CIS A/V Scan hangs if PC not connected to internet

Setting for automatically update database was set.
PC: VAIO, Windows XP home SP3, fully updated and patched.

Scan My Computer hangs the system, not allowing any interaction, even Start for reboot! Must shutdown with power button.

Initiating Scan with internet connect shows that Comodo wants to update its db. After that, scan proceeds OK.

Welcome to the Forum, Dav4is.

Have you tried unchecking ‘Update Database before scanning’ to see if it still hangs?
Antivirus/Settings (realtime/manual/scheduled)

OK, there are two bugs:

  1. Unchecking that option to update the database before scan has no effect. I.e. still wants to update.
  2. Attempt to update db w/o internet connection hangs the PC.

This is Windows XP Home, SP 3, fully updated and patched.

I have noticed the same thing happening, and as far as I can see the problem is concerned with accessing the internet at the start of a scan. If your internet connection is very busy then the hang can occur. I have tried stopping all internet access from other programs (like torrent downloads etc), and then I don’t seem to get a hang.

Having said all that, Today the machine froze on me as it started the scan even though nothing else was accessing the internet. I did notice that there was a message saying that the data-base was being updated!

Set Firewall to Block All mode and tested CIS 3.9 509 revision on a Windows XP SP3 no additional AV or Security app.

“Update Database before scanning” option checked.

Manual scan for “Critical Areas” triggered a signature update and the corresponding dialog was on screen for 30 seconds. There was no hangup or crash whereas cmdagent CPU load was around 2% during the update attempts.

Further tests apparently reduced the waiting time to 2 seconds anyhow the AV DB version info at least in one case remained set to 0 until an update could be succesfully competed.

“Update Database before scanning” option unchecked.
Manual scan for “Critical Areas” staretd immediately. No hangup or crash.

If you try your tests w/o internet connection you may see, as I did, that even with that option unchecked, the dialog for signature update comes up for at least several seconds. Today, the dialog goes away after several seconds and the scan begins. Previously, the signature update dialog never went away and I had to power off to reboot.

Peculiarity: When doing a manual signature update today, progress bar jumped to 30%, stayed there for a while, jumped to 50%, then incremented in 1% clicks for many, many, minutes – perhaps 45 minutes overall!

Other than these A/V problems, I am not having internet troubles. Browsing, using several browsers, seems normal. FireFox, IE8, Opera, Safari, AOL Explorer, Google Chrome, OB1; also FTP uploads OK.

If the option is unchecked, I did see, that no update dialog was triggered by manual scan.

The same goes unplugging my Internet cable whenever I tested this again just a while ago to reproduce seemingly the same behavior I described before (no hangup or crash).

This time though when the update option was checked, the update dialog lasted only few seconds but it didn’t mention any error like it did when the firewall was set to Block all Mode as indeed there was actually no connection (My pc had no IP). Whereas previously I tested an active connection purposely blocked (My pc had an IP but was unable to connect).

Still no hangup or crashes on a more than 5 years old PC.

As for updates Today I got .509 installed from scratch and updated to latest AV DB in five minutes (No rough estimate as I purposely verified the time in the tray bar)

How does one reinstall .509? I did some research and the process seems pretty scary to me!
I want a reinstall that preserves all my settings of what are trusted aps &c &c.

You can export your configurations using Manage My Configurations under Miscellaneous. That will contain all your application rules and Global Rules. You will loose My Own Safe Files and My Trusted Software Vendors.

For a clean install you can choose to use this tool after uninstalling:;msg259617#msg259617 .

Or use the following procedure:

Uninstall CIS and reboot. Then run [url=]Comodo System Cleaner[/url] to get rid off registry keys.

Then delete the Comodo folders under Program Files, Program Files\Common Files, C:\Documents and Settings\All Users\Application Data\ .
For Vista/Win7
Users%username%\appdata\local, Users%username%\appdata\roaming\ and \Users%username%\appdata\local\virtual store

To be even more thorough open Device Manager and set it to show hidden devices under menu option View. Then see if there are Comodo driver(s) left in non Plug and Play drivers. If so select the driver → click right → uninstall and reboot.

Now delete the following:
C:\boot.ini.comodofirewall (this file may not exist).
WARNING: Do not mistakenly remove the original “boot.ini”.

a. HKEY_CURRENT_USER\Software\ComodoGroup\CFP and HKEY_CURRENT_USER\Software\ComodoGroup\Comodo Internet Security
*(If you have other Comodo products installed, delete only the values
for CFP)
c. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
d. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
e. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdHlp
f. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Inspect
g. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
h. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
i. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdHlp
j. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Inspect
k. KEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services
l. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services
m. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdHlp
n. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Inspect
o. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdAgent
p. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdGuard
q. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdHlp
r. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
s. HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro
t. HKEY_USERS\S-1-5-21-1202660629-746137067-2145843811-1003\Software\ComodoGroup\CFP
kk. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFP_Setup_3.0.14.276_XP_Vista_x32
ll. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFP_Setup_3.0.14.276_XP_Vista_x64
mm. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFPLog
nn. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CPFFileSubmission
oo. HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro

*Note: It may not be possible to remove these “LEGACY” keys. If you cannot delete them, leave them in the registry. However, I have subsequently found that you MAY be able to remove these keys in Safe Mode by using a third-party registry tool. To permanently remove them may also require modifying the Permissions for each key. See:;msg119226#msg119226

Now you should be good to go

Holy Moly! That’s not a procedure; It’s a recipe for disaster!

Why does everything have to be so frigging difficult? Why can’t Comodo make nice like other tools and applications and install easily over itself, preserving user settings &c.

No, thank you. It’s not worth the risk. I can live with the occasional freeze-up until the developers upgrade Comodo to the user-friendly plateau.

Or, offer a Repair option in the Control Panel add/remove programs. Other applications have it.

You may want to try this removal tool that works on the same idea:;msg259617#msg259617 .

Note: This tool is NOT provided by Comodo Group, and therefore, Comodo Group holds no responsibility.

Sorry, until Comodo group sanctions it – or, better – incorporates it into the standard installation process, I won’t risk it.

Today I tested CIS uninstaller again and it worked nicely.

It is also possible to backup the configuration before uninstalling.

Whereas a complete update of 3.9 ( .509 revision) bundled AV-DB (1157) up to the latest AV DB version (1306) took around 7 minutes.

[attachment deleted by admin]

It would be my luck to have it not go so smoothly, and I would be like the several other people who have had bad experiences with, for example, incomplete uninstall – i.e. FUBAR.

Why can’t Comodo have a Repair option in the Add/Remove programs item? That seems a much safer approach than full uninstall and install.

(I do appreciate your effort to provide clear instructions.)

There is nothing to fear especially considering that in order to prevent apocalyptic unluckiness it is possible to manually create a Restore point which in the unlikely event of FUBAR could be even restored from Windows Safe mode.

Anyhow considering I was not able to reproduce on my setup the specific scenario you described so far I guess I’ll refrain from providing further advices.