cmdagent tries to use unreachable proxy although http proxy is not enabled [NBZ]

The bug/issue
cmdagent tries to use an unreachable proxy although http proxy is not enabled

  1. What you did:
    Took laptop home after using it on network at work

  2. What actually happened or you actually saw:
    While using computer at home, I observed Active Connections log entries for unexpected attempts by CIS to access the proxy server of the network at the Lab where I work. (That proxy server at IP cannot be used from off-site.)

  3. What you expected to happen or see:
    No attempt to use any proxy server when CIS http proxy is disabled

  4. How you tried to fix it & what happened:
    Turned CIS http proxy on and off. No change in symptom.

Enabled firewall logging for CIS netwrork activity in order to keep track of such accesses.
After many days of no accesses, today CIS has made many attempts to access the Lab’s proxy.
Http proxy is still disabled.

  1. If its an application compatibility problem have you tried the application fixes here?:

  2. Details & exact version of any application (execpt CIS) involved with download link:

  3. Whether you can make the problem happen again, and if so exact steps to make it happen:
    Proxy accesses stopped for a while, but then started up again today.
    I don’t know what I might have done to cause that.

  4. Any other information (eg your guess regarding the cause, with reasons):
    My guess: there’s a bug in CIS network access, since it isn’t obeying the CIS http proxy flag.

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug:

See below for screenshots of Firewall event log showing today’s attempts to access the (unreachable) proxy server

  1. Screenshots of related CIS event logs and the Defense+ Active Processes List:
  2. A CIS config report or file.
  3. Crash or freeze dump file:

Your set-up

  1. CIS version, AV database version & configuration used:

ISP v5.3.176757.1236
Virus sig. v7823
(I dunno what “configuration” is meant here)

  1. a) Have you updated (without uninstall) from CIS 3 or 4:
    This was a clean install of v5.
    no version of CIS was previously installed on this computer.

    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:

  2. a) Have you imported a config from a previous version of CIS:
    b) if so, have U tried a standard config (without losing settings - if not please do)?:

  3. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):
    enabled “log as firewall event” for Comodo Internet Security

  4. Defense+, Sandbox, Firewall & AV security levels: D+= SafeMode , Sandbox= ? (default) , Firewall = SafeMode , AV = Stateful

  5. OS version, service pack, number of bits, UAC setting, & account type:
    Win7 Pro, no SP yet, x64, default, account: admin

  6. Other security and utility software installed:
    None: Win7 firewall disabled, Win Security Essentials disabled.

  7. Virtual machine used (Please do NOT use Virtual box):

[attachment deleted by admin]

Thank you for your bug report in the required format.

Moved to verified.

Thank you


Not surprisingly, I’m still seeing this after updating both CIS and Win7 to
CIS v 5.3.181415.1237
Virus sig. v7886
Win7 Pro SP1 x64

I wasn’t expecting any change, but thought I’d provide the additional information.

An additional comment:
I believe this might be a security issue if CIS keeps trying to use a proxy which is a malware Trojan.

I am also seeing this behaviour.

Running CIS 5.9.221665.2197 so it looks as though absolutely nothing has been done to rectify this issue.

Wish I had not paid now.

I’ve added it to known issues, in the hope of encouraging a fix.

Best wishes