CIS Failing every single Firewall test on net, help needed!

Hello everyone, im using Comodo Firewall for years and i was always proud owner of best Firewall there is.
Its long time since i stop testing Comodo with all kind of firewall tests as i trust it completly, but last night i was bit bored and for some reason i vent to take few tests eg. and for classic firewall tests.
As always i expected to see all those green ports (stealth) but i couldnt believe when i saw all blue (closed) and bunch of red (Open) ports, and just 1-2 green ones.
I tested again and again, changed my IP, reboted PC, check my Comodo settings, reinstalled and did fresh install with latest comodo downloaded from official site with default settings, then changed them again to highest security, stealth port wizzard etc, and i was still getting same FAIL results over and over again.

After that i runned my antivirus full system scan to see if there is maybe some infection for some reason doing something bad to Comodo, i did full scans with Avira Pro ( my default AV) also installed Nod32, BitDefender, Kaspersky, also runned scans with Malwarebytes Anti-Malware, Spy Both and HiJackThis and finaly i used ComboFix, everything came out completly clean in every of those softwares.

Heres HiJackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:44:45, on 03-Nov-10
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\OCZ Technology\Mouse\Amoumain.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\Portrait Displays\forteManager\DTHtml.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\NetLimiter 3\NLClientApp.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\OCZ Technology\Mouse\Amoumain.exe
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM..\Run: [DT LGE] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -LGE
O4 - HKLM..\Run: [avgnt] “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] “C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM..\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM..\Run: [Launch LgDeviceAgent] “C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe”
O4 - HKLM..\Run: [Launch LCDMon] “C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe”
O4 - HKLM..\Run: [Launch LGDCore] “C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe” /SHOWHIDE
O4 - HKLM..\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKCU..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
O4 - HKCU..\Run: [NoteZilla] C:\Program Files\Conceptworld\NoteZilla\NoteZilla.exe
O4 - HKUS\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip..{5F840B38-5AA0-4293-B1CB-485ACB0E8975}: NameServer =,
O17 - HKLM\System\CCS\Services\Tcpip..{AE9ACD36-BF2E-4B5B-909D-8622B88F7259}: NameServer =,
O17 - HKLM\System\CS1\Services\Tcpip..{5F840B38-5AA0-4293-B1CB-485ACB0E8975}: NameServer =,
O17 - HKLM\System\CS2\Services\Tcpip..{5F840B38-5AA0-4293-B1CB-485ACB0E8975}: NameServer =,
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

End of file

Im not exacly sure what "O20 - AppInit_DLLs: " is in HiJackThis log but none of all those programs found it as problem so maybe its ok…

So i run out of ideas what could be problem im here asking experts if u ppl can help me solve this problem so that i can again have my trusted Firewall back running as its ment to?
For any additional info needed pls ask i will gladly do what ever is needed to solve this problem.

Before anything else - are you behind a router?

If you are, then the pcflank and grc tests are displaying the repsonses received from your router NOT from your CIS protected PC.

If you want to test your CIS protected PC and you are behind a router, you will need to port forward ALL tested ports to your PCs internal IP address. Until this port forwarding is done, pcflank and grc can only test the public facing IP, which is your router.

Ewen :slight_smile:

i would like to know what testing tools are you using

I presumed the GRC one was ShieldsUp (GRC | ShieldsUP! — Internet Vulnerability Profiling  ) and PCFlanks Quick Test port scanner (Quick Test | PCFlank).

Both of these test against the first responding device in the chain (otherwise known as the router).

Ewen :slight_smile:

First of all thank u so much for taking time to answer me.
Yes im behinde router, and i dont rly want to test CIS i trust it alot, i was just confused how all those ports were open/closed when for years before they use to be stealth, and i wasnt changing system/router or any settings at all.
So basicly first line of defense aka my router fails but there is CIS that is protecting my PC as its ment? nothing i should change at all in CIS settings ( they are pretty much on high settings) ?
I just wish is to know if my CIS is working as its ment, that i dont have some strange unexpected problem with it.

Oh one more thing, i noticed when i installed new version ( well i had it already but just updated not clean install) that there is now option for using Comodo DNS, what im wondering is there any way i could lose on my MS/Ping in games using that option on Comodo?


The firewall issue is not to know whether your router is actually checked or not, but to ensure that the communications between the router and your computer(s) are secured.

Some home routers nevertheless have a built-in firewall, whose settings when not hard-coded allow e.g. to block ping requests and/or to close some ports, while others can’t help but to keep a few ports opened in order to ensure the ISP and/or router provider firmware upgrades and other “features”.

The only way to test your computer itself if the router does not allow it is to use a standalone modem if you have one and to plug the router off, or sometimes to set the tested computer as dmz for the router.