Comodo causing error with Networx

I have a two-user PC running Windows 7 x86 Ultimate.

When the PC boots, user1 auto logs on and one of the things it loads is Network. CFP.exe does NOT load for this user.

When user2 logs on, Networx also loads. The program is designed to work with multi-users but the problem is unless I disable the Comodo service cmdagent.exe, when Networx loads for user2 it gives an error “Error in multiuser sync initialisation: System Error. Code 5. Access is denied”. CFP.exe loads with user2, but I tried disabling that first and only disabling cmdagent.exe prevents the error message.

I’ve tried setting Defense+ to disabled, along with Execution Control Level and Sandbox and now have tried the “Deactivate Defense+ permanently” option and rebooted. I’ve also tried adding “Networx.exe” to the shellcode injections Exclusions list (although I don’t think that’s necessary now I’ve disabled all those components is it?).

The developer of Networx has provided me with some information to pass on, which hopefully will help you to fix this incompatibility.

"NetWorx opens a memory mapped file at

This file is open from all instances of NetWorx and this is used for
synchronisation to ensure that only one of two or more instances
running at the same time writes usage info into the database."

Are we talking about the installed version of this product? NetWorx : bandwidth monitor, connection speed test, data usage log
I’m running portable and have no issues but I also don’t use a 2 user setup.

What type of accounts are both users on your system admin or normal users?

Yep, that’s it.

Both accounts are admin.

If you say ‘when user 2 logs on’ are you using logoff/logon to switch from user 1 to to 2 or are you using “Switch user”.

And what happens if you do start cfp.exe with User one, does it show any alert?

Can you check your Defense+ Computer security policy settings and see if networx is in there and if so what settings does it use?

Neither actually. I’m using the concurrent RDP patch, so user 2 logs on via RDP whilst user 1 stays logged on locally.

If I run cfp.exe under user1 as well as user2, no new alerts appear (which I wouldn’t expect, as I’ve already got rules for everything that runs under user1) and the error still happens when networx.exe loads under user2.

Defense+ is permanently disabled, but under Computer Security Policy - Defense+ rules there’s an entry for Networx.exe set to Trusted Application.

Did you provide this info also to the Networx developer? because I’m not totally sure that this is a setup that is supported by either Networx or CIS.
As it’s non M$ default behavior we’re seeing here because of the ‘patch’, it probably also violates your M$ license.

Yes, the Networx developer is aware of my setup and says it is designed to work when more than one user is logged in (see the information in my second post). As far as Networx is concerned, I don’t think my setup is any different to fast-user switching, as that leaves user1’s programs running when user2 logs in (as far as I know anyway).

CIS works fine as well as long as I prevent cfp.exe loading for user1 (it still works if I don’t do this, but I don’t want alerts appearing on my TV and maybe there’s the potential for issues with both users running it).

I don’t know about the M$ licence but there’s only one person using the PC, so it shouldn’t be an issue, any more than running some programs as “System” and some as “User”.

Well I have seen reports before that CIS isn’t fully multi-user and I can imagine that it doesn’t know where to send the alerts to if it has to cfp.exe’s and one cmdagent process.

Can you try fast-user switching to see if that behaves the same? I think CIS might know which of the sessions is ‘idle’.

I’ve just tested and I don’t get the error with fast user switching.

Can you then test the User 1 with cfp.exe active and the User 2 with no cfp.exe active, see if that also gives the error?

Yes, if I disable cfp.exe from loading for user2 and log-out, login as user1 and start it then fast user switch to user2, the error still occurs.

However, I’m now finding it occurs even if I disable cf.exe and cmdagent.exe completely, so I don’t know what’s going on anymore as it did only occur before when cfp.exe was loaded for user2.

If you disable cmdagent.exe CIS will go in ‘attacked’ mode and protect several things, that might cause ‘strange’ results…
Please leave cmdagent.exe active and set things like disable D+ permanent and disable Sandbox+Image execution also that must render D+ to be ‘disabled’.

I tried disabling just cfp.exe first and when I still got the error cmdagent.exe, but if disabling that puts Comodo into “attacked” mode I guess the error could still be related to Comodo.

As mentioned in my first post, I have disabled everything except the Firewall component.

The Networx developer has sent me a debug build now to try and determine what is preventing access to the Networx.PID file for user2.