CIS HIPS Conflicts With HydraDM.exe (AMD display driver) To Cause Freeze [I23]

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?:
    Yes, every time
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    1:Install AMD Display driver 14.6 with Hydravision on a multi-display system (any 14.6 version - I am using 14.6 RC2 right now)
    2:Install COMODO firewall in the default configuration
    3:Reboot system
    4:Turn on the HIPS
    5:Desktop will be “not responding” and COMODO will also be “not responding” so you can never hit “Accept” on the HIPS notification that HydraDM.exe is trying to modify a protected registry key
  • If not obvious, what U expected to happen:
    I expect to be able to hit “Accept” without it freezing, or for HydraDM.exe and HydraDM64.exe to be permanently whitelisted by default if the freezing issue cannot be resolved.
  • If a software compatibility problem have U tried the conflict FAQ?:
    Don’t need to, it’s definitely a compatibility issue between AMD’s HydraDM.exe and COMODO
  • Any software except CIS/OS involved? If so - name, & exact version:
    AMD Catalyst 14.6 beta, RC1, and RC2 - http://support.amd.com/en-us/kb-articles/Pages/latest-catalyst-windows-beta.aspx You must install the hydravision component as HydraDM.exe is part of that.
  • Any other information, eg your guess at the cause, how U tried to fix it etc:
    All necessary info is above. If you kill HydraDM.exe in task manager, both windows explorer and COMODO start responding again and you can click accept.
    [/ol]

B. YOUR SETUP
[ol]- Exact CIS version & configuration:
7.0.317799.4142 - COMODO Firewall (not the full CIS suite)

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
    Default configuration of COMODO Firewall software on safe mode. I believe this means Firewall and HIPS are both enabled on safe mode.
  • Have U made any other changes to the default config? (egs here.):
    No
  • Have U updated (without uninstall) from CIS 5 or CIS6?:
    No - clean install
    [li]if so, have U tried a a clean reinstall - if not please do?:
    N/A
    [/li]- Have U imported a config from a previous version of CIS:
    No
    [li]if so, have U tried a standard config - if not please do:
    N/A
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
    Windows 8.1 64-bit fully updated. UAC on default setting. Account administrator. Not in a virtual machine.
  • Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
    a=No 3rd party security software b=Never
    [/ol]

[attachment deleted by admin]

Thank you for reporting this. I want to make sure of something. Your title suggests that this is a conflict with the HIPS. However, your steps for reproduction states that this happens in default configuration. By default the HIPS component is disabled and it is only the Behavioral Blocker which is active.

Does this freeze still happen if only the Behavioral Blocker is enabled?

Thank you.

If I recall correctly, on mine the way it was installed the “auto sandbox” was disabled and both the firewall and HIPS were set to “safe mode” when I first launched the program. There’s a chance I might have turned HIPS on to safe mode the first time I installed Comodo and maybe the setting carried over when I re-installed it to test, but I know the “auto sandbox” was definitely off by default. I never enabled that feature.

That is strange. Please try reinstalling by following the advice I give in this topic. Then, after reinstalling pay very close attention to what is enabled and what is disabled.

Please let me know.

Thanks.

I did that and HIPS was not enabled after installing Comodo so it worked fine. I enabled HIPS and the problem came back. It seems like the issue will only present if you turn on the HIPS protection. One other issue I noticed is that starting the game “The Wolf Among Us” causes my PC to completely become unresponsive with a black screen if HIPS is turned on. If HIPS is off it works fine, so I will just leave HIPS off for now.

Thanks. I made small changes to the first post to clarify this.

Can you please check and see if any of the files for this are in the Unrecognized Files list? If they are please add them to the trusted files list and let me know if that is able to solve this issue.

Thanks.

The files do not appear on either the Unrecognized files nor the Trusted files list. They do appear in the HIPS rules area though as “custom ruleset” (probably because I hit allow when it asked me something about that file in the past)

Please make sure that all rules associated with it are deleted from the HIPS rules and make sure that the problem continues to occur. Let me know if that makes any difference.

Thanks.

Did removing any HIPS rules for the driver make any difference?

Thanks.

PM reminder sent.

I will now move this to the Incomplete Issue Reports board.

Topics in this board are not looked at by the devs. The reason is that putting bug reports in the required format, with the required files and all requested information, ensures that the devs have enough information to understand and identify the bug.

To get your report forwarded to the devs please let me know whether it made any difference deleting any HIPS rules which were associated with files used by the display driver. This is needed in order to rule out that possibility. Once I have that information I should be able to forward this directly to the devs.

If you have any questions please do not hesitate to ask.

Thank you.

Can you please check and see if this is fixed with the newest version (8.0.0.4337)? Please respond to this topic letting us know whether it is fixed or if you are still experiencing the problem.

Also, note that all bug reports in the Non-Format section of the forum, which is where this report currently is, are mainly not looked at by the devs. Thus, if the bug you were experiencing is still not fixed please edit your first post so that it is in the correct format (found here, with all required attachments), so I can forward this to the devs and get this problem fixed.

Thank you.

Hello,

My primary test system is AMD.

I can confirm that AMD\ATI Catalyst Control Center and drivers have been white-listed by Comodo for the most part. The most recent graphics drivers are still “Unrecognized,” but not auto-sandboxed - probably since AMD\ATI is in the Trusted Vendor List (TVL) and they reside in System32\drivers directory.

However, the problems of frequent AMD\ATI updates and the fact that some of these files are not digitally signed remains. Consequently, the risk of incompatibility or other issues has really not changed as some modules will be detected by Comodo as “Unrecognized” and might be auto-sandboxed.

The user can:

  1. White-list (move from Unrecognized to Trusted) the files in the local file rating database.
  2. Create auto-sandbox ignore rules.
  3. Create HIPS allow rules (Allowed Application - CCC - Programs directory; Windows System Application - graphics drivers - System32\Drivers directory).
  4. Uninstall AMD\ATI Catalyst Control Center (CCC adds no benefit except for high-end gaming systems).

Obviously with Option 4 one does not need to do Options 1 thru 3.

Best Regards,

HJLBX

Hello,

Please move to Resolved\Outdated.

This issue has been fixed since v. 8.2.0.4508.

Best Regards,

HJLBX