Comodo 8.0.0.4337 blocks Desktop start and autoruns on Windows start

Fire_Walker · November 23, 2014, 9:42am

Hello,

when i installed COMODO 8.0.0.4337 on Windows 7 SP1 and restart the system, the Desktop doesn’t start until i kill explorer.exe with Taskmanager, and restart the explorer. But all autoruns doesn’t start after. My system starts correctly when i delete everything from COMODO in the Windows 7 scheduler. But sometimes COMODO writes his settings back to scheduler. How can i deactivate the autorun of COMODO? It’s okay for me to start COMODO manually, because my Internet connection isn’t everytime activated.

Greets
Fire_Walker

qmarius · November 23, 2014, 5:20pm

Please try to reinstall using this guide.

Flykite · November 28, 2014, 2:36am

Hi Fire_Walker,

I’m a member of COMODO, I just saw a problem you posted on COMODO forum.
Here are some questions.
What’s your OS? Win7_x64 or Win7_x32?
Is that you logged on your administrator account?
Is there any other Antivirus installed on your computer?
What’s your CIS setting? Default?

If you want to start CIS manually, “Win”+E and enter “msconfig”->startup->Uncheck the CIS, Ok and restart. The CIS would not start automatically.

If possible, could you please make a dump file when fail to start Desktop again?
The following link is the method to make dump file manually(Complete ):

With PS/2 keyboards, you must enable the keyboard-initiated crash in the registry. In the registry keyHKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt\Parameters, create a value named CrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.
With USB keyboards, you must enable the keyboard-initiated crash in the registry. In the registry keyHKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbdhid\Parameters, create a value named CrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.

The default way is: Hold down the right “Ctrl” key and press “Scroll Lock” twice.

Flykite · December 12, 2014, 5:04am

Hi, comodo internet security R80DFR_8.0.0.4344 is released! Please try this issue on the new build , thank you.

sturge24 · December 21, 2014, 5:40pm

I had this same problem. Comodo is auto-sandboxing Explorer.exe because Win7 loads it before HIPS is fully loaded. Here’s what fixed it for me:

Boot the computer, wait for everything to load, restart Explorer.exe.

Open CIS, go to Advanced settings > Defense+ > HIPS > HIPS Settings

Uncheck “Block all unknown requests when the application is not running.”

Press “OK” and reboot.

Alternatively, you might find a way to delay the start of Explorer.exe.

wasgij6 · December 22, 2014, 9:17pm

you need to read the prompts before accepting them. This alert shows when enabling “Block all unknown requests when the application is not running”

[attachment deleted by admin]

sturge24 · December 23, 2014, 4:59am

You are correct, of course. The same alert showed in version 7, and even V6 if I recall correctly. However version 8 loads the HIPS engine slower, or at least later, causing the issue which did not present in V7.

I was just trying to be helpful. I like to push my chosen security software to the most aggressive settings possible, due to frequently having malware infested machines on my network. I assume there are others that do the same, or just like tinkering and learning from the experience.

CIS is great for offering so many options, but some can cause issues in certain circumstances. This seems like Fire_Walker might have checked this box. Fire_Walker may have also selected this option more than a year ago and simply forgotten, since no issues presented. In either case, the solution I offered should do the trick.

**Edited for clarity