Hello, well I wanted to give Comodo CIS a try because after I’ve read a few bits about it it sounded quite good, maybe too good, because nothing really worked on my Vista 64.
At first the installer somehow didn’t install the antivirus component, it just wasn’t there even tho it was selected. After 2 un,- and reinstalls it finally was there and so I took a closer look at the firewall and unfortunatley this was what made CIS basically unuseable for me because it slowed down/ delay any web access/ traffic by 15- 45 secs,… I couldn’t find out why and after some tries and 2 reinstalls to get it working I had to uninstall it because that way it just wasn’t of any use making me wait 15- 45 secs even for looking up the google, no way.
So, anything I could do to get it working? Is there a known bug or something that might have caused this on my Vista 64?
Since you tried a couple of install and uninstall let’s start with a clean slate just to be on the safe side of things.
Start with exporting your configuration to a folder that is not part of the Comodo folder under Program Files. This way you can restore your configuration after the reinstall.
Uninstall CIS and reboot. Then run [url=https://forums.comodo.com/comodo_system_cleaner_fileregistryprivacy_cleaner/comodo_system_cleaner_116494436_released-t37631.0.html]Comodo System Cleaner[/url] to get rid off registry keys.
Then delete the Comodo folders under Program Files, Program Files\Common Files, C:\Documents and Settings\All Users\Application Data\ .
For Vista/Win7
Users%username%\appdata\local, Users%username%\appdata\roaming\ and \Users%username%\appdata\local\virtual store
To be even more thorough open Device Manager and set it to show hidden devices under menu option View. Then see if there are Comodo driver(s) left in non Plug and Play drivers. If so select the driver → click right → uninstall and reboot.
Now delete the following:
C:\boot.ini.comodofirewall (this file may not exist).
WARNING: Do not mistakenly remove the original “boot.ini”.
C:\WINDOWS\system32\drivers\cmdGuard.sys
C:\WINDOWS\system32\drivers\cmdhlp.sys
C:\WINDOWS\system32\drivers\inspect.sys
C:\WINDOWS\system32\guard32.dl
a. HKEY_CURRENT_USER\Software\ComodoGroup\CFP and HKEY_CURRENT_USER\Software\ComodoGroup\Comodo Internet Security
b. HKEY_LOCAL_MACHINE\SOFTWARE\ComodoGroup\CDI\1 *
*(If you have other Comodo products installed, delete only the values
for CFP)
c. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
\cmdAgent
d. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
\cmdGuard
e. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdHlp
f. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Inspect
g. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
\cmdAgent
h. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
\cmdGuard
i. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdHlp
j. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Inspect
k. KEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services
\cmdAgent
l. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services
\cmdGuard
m. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdHlp
n. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Inspect
o. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdAgent
p. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdGuard
q. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdHlp
r. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
\Inspect
s. HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro
t. HKEY_USERS\S-1-5-21-1202660629-746137067-2145843811-1003\Software\ComodoGroup\CFP
u. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDAGENT *
v. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDGUARD *
w. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDHLP *
x. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_INSPECT *
y. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDAGENT *
z. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDGUARD *
aa. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDHLP *
bb. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_INSPECT *
cc. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDAGENT *
dd. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDGUARD *
ee. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDHLP *
ff. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_INSPECT *
gg. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDAGENT *
hh. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDGUARD *
ii. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDHLP *
jj. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_INSPECT *
kk. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFP_Setup_3.0.14.276_XP_Vista_x32
ll. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFP_Setup_3.0.14.276_XP_Vista_x64
mm. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CFPLog
nn. HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\CPFFileSubmission
oo. HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro
Although I couldn’t see how it should in the first place because I installed CIS on a clean/ fresh Vista 64 Home Premium Setup without ever having any other Comodo Software installed before (so my first install which didn’t work in any way was on a as clean as possible system) I gave it a try and did all that. Same.
So I repeated all that again and this time I installed the CIS 3.9xxx RC1 and well it’s the same there as well. Already directly after the install when it asks if it should check my system, before I even restarted the internet access is already slowed down,… basically rendered unuseable and it remains like that even after the restart and goes back working when I disable the Firewall component.
With it enabled it feels like some slow DNS Server and a proxy in Austrailia is used, that’s what I can compare it to
What is going on? >:(
German Vista 64 Home Premium, 64-Bit HPET, 3 GB RAM, 500 GB HD, GeForce 8800 GTS 512, Gigabyte P35-DS3R Mainboard, Intel Core 2 Duo E7300, Intel AHCI Drivers used and every other driver as well is up to date, rock stable, very good performance, and besides that no problems whatsoever
Compound TCP is enabled (newer generation CTCP congestion control algorithm)
ECN (Explicit Congestion Notification) is enabled
RSS - Receive-side Scaling is enabled
TCP Chimney Offload is enabled
Nagle’s algorithm is disabled (because of lower latency related to online-gaming)
I’m using a Jumbo Frame/ MTU of 4KB/ 4082
could CIS have problems with any of these settings?
all of the above settings my router with it’s integrated DSL Modem and my network card support and I’m on DSL 16000 in Germany. My Network chip is an onboard Realtek RTL8168B/8111B Family PCI-E GBE NIC which also uses it’s most recent 6.218.317.2009 driver from the 17.03.2009.
Of course I tried that already and it “did not find any problems” with my installation,…
Started out using the default settings, like I mentioned even after a clean install before the restart, when I didn’t even access the userinterface yet the problem is already there. Tried various other settings after that but didn’t change anything.
Could any of you guys forward the above additional infos about my system to one of the developers who could answer if some of these advanced settings could be the cause of that problem in case the CIS Firewall doesn’t support them?
Ok an additional problem came up, I noticed that CIS is distorting audio e.g. when I play some HD video record, even tho the CPU use is only around 30%. Even disabling all of it’s functions through the Comodo Userinterface doesn’t help, only uninstalling does.
Basically CIS now is completly unuseable on Vista 64,… I guess all these aren’t features so could you move this thread to the bugs forum or should I make a new thread over there?
Oh and also I’ve come across some strange behaviour related to uninstalling certain comodo left overs. Really hard to get lost of those legacy registry keys. Even in safe mode no go. Strange because my administrator account rights don’t seem to work and I can’t change or take over anything,… what up with that?
With it enabled it feels like some slow DNS Server and a proxy in Austrailia is used, that's what I can compare it to
Having just read over this topic, it does sound like a DNS problem in that some server is having a timeout. A quick check would be to see what DNS servers are configured. From a command prompt, enter “ipconfig /all”. This will show the DNS servers that are in use. If you have a router, it may be listed as your server. In which case you’ll need to log into your router to see what DNS servers it is using. If the DNS servers are not what you expect, then there is a problem. If the server IP addresses seem reasonable, then some more digging would be in order.
the log is empty also I tried the stable 3.8 at first and after that 3.9 RC1.
Even with the AV component from CIS not installed or not activated the same.
Also no untypical browser plugins, clean Vista 64 install.
My usual tactic at this point is to see what’s on the wire using a network monitor. Wireshark is one, SmartSniff is another. The Microsoft Network Monitor 3.2 is another. I’ve got good experience with Wireshark, but I can work with the others.
The intent of using a network monitor is to see if packets are going outbound when expected, and are getting packets back. If there is a DNS hang somewhere, for example, then the monitor will show outbound traffic, but no inbound. Something like that would give a clue as to were to look.
I guess all these aren’t features so could you move this thread to the bugs forum or should I make a new thread over there?