COMODO Internet Security 3.5.53518.419 RC2 Bug Reports [CLOSED]

(New bug in RC2 - Severity not sure, may be config specific)

Taskbar ICON (shield) not visible after installing RC2 over RC1 even though firewall (cfp.exe and cmdagent) loads.

  1. Your Operating System: XP SP3 32 bit
  2. Other Security and Utility Software Installed: Avira Basic, Spybot, CMF
  3. Step by step description to reproduce the issue: Install RC2 over RC1, using miscellaneous/check for updates, follow installation defaults, reboot as requested.
  4. How you tried to resolve the problem: Reboot many times (does not work); Log on as different user, then as main user (does work); load firewall again (does work)
  5. Upload Memory Dumps on crash if you encounter any: none
  6. Attach screenshots to your posts to clarify the issue further: not applicable
  7. Please put any False Positive Reporting here: not applicable
  8. Any other information you can think of: One of those bugs that is more of an embarrassment for Comodo than anything else as there are easy work-arounds. Probably relates to known XP fragility re loading task bar icons.

I’m not saying this doesn’t need addressing but it is rather CMF issue than CF and since there hasn’t been any update for months for CMF so I doubt that there will be any update soon. Unfortunately I cannot give you the service name because they must have changed it in some version and now there is no service running in background, at least I can’t notice any. The service mentioned before was injecting a dll file into every executable launched, and I believe this was giving you a buffer underrun protection, but many application do not like this and they refuse to work or work incorrectly. Anyway, I installed CMF on my system and did some tests. I was able to reproduce your issue by only instaling CMF, nothing else has been changed. Adding an exclusion for java.exe or closing CMF didn’t help either. Although I didn’t notice any service running in background the CMF acted exactly the same if there was one. And I suspect that when you close CMF.EXE you close just a GUI and the dll is still injected to every executable. This is just my assumption I do not know how actually CMF works at the kernel level or whatever it is called :D. Anyway the only workaround for me was to uninstall CMF. The problem has gone right away. I suggest you to do the same. I used CMF for a few months and I never had any alert from it. The only few times it gave me an alert was back then when I checked it with Comodo Buffer Underrun Tester(or similar name) application. If you really need buffer underrun protection then maybe you should try SafeSurt. It basically do the same thing but it only protects your web browser instead of the whole system.

[attachment deleted by admin]

Vista 32 SP1
CIS RC2 + WinPatrol

I have come across a certain firewall behavior that I am not so sure whether it’s intentional or a bug…

Firewall Behavior Setting = Custom Policy Mode

Run eg. FileZilla (FTP Client Application). Firewall alert pops up for connect permission to Destination IP = x, and Destination port 21 etc. Grant the permission with “Remember my Answer”. So far so good.

The network rule that is inserted in Network Security Policy for FileZilla, does not contain the reference to that particular IP and port 21, that I granted permission to. Instead it has blanket permissions, ie To IP Any and Destination port is Any.

Is this a design feature, or perhaps a bug? I cannot honestly remember how RC1 or previous versions behaved re this particular scenario.

Please post all bug reports & BSOD’s here and make sure to include:

  1. Windows XP SP3
  2. None
  3. Start a manual scan, make sure it scans some large files (20MB mp3’s for instance), try to stop the scan while it’s scanning these large files. Rather than stopping immediately it first finishes scanning the file (which can take up to 20 seconds depending on how large).
  4. No
  5. NA
  6. NA
  7. NA
  8. NA

I can confirm this happened to me too (while I was running a manual scan) even up to the point where Windows XP security manager was complaining my anti virus software was out of date. When I updated again the msg disappeared. This has happend twice so far but every time manually updating the virus definitions again resolved the issue.

I think that’s already a known issue:

What is your, Firewall, Advanced, Firewall Behavior Settings, Alert Settings, Alert Frequency Level ?


You need at least High to get specific port numbers in automatic rules, and Very high to also get destination address.
Can you try again and see if that works ?

I already did before your post. Setting Alert level on High does acquire the Dest Port, and setting it on Very High, acquires both Dest IP and Port.

Although it is nice to know how, nonetheless, Alert Level settings may not be the right place to make the firewall acquire fine grained info, in my opinion. Having said that, I do not see where else can there be such a setting, thanks for your help.

