folder.


7. Problem:
You accidentally erased maximum Proactive security settings in "manage my configuration" 

Solution:
You will have to reinstall CIS.


8. Problem:
Installed CIS and now cannot get a Remote Desktop Connection.

Solution:
You have a blocked entry.
Ensure that remote desktop connection has been enabled.

Right click on “My computer”
Select Tab “remote”
Select “remote desktop”

Comodo Firewall on remote computer:

In the firewall section – in the left column, select “advanced”  – network security policy – global rules

You have to allow TCP port 3389 IN thru the firewall. The firewall log should show that port as being blocked when you try to remote in.

The rule would look like this:
ALLOW - check the checkbox if you want to log
TCP
IN
Source IP: the IP of the PC you are connecting from
Destination IP: Any (or the IP address of the computer being connected)
to here)
Source port: ANY
Destination port: 3389

Now move this rule to the top, so that this rule is executed first.
In the firewall section– in the left column, select “advanced” - network security policy – application rules

Find the entry for svchost.exe
And change the part:

Block and log IP in …….

Add the exception for the IP address of the source computer


9. Problem:
Defense+ Log viewer shows an entry with a valid application, Action is Direct memory Access, Target is one of the Comodo CIS program files

Solution:
Memory sharing issue.
Select Defense+/Advanced/Computer Security Policy. 
Scroll down to Comodo Internet Security, select Edit/Protection Settings.
Interprocess memory Access (Active Yes) select Modify/Add/Running processes.
Scroll down to locate the application.  Click it and click "Select". 
Then just "Apply" to each window as you exit.


10. Problem:
Cannot update virus database if using a proxy.

Solution:
As of this writing (November 13/08), the fix will be included in the next CIS update release.


11. problem:
Virus definitions update stops at 5%.

Solution:
This seems to be an issue when updating from RC2 as the update paths were changed.
Uninstall CIS and use a registry cleaner, Download and install the latest version of CIS,
then update your signatures.


12. Problem:
"Error Code 0x800705aa - insufficient system resources exist to complete the requested service."

Solution:
You didn't do a clean install of CIS 3.5, an upgrade was performed instead.
Uninstall, clean your registries, download and install the latest CIS.


13. Problem:
Some files are not being scanned by the AV scanner.

Solution:
These files are quite possibly larger than the default setting of 20MB.
This size limitation can be increased to 999MB max in AntiVirus/Scanner Settings.
Select each tab: Real Time Scanning, Manual Scanning, Scheduled Scanning.
Increase the size of the max file size in "Do not scan files larger than"


14. Problem:
CmdAgent.exe uses 100% cpu.

Solution:
This appears to be a conflict with running update software (such as MS Updates).
deactivate cmdagent (stop process in comodo firewall) not able to deactivate with ctrl-alt-delete.
Download and run the Windows updates, then reboot.


15. Problem:
Running the Leaktest, you do not score 340/340

Solution:
Place CIS in Proactive Defense -> right-click the icon, select Configuration/Comodo - Proactive Security.
Block everyhing.
While testing the products, you might see some internet explorer windows opened.
Until the tests are finished, DO NOT close them manually.
Otherwise you might get wrong results.
Vista x64 If you fail test 7, UserInit, add
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon*
to D+ My Protected Registry Keys.


16. Security Issue:
svchost.exe
Go to the Firewall/Advanced/Network Security/Application Rules tab, and
then look down that list to find "C:\WINDOWS\system32\svchost.exe"
Change rule from "Trusted Application" to "outgoing only"

17. Security Issue:
If you do become infected with a virus, please read the following posts:
http://forums.comodo.com/virusmalware_removal_assistance/what_do_i_do_if_im_infected-t27334.0.html


18. Problem:
Cannot reinstall your FireWall - You get an error message saying that Comodo Internet Security is installed with an older version of installer and you need to remove it via the control panel>add/remove first.

Solution:
You can try running Comodo Registry Cleaner first.
http://registry-cleaner.comodo.com/index.html
Then, reinstall CIS.


19. Problem:
Firewall shows many connections even after the application is terminated.

Solution:
After closing a p2p client it will take a while for the network to know you are off-line. You will see lot of incoming requests.  This is normal.


20. Problem:
Comodo Application Agent not running.
You may also have noticed Windows Security Center displays no firewall protection.

Solution:
It is possible Application Agent has crashed.
Simply reboot your computer and all should be fine.


21. Problem:
CIS displays the GUI every time you boot up.

Solution:
Check the startup command line.  It should end with '-h'
« Last Edit: December 18, 2008, 09:02:50 AM by John buchanan »
Please follow Comodo Forum Policy

Bah! Ban 'em all! The only good member is a banned member
And a member is just a policy violator who hasn't been caught yet. >:-D

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek