COMODO Internet Security 4.0.132838.716 RC Bug Reports [LOCKED]

Comodo Internet Security - CIS Beta Corner - CIS
1

Please post all bug reports & BSOD’s here and make sure to include:

  1. Your Operating System (32 or 64 bit) and Service Pack revision
  2. Other Security and Utility Software Installed
  3. Step by step description to reproduce the issue
  4. How you tried to resolve the problem
  5. Upload Memory Dumps on crash if you encounter any
  6. Attach screenshots to your posts to clarify the issue further
  7. Any other information you think that might be useful

It’s vital to provide all this information, so the developers can quickly identify and fix bugs faster.

2
  1. Your Operating System (32 or 64 bit) and Service Pack revision
    Windows 7 32Bit
  2. Other Security and Utility Software Installed
    Spywareterminator (Real-timeshield turned off)
  3. Step by step description to reproduce the issue

I downloaded the installer and executed it. The download starts but ends with an error and a question if I want to try again)

  1. How you tried to resolve the problem
    Not
  2. Upload Memory Dumps on crash if you encounter any
    None
  3. Attach screenshots to your posts to clarify the issue further
    Done
  4. Any other information you think that might be useful
    None

[attachment deleted by admin]

3

Just downloaded the installer. Got through everything and started downloading, but ended up finished as soon as it downloaded the Live PC Support. Nothing else was installed or downloaded.

4

Well as stated above, all parts of the download will not download :cry:

[attachment deleted by admin]

5

Installer Claims i still have CIS v3.x installed which is not true.

[b]1. Your Operating System (32 or 64 bit) and Service Pack revision[/b] Windows 7 x32, Enterprise

2. Other Security and Utility Software Installed
CIS v4.0.679 Beta

3. Step by step description to reproduce the issue
Just try to download the software

4. How you tried to resolve the problem
No

5. Upload Memory Dumps on crash if you encounter any
N/A

6. Attach screenshots to your posts to clarify the issue further
Done

7. Any other information you think that might be useful
CIS 3.x has been previously installed on this machine, so it’s probably some reg-key issue.

[attachment deleted by admin]

6

Well it’s not posible for me to download the software. After 2.34mb it stops. :-TD

[attachment deleted by admin]

7

We are looking into this download problem right now.

8

I have never in all my life seen so many pop ups
This has got to go
Bye Bye

9

“Create rules fro safe applications” still isn’t working. Instead of automatically allow all requests made by safe application, it gives me pop-up.

10

Hi Rambo. I think i know what you mean. Cis 4 is supposed to suppress pop ups but i too have experienced situations where it continually repeats what it has just done, allow or block!! over and over on the same subject. Got to be a bug of some sort.However i will personally put up with it until its fixed as i do not know of any application that does and will do more effeciently than Cis does at present security wise and with the other additions to come in 4.1, i think for now its a price worth paying. Just my opinion mind you.

Regards
Dave1234.

11

Can you post this in the Release post?, such replies don’t belong in the Bug Report thread.
Unless you provide the requested details, and explain what’s really going on.

12

Could you please describe what applications caused alerts?

13

OS: Windows XP SP3 32bit updated to the latest post-sp3 Service packs
CIS Version: 4.0.132838.716
D+ configuration: Comodo Proactive Security Defaults
D+ mode: Safe mode

General information:

[ol]- Some protected paths in My protected files defaults include a leading ?:\ wildcard to specify all drives (C:, D:\ , etc.) though D+ was unable to trigger “Protected File/Folder” access rights alerts for paths that pertained USB removable devices (FAT USB-key disk).

  • All applications policy blocked section of “Run an executable” access right include a ?:\Recycle?* rule though D+ is unable to silently block execution of application launched from paths that pertained USB removable devices (USB-key disk) but will display execution alerts.

Non removable HD are not affected. I’ve not tested if other access rights that apply to USB removable devices paths might be affected [/ol]

Other Version affected:

It is possible to reproduce the issue on XP32 with CIS 3.13.121240.574 and later v3 updates/revisions.

Description:
If an USB removable device is assigned a drive letter (eg. I:):

[ol]- It is possible to use a non-safelisted (Comodo lookup result: unknown) notepad application to create a new I:\autorun.inf without alerts.

