Cannot login to Windows 7 with Lenovo CSS [NBZ]

With the latest version of CFW, I am unable to login to my Win7 x64 installation using the Lenovo CSS package. I can disable CFW firewall by going into Safe mode, and then I can login (however CSS cannot communicate with the TPM chip). If I uninstall CFW, everything works fine.

The bug/issue

Your set-up

  1. CIS version, AV database version & configuration used: CFW version 5.3.174622.1216
  2. a) Have you updated (without uninstall) from CIS 3 or 4: NO
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:
  3. a) Have you imported a config from a previous version of CIS: NO
    b) if so, have U tried a standard config (without losing settings - if not please do)?:
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): NONE
  5. Defense+, Sandbox, Firewall & AV security levels: D+= Safe, Training, Sandbox= Disabled, Firewall = Safe, Training , AV = NONE
  6. OS version, service pack, number of bits, UAC setting, & account type: Win7 Ultimate, X64, UAC enabled, regular user account.
  7. Other security and utility software installed: Avast 5
  8. Virtual machine used (Please do NOT use Virtual box): NO

I experience the same problem on 3 Lenovo ThinkPad T61/R61 with Windows 7 64Bit
with the latest version of Comodo Firewall 5.3, so there is definitely a conflict …

→ all Thinkpad machine will not start properly until the firewall is off

Hey and warm welcome to comodo forums.

Add avast here: CIS —> Defense+ —> Defense+ Settings —> Execution control Settings —> Detect shellcode injections (i.e. Buffer overflow protection) —> Exclusions —> Add —> Browse…

have your added your finger print reader’s exe in trusted files? this how you add it in defense+ rules: CIS —> Defense+ —> Computer Security Policy —> Defense+ Rules —> Add —> Select —> Browse…

I hope this helps and let me how it goes.

Enjoy your stay here at comodo forums! :slight_smile:

Valentin N

Valentin, thanks for the quick reply. However your suggestions did not help. The issue is with the firewall (or so it seems), since disabling it is what allows me to get into Windows. Even when I have D+ disabled, if I don’t disable Fw as well, I cannot log in.

Hello Baygins;

Have you tried the following;

Put both Firewall and Defense+ in Training Mode; then reboot?
(right click icon > Firewall > Training Mode / Defense > Training Mode)


Yes, still failure.

In the old days, when I installed CFW, and logged in, a whole bunch of warning messages would pop up about various executables and I would put the Lenovo ones in Trusted Application category. Now, it can’t even get past the login screen.

Can you boot in Windows Safe Mode? Then try what Jacob suggests.

That’s what I did.

Ok; Lets Try Something Here…

Open CIS and Disable the Sandbox and Image Execution Control and Put Defense+ in Training Mode, Then restart;

Could you restart normallly?


D+ has no impact, in my experience, as stated in my earlier post. I need to Disable Firewall to be able to login.

Do the firewall logs give a hint to what program may be causing this?

There is nothing in the firewall log entries. No events recorded whatsoever, which is really intriguing.

Thank you for your bug report in the required format.

Moved to verified.

Thank you


I’m having the same issue with my Lenovo X301 and the Fingerprint Logon

Hello, I am wondering if there are any updates on this issue.