After Installing Comodo I Cannot Get Online

I have exactly the same problem as this guy: https://forums.comodo.com/install-setup-configuration-help-cis/after-installing-comodo-i-cannot-get-online-t75721.0.html. I installed Comodo on a fresh Windows 7 SP1 64-bit install and everything seemed fine until I rebooted, whereupon I found, just like the OP:

The Windows Update service has terminated with the following error: %%-2147014874

The IKE and AuthIP IPsec Keying Modules services terminated with the following error:
Load failed

The IPsec Policy Agent service terminated with the following error:
An invalid argument was supplied.

Also, when attempting to diagnose my computer’s connection problems using the built-in Windows troubleshooter, it tells me that the DNS server isn’t responding. I know it’s not a problem with my ISP’s DNS servers because I’m using those same servers to access the internet now on this machine. Now, if I was to uninstall Comodo these errors would go away and I would be able to access the internet again.

There are no remnants of other security programs involved. I’ve uninstalled, cleaned and reinstalled numerous times. I can traceroute through the firewall and out through the Thompson router. I can access the web, after a fashion, so long as I supply the browser directly with an IP address. But DNS requests issued from that machine to any DNS server don’t receive any replies.

Also I note that SSDP and UPNP aren’t working properly. I can get SSDP working if I disable the firewall and uncheck the Comodo internet security helper, but the only thing that restores DNS is completely uninstalling Comodo.

The firewall log has not recorded any blocked requests, it’s empty. I don’t think this is happening at a packet blocking level; I think the failure of those IP-related services is telling us that Comodo has quietly disabled some critical component of the TCP/IP stack.

Help!

Does No network connection after using Stealth Ports Wizard (DHCP Broken) bring a solution for you?

(mod edit= fixed link)

ipconfig /all confirms that DHCP is enabled for this interface (it had to be anyway, since outgoing http requests do work so long as they’re given a target IP address).

I should have mentioned that as well as DNS not working, neither can I telnet onto my router nor can I ftp onto it.

View Firewall events shows nothing at all, it’s empty. And wireshark doesn’t show any outgoing packets from these DNS, telnet and ftp requests. So I don’t believe they are even reaching the firewall, there must be some failed component in the TCP/IP stack that is dropping them before they reach it.

Did you answer ‘block’ for any alert?

Can you run Firewall, Stealth ports wizard and set it to the 2nd option, then reboot see if the issue still exists?

No, I didn’t block any requests.

With firewall alerting set to high I started seeing popup alerts and in most cases they were already set to behave as browser or email client or just marked as trusted app. In all other cases I either added the app to one of these groups or just clicked “allow”.

I’ve tried that stealth ports wizard option now and I’m getting some firewall events but none of them are blocked. And - crucially - neither DNS requests nor telnet nor ftp connection requests are showing up. As I said, these are not even reaching the firewall. I’m sure we are looking in the wrong place.

Okay quick test to see if it’s the firewall or not, switch the firewall security to disabled and reboot see if that works.

If that doesn’t work please try the following, open ‘Network and sharing center’, click ‘change adapter settings’ select your Network Adapter en right click ‘Properties’.
Then untick ‘Comodo Internet Security Firewall Driver’. Then Apply the settings and reboot.

If that doesn’t work it’s not firewall driver related.

Bottom line: it makes no difference.

I already tried unticking the Comodo Internet Security Firewall Driver and disabling the firewall. I also disabled Defense+ as well. With all these measures in place I found that the “See full map” function Windows’ Network and Sharing Center does work again, so I suppose it must have at least restored the ability of the SSDP and UPnP services to start up. Of course these do stop working again as soon as the firewall and Defense+ are turned back on.

Now that is one problem that does need addressing, if the firewall is to disable SSDP and UPnP by default it’s necessary to provide a clear and easy way to re-enable them without turning the whole firewall off.

However disabling those CIS components makes no difference to the telnet, ftp or DNS clients. The DNS client continues to fail silently; the telnet and ftp clients complain about a bad parameter, the ftp client also says this is coming from “Socket”. These functions are only restored by uninstalling Comodo completely. Which is what I’ve had to do for now just so that the computer is usable.

Does anybody know by what mechanism the Comodo installation could interfere with the functioning of the TCP stack so that it is unable to forward requests from DNS, telnet and ftp clients to the firewall? Something to do with svchost.exe for instance? Or would it have to be something related to service startup?

Based on the error’s it looks like some low-level issue failed causing all other depending services etc to fail also.
The key is to find what the first issue is.

If you look in the eventlog’s what is the very first failure after reboot, service/driver etc?
Did you do a complete default install, if not please provide every change made.
Did you change anything after install and before the mandatory reboot?

Not intending to Hi-Jack the post, but I have the same issue as the OP. Tried searching but the majority of the issues were not related.

OS: Windows 7 Pro SP1 x64 (OEM)
NIC: nForce 680i Chipset
CIS: 5.9.23255.2196

Same troubleshooting steps, I have uninstalled and re-installed multiple times.
Firewall/Defense+ logs are blank after the initial installation but Windows Network taskbar icon states no internet.
Running the troubleshooter reports DNS servers unavailable. Despite being able to ping them.
Once the DNS server is pinged via IP address the No internet error goes away, but still unable to resolve domain names.
This seemed to happen just today after a Windows update last-night and rebooting.
Uninstalling Comodo CIS resolves the issue,
Tried:

  • Reinstalling CIS from fresh download
  • Running stealth port Wizard option 1 manually assigning IP’s/subnet mask and selecting the network group listed (Home #1)
  • Running stealth port wizard option 2.
  • Uninstalling ALL network adapters in Device Manager and rebooting
  • Disabling COMODO firewall driver in network adapter properties rebooting
  • Disabling all CIS modules and rebooting
  • Activating different CIS profiles and rebooting
  • Swapped ethernet cables
  • Directly connected to modem, with no resolution. (Secondary PC on router running fine)

Here is the Event Log errors I receive after every reboot:

The IKE and AuthIP IPsec Keying Modules service terminated with the following error: Load failed
The IPsec Policy Agent service terminated with the following error: An invalid argument was supplied.
The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The operation completed successfully.
Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
The Function Discovery Resource Publication service terminated with the following error: %%-2147014852
The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147014852
The client was unable to validate the following as active DNS server(s) that can service this client. The server(s) may be temporarily unavailable, or may be incorrectly configured. 192.168.1.1
192.168.1.1 is my Router which is set to 8.8.8.8/8.8.4.4 DNS server

Before possibly going into more detail.Did you try

It would be interesting to see which, if any, services are disabled when CIS is installed, as most of the error messages point to the base filtering engine and/or RPC services.

I tried the steps, and even went as far as allowing all Source and Destination address instead of just 255.255.255.255 destination on ports 67-68 it did not resolve the issue.

I even enabled automatic start up of interactive services. Since an error specific to comodo was being thrown that they were disabled.

I posted all the screenshots and event logs on Google Docs.

Here’s another one for you guys.

I uninstalled the Firewall component using the change option in Programs/Features. The issue remained.
So I reinstalled the Firewall component and uninstalled the Anti-Virus Component. The issue is resolved

So it has something to do with the AV component and it killing RPC.
I thought my eyes were playing tricks on me and maybe the options were reversed. So I checked COMODO and it has the Firewall component options D+ and Sandbox, and I have net.

I’m happier, but considering I am planning to implement the End Point version of Comodo for my Work I need this issue resolved before I install it on 200 client’s PC’s and 3 servers.

Any ideas?

Did it also fail with AV real-time set to disabled?

If so it seems to be a nasty bug, can you post a bug report here?