  • If sandbox is disabled, launching an application whose path is I:\Recycled\app.exe will trigger an alert regardless if a related “All applications” rule is meant to silently block execution from ?:\Recycle?*

  • If sandbox is enabled, launching an application whose path is I:\Recycled\app.exe won’t be blocked and won’t l trigger an alert (regardless if a related “All applications” rule is meant to silently block execution from ?:\Recycle?* )
    [/ol]

Workaround:
Previously mentioned workarounds (see past reports for details) for protected-file access-rights do not appear to work anymore

14

OS: Windows XP SP3 32bit updated to the latest post-sp3 Service packs
CIS Version: 4.0.132838.716
D+ configuration: Comodo Proactive Security Defaults
D+ mode: Safe mode

General Information:
In CIS installation folder (%ProgramFiles%\COMODO\COMODO Internet Security) there are configuration defaults backups in a new XML config format:

  • COMODO - Internet Security.cfx
  • COMODO - Firewall Security.cfx
  • COMODO - Proactive Security.cfx

Description:

It is possible to import any of the above listed xml configs using More…\My configurations\Import… but these configuration files will result in a corrupt/erroneous Firewall rule-set (picture attached)

The incompatible XML configs (this list might be incomplete):

[ol]- Do not have SourcePort tags when required

  • Add non-conformant untagged data before termination tags;
    Thiis data corresponds to attributes (Protocol,Days,StartHour,StartMinute,StopHour,StopMinute,etc.) which are missing from the opening tags
  • Do not have <?xml version="1.0" encoding="utf-16"?> at the beginning[/ol]

NOTES: The above mentioned configuration files feature a proper “Temporary Files” group.

All the registry representations of CIS default configurations do not have a trailing asterisk (*) for the Internet Explorer “Temporary Internet Files” folder (eg. C:\Documents and Settings\username\Local Settings\Temporary Internet Files)

The above mentioned XML config files instead include a properly formed wildcarded path for Internet Explorer “Temporary Internet Files” (eg. C:\Documents and Settings\username\Local Settings\Temporary Internet Files*)

Other Version affected:

15

As soon as installation had finished there was a continuous stream of pop ups which lasted for 3-4 minutes by which time i had had enough,so when it had finished i uninstalled
This is not a RC.
Operating System: Windows 7
AV : Avast
Windows Defender

16

OS: Windows XP SP3 32bit updated to the latest post-sp3 Service packs
CIS Version: 4.0.132838.716
D+ configuration: Comodo Proactive Security Defaults
D+ mode: Safe mode
Account type: Administrator

Description:
Running Comodo Leak Tests .1.1.0.3 under elevated context (Allow “clt.exe is requesting to run with elevated privileges” alert ) once will negatively impact CLT.exe results when running again (later) in CIS sandbox (rightclick → Run in COMODO Sandbox)

On subsequent runs in sandbox D+ is unable to alert about PhysicalMemory (all subsequent runs), SetWinEventHook (only once) and SetWindowsHookEx (only once) if these exact steps for the 1st run are followed:

1st run.
a. left-click on clt.exe and Allow “clt.exe is requesting to run with elevated privileges” alert
b. double-click on “Invasion: PhysicalMemory” line to fail that test
c. close clt.exe

2nd run.
d. right-click on clt.exe and choose “Run in COMODO Sandbox” context menu verb
e. double-click on “Invasion: PhysicalMemory” line
f. double-click on “Injection: SetWinEventHook” line
g. double-click on “Injection: SetWindowsHookEx” line

Despite the 2nd run was carried using the sandbox D+ fails to alert about these actions:

7. Invasion: PhysicalMemory Vulnerable
10. Injection: SetWinEventHook	Vulnerable
11. Injection: SetWindowsHookEx	Vulnerable

NOTES: Running clt.exe without carrying the steps listed in 1st run beforehand will have D+ correctly alert about those tests.

PS: this issue might affect only XP systems

Other Version affected:

17

For we can quicker investigate and handle your problem - could you name at lease several applications for which alerts were shown, also could you tell were those alerts Firewall or Defense+ or Antivirus?

18

Your patience is greater than mine.
I gave up Comodo a few months ago having been with it since V2.4.
I found that the more bells and whistles there were the more unreliable it became.
They have fallen into the trap of every other security company that i have known.Never mind the bugs,lets have more goodies.
I just thought that for one more time i would try it.You know the result.
Anyway the firewall in Windows 7 does a good job.
Regards

19

I’m very sorry,i can’t help.
I was so furious that i didn’t notice but i suspect Defense +.
I don’t have the Comodo AV.
Regards

20

Hello, thank for your feedback.
‘Create rules fro safe applications’ not affect to silent allow. It only save all actions as rules for application that already detected as safe (e.g. from trusted vendor).
So if you have alerts from application it means that this is not safe applications.

If you want to save all actions of not trusted application as rules without alerts try to switch D+ to ‘Training mode’. It suitable only for clean systems, please notice that.

I hope i understand you right, best regards.