[Closed] CIS set to manual start - when not running cant access exe or ...

Hi,

Seasons greetings.

I think this has already been asked, but I couldn’t find the topic / identify an appropriate workaround.

MY SETUP :

Windows XP SP3 32 bit English (installed to C: - FAT32)
CIS 3.5.57173.439 (installed to D: - FAT32)
Avast antivirus 4.8.1296, PeerGuardian2 (Others - but services / monitoring / shield / runtime protection disabled - Spybot S & D, Spywareblaster, Adware, Spware terminator, AVG Anti-Spyware 7.5, SUPERAntiSpyware, Advanced Spyware Remover)
CIS - CAVS3 anti-virus monitoring disabled

BACKGROUND :

Due to slow OS startup times I recently set comodo services to start manually so that only when I click the shortcut will the app initialize and the service also startup in the background.

ISSUE :

However am encountering an issue as a result of this.
“Am unable to run certain executables or access certain files (standard data) from executables”,
But once I start Comodo am able to successfully access.

CIS SETTINGS :

Am fairly sure this is because of my Defense settings (and not with the Firewall)
Defense+ Settings → General Settings → Safe
Defense+ Settings → General Settings → Block all the unknown requests if my application is closed - checked
Defense+ Settings → Monitor Settings → All checked.

Image Execution Control Settings → General → Normal (Have also tried this with Disabled)
Image Execution Control Settings → Files to Check → .exe

My Protected Files, Protected Registry Keys, Protected COM Interfaces, Trsusted Software Vendors and My Safe Files are left at default.

I set most of the executable’s which I access to “Custom Policy” and rarely Trusted or Isolated or Windows System Application

Direction would be appreciated.

Regards
Mohan

Defense+ Settings → General Settings → Block all the unknown requests if my application is closed - checked

Hello, hope this helps. Also I’d highly doubt Comodo that Comodo is making much of a difference between start-up times… Maybe it’s a software conflict (Since you have so many Anti-* softwares)

And just a personal comment… Your using WAYYYYY more than you need to. Just use Avast! for real time and scan with CAVS3\SAS on DEMAND.

You wrote out your problem/question very nicely. :wink: It would be much better (and it would probably fix your problems) if you just let the Comodo services start up automatically, and set other programs to start manually.

Comodo’s services are usually very light, and you’d be much safer if you just let them start up automatically.

Drat, Kyle posted first. >:(

:smiley:

Thanks Kyle and Jeremy, appreciate your responses.

Only Avast and Comodo (CIS - Firewall & Defense) run real-time and all of the others Have all real-time and any scheduled functions disabled and are set to start up manually or have their service auto-start disabled.

To account for their existence on my system.

  • I use them mainly for Immunization, addition of hosts, blocking of COM objects (functions if available).
  • Additionally I execute them as monthly manual scan’s :slight_smile: just to be sure.

Acknowledged that the cpu usage, commit and memory charge of CIS is low (one of the compelling reasons why I use it). And indeed I can allow the service to start automatically.

But being a comp. engg. and moreover from the programming background I relish on the fact that am aware of a fair bit of the intricacies of what happens within my system, hence the reason why I would like to get down to the bottom of what is wrong what the way I have setup CIS so that I can help the community have a better CIS experience :wink:

Hence my query still stands open :smiley:

Regards
Mohan

If I had to guess, somehow it might be CIS “self-protection” or it is protecting your computer from anything starting if it is not running… But don’t ask me how. :smiley:

Soooo…

Did you try with
Defense+ Settings → General Settings → Block all the unknown requests if my application is closed - checked

Unchecked ? as Kyle suggested.

Sorry Kyle, Jeremy and BedFrogger, Apologies I couldn’t reply to whether that solved my issue yesterday itself since I required to perform a restart test.

Yup that seems to have worked for my preliminary tests, need to do a bit more of testing before I can close the issue.

Thanks again a ton guys for the quick responses.

Regards
Mohan

You’re welcome :slight_smile: Happy new year!

DOES CIS works under safe mode?? I mean if I boot windows on safe mode, can I scan my PC using CAV?? Dont care about D+ and the firewall of course…hehe, but what about the AV engine. Will it work??

thanks

Ok finally figured out (I believe) what happens behind the scenes with my manual setup
I Removed CIS HKLM/Run entry
And my service “COMODO Internet Security Helper Service” cmdagent.exe is set to manual.

But even then there are 2 services running in the background (startuptype - system)
COMODO Internet Security Sandbox Driver - System32\Drivers\cmdGuard.sys
COMODO Internet Security Helper Driver - System32\Drivers\cmdHlp.sys

Now for reasons aforementioned, I changed the startuptype for these to manual, then restarted. However this time when I restarted CIS, It came up with the red cross - implying an issue, Ran diagnostics which mentioned its fixed the config, but it didnt do anything other than fixing the startup entry and service status.

Had to revert the change to system again since I couldnt get CIS to turn green.

Had to do a reinstall (Not an issue since I had my config backed up)

Will continue to see which exact services can be set to manual, hopefully someone else has also tried what I am trying and may have inputs.

Hi Darc,

Good idea, will try that since that would imply no services other than windows should be running. And I can control which “device drivers” load.

Will check and post

Regards

Hi Darc,

CIS - AV scans work in Safe mode from the context root item and also from the main interface.

Note since we are in safe mode both the below are stopped -
COMODO Internet Security Sandbox Driver - System32\Drivers\cmdGuard.sys
COMODO Internet Security Helper Driver - System32\Drivers\cmdHlp.sys

Additionally cmdagent.exe is set to manual and the CIS HKLM/Run has been removed. So there is no CIS loaded into system memory before we initiate the scan.

Note Defense+ status was red and was indicated as having issues as mentioned earlier in my previous attempt where I had set cmdGuard.sys & cmdHlp.sys to manual.

Hope that helps.

Cheers and thanks for the thoughts and assistance guys
Mohan

P.s. Wlll try to identify if any of cmdGuard.sys & cmdHlp.sys can be manual and if it works will update.

Just came across this topic from started by user Commodus, its a continuation of what I was performing.

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/moved_why_cis_doesnt_completely_shutdown-t32594.0.html

Cheers
Mohan