I tested the new version of Comodo Internet Security. Surprising was that the problem of whom report was not useful. I give you the information you requested and I were still not repaired the problem.;sa,showPosts

I’m disappointed! (:AGY)

The VirtualBox-causing-COMODO-to-crash issue has been reported by me and fOrTy_7. However, I have only tested with CFP 3.0.25 and I have not tried with CIS (any version). fOrT7_7, on the other hand, has been using many betas + release candidates and the issue still exists.

Besides, we’re not even sure if its a COMODO issue or not. (Can someone please read my post on the 3.0.25 to find out why I think that is so? And may someone please download my crash dumps, for references sake, since the problem exists with CFP 3.0.25?)

Check out

What the heck, I’ll upload my crash dump anyway. Please note this is a CFP 3.0.25 dump, not a CIS dump. Uploading for references sake.

[attachment deleted by admin]

Nothing Major,just a weird one when updating–>The pic says it all

[attachment deleted by admin]

Vista 32 SP1
CIS RC2 + WinPatrol


Outgoing PING request is allowed without any alert whatsoever.

To set this up…

Defense+, Advanced
Defense+ Settings = Paranoid Mode
Monitor settings = All ticked

Image execution Control Level = Aggressive
Files to check = .bat, .exe

Defense+, Common Tasks
My Trusted Software Vendors = Only COMODO

Firewall, Advanced
Firewall Behavior Settings = Custom Policy Mode
Alert level = Very High
Default Global Rules (As set by CIS)
Network Security Policy contains CMD.EXE and PING.EXE, both blocked for any in/out communications on IP protocol; both of these entries on top of the list.

On cmd.exe pinging any host eg goes through unhindered, no questions asked…

I have searched the Comodo forums for this particular problem without success.
Any pointers??

Disabling and enabling the network connection (Ethernet) takes a long time during which cmdagent uses lots of resources; sometimes up to 90%,

  1. I am on Vista 32 SP1
  2. Security program and others:
    Spybot Search and Destroy (sdwinsec running)
    A squared Free (a2service is running)
    Malwarebytes Antimalware Free
    Super Antispyware Free
    Winpatrol (not residential)
    Perfect Disk 2008
  3. Disable the network connection (ethernet) and enable it again. Watch the actiivity by cmdagent. It is a lot, up to 90% and takes a lot of time.
  4. Other information. This is an observation and I am not sure if it related. In the process of starting the network connection again the screen goes black two or three as may happen with a driver update for the graphics card (Radeon 9500 with the latest Catalyst driver: 8.10

Computer joined to domain (2003) and connected via proxy but unable to update virus database (gets to 5% then gives up) and CIS constantly reporting that an update (program update) is available on manual update. See below for details.

Edit: Forgot to mention, program update works fine (when an update is available) so not sure if it’s a proxy issue regarding virus database update ???.


  1. Your Operating System (32 or 64 bit) and Service Pack revision (Instructions for XP and Vista)
    Windows Vista SP1, 32-bit

  2. Other Security and Utility Software Installed
    BOClean 4.27, Windows Defender and SafeSurf

  3. Step by step description to reproduce the issue
    Using update links in both Summary (or AntiVirus) and Miscellaneous tabs

  4. How you tried to resolve the problem
    Problems occurs every time

  5. Upload Memory Dumps on crash if you encounter any

  6. Attach screenshots to your posts to clarify the issue further

  7. Please put any False Positive Reporting here

  8. Any other information you can think of
    Same problems occured in previous versions of CIS

Thanks - I agree CMF is involved just tested this myself. Does not happen unless CMF installed. Continues to happen even if CMF out of memory. Have amended bug report accordingly.

Many thanks again


Version of O&O Defrag ?

Have now found I can resolve this problem by listing all versions of Java.exe (and st_client_wrapper, but should be only one of these in OO/progam) on the disk as exceptions in CMF. Java update just keeps adding versions in version numbered folders in the programs/java directory, AND keeps one version in Windows/system32. (Same is true for CVtres.exe in Windows\\framework if you have multiple versions of .net - all versions of cvtres.exe must be listed as exceptions). Note that as additional versions are added in future these will need to be listed as exceptions as well. FYI have found that OO and ActualWindowsManager conflict as well - just in case you are using this!

Version 11.0 Build 3265

P.S.: COMODO Internet Security - RC 2 and Avira Premium Security Suite to surf on the internet slow. no Firewall from Avira installed.