Please post all bug reports & BSOD’s here and make sure to include:
The full product and its version e.g. COMOOD Firewall 5.8.202801.2064 etc
Your Operating System (32 or 64 bit) and Service Pack revision
Other Security and Utility Software Installed
Step by step description to reproduce the issue
How you tried to resolve the problem
Upload Memory Dumps on crash if you encounter any
[b]Memory dumps generated by CIS can be found in
C:\ProgramData\Comodo\CisDumps(Windows Vista or later) or in
C:\Documents and Settings\All Users\Application Data\Comodo\CisDumps(Windows XP)
Memory Dumps Generated by Windows can be found in
c:\Windows\minidumps[/b]
Attach screenshots to your posts to clarify the issue further
Any other information you think that might be useful
The CIS Security profile your using, and if you imported a previous version of the config
It’s vital to provide all this information, so the developers can quickly identify and fix bugs faster.
This format will be strictly moderated. If your messages do not convey this format, they are not going to be taken into account.
It’s very important to know what security profile your using and if you imported a previous config, and if you have changed settings from default, e.g. enabled “block all unknown requests if the application is closed” etc.
For those who observe freeze issues while doing a full scan:
Here is what you need to do in order o identify the problematic file while scanning:
1 - Disable Defense+
2 - Download Process Explorer from Process Explorer - Sysinternals | Microsoft Learn
3 - Run Process Explorer
4 - In Process Explorer, select View->Lower Pane View->Handles
5 - In Process Explorer Process window, click on cmdagent.exe
At this stage, in the lower pane, you should be seeing handles opened by cmdagent.exe. You are particularly interested in “Type File”
6 - Open CIS and Run a Scan → My Computer.
Wait until the scan hangs. When the scan hangs, you must go to Process Explorer and check the Lower Pane for open “File Handles”. One of those handles are causing this issue. Probably an archive file. Please indentify that file and let us know.
The full product and its version: CIS 5.8.206694.2075
Your Operating System (32 or 64 bit) and Service Pack revision: win7 pro 64
Other Security and Utility Software Installed: N/A
Step by step description to reproduce the issue: i couldn’t get a screenshot before the window went away but i was testing the newest beta in my VMware and a piece of malware got sandboxed then a blank white windows popped up with code. it looked like code was being executed. i saw the words sandbox and isolation in the code so it was related to defense +. then after about 30 secs. the window disappeared and i got the regular sandbox alert.
How you tried to resolve the problem:N/A
Upload Memory Dumps on crash if you encounter any:N/A
i will try and find the particular piece of malware that caused the problem and report back
While running AV scan using Critical Areas profile, system became slow and unresponsive randomly during scan, was not able to take screenshots or able to use check resources due to system became to slow to use during these periods
The full product and its version: COMODO Internet Security 5.8.206694.2075 BETA.
Your Operating System (32 or 64 bit) and Service Pack revision: Windows 7 Professional 64 bit SP1.
Other Security and Utility Software Installed: None.
Step by step description to reproduce the issue: I was running AV scanning using Critical Areas profile.
How you tried to resolve the problem: N/A
Upload Memory Dumps on crash if you encounter any: N/A
Attach screenshots to your posts to clarify the issue further: None.
Any other information you think that might be useful: None.
The CIS Security profile your using, and if you imported a previous version of the config: Proactive Security.
i think i can reproduce the failure here, if i change the default language to english then all is fine in the scan display, if i change it back to german the display is half cutted off as seen in my picture. so i think it has to do with the german language file or fontsize.
I have submitted this bug three times, but nothing happened so far! (5.5.xxx.1383, 5.8.xxx.2037 beta, 5.8.xxx.2064 beta)
The full product and its version: COMODO IS. 5.8.206694.2075
Your Operating System (32 or 64 bit) and Service Pack revision: Win 7, SP1, 64 bit, UAC disabled, Admin account.
Other Security and Utility Software Installed: No
Step by step description to reproduce the issue: I downloaded ANY infected file(s) to the desktop. When came the AV alert I selected “Ignore”, "Added to Trusted Files " or “Report this to Comodo as a False Alert”. Trusted Files of D+ doesn’t show the infected file and when I tried to access(example: cut and paste) the file, Win 7 explorer doesn’t respond, frozen. Next step restart Win 7 explorer. Okay the file appear at Trusted Files, I deleted it from there but the Real-time scanning doesn’t show pop-up alert at the location of infected file(desktop).
How you tried to resolve the problem: Can not be solved by the user.
Upload Memory Dumps on crash if you encounter any: N/A
Attach screenshots to your posts to clarify the issue further: N/A
Any other information you think that might be useful: N/A
The CIS Security profile your using, and if you imported a previous version of the config: Not imported from previous version. Own “Internet Security” config attached.
The full product and its version: COMODO Internet Security 5.8.206694.2075 BETA
Your Operating System (32 or 64 bit) and Service Pack revision: Windows 7 SP1 x64
Other Security and Utility Software Installed: Malwarebytes 1.51.1.1800
Step by step description to reproduce the issue: Installed Adobe Acrobat X Pro. After the install CIS reported that the program monitor was inactive and to do a diagnostic. I clicked yes to do a diagnostic but the whole system locked up. After reboot the same problem arose.
How you tried to resolve the problem: I was unable to access the program settings at all. I had to remove and resintall CIS to fix the problem.
Upload Memory Dumps on crash if you encounter any: None
Bug: Can’t delete malware found during a scan and cmdagent crashes.
Product and database version: 5.8.206694.2075 and 10064
To reproduce this bug I scan my system for malware and some rootkits are detected.
I click on Clean two popus appear almost immediately. The first is telling me that not all threats have been removed and another is telling me that CIS has crashed.
I attached the dump file that was automatically created when the crash occurred.
Edit: Problems getting the images to appear. Trying some things.
The full product and its version COMOOD Firewall :5.8.206694.2075 ; database : 10072
Your Operating System (32 or 64 bit) : XP SP3 32bit; clean install of OS; all updates done
Other Security and Utility Software Installed : none
Step by step description to reproduce the issue : full install of CIS. Remove Geek Buddy through all Programs > uninstall Geek Buddy.
Config : proactive. Defense+ paranoid. CFW : custom mode. CAV : on access
Launched IE8, access google.com, then PC freeze completely; had to do hard reboot
Opened c:\windows\minidump with notepad, PC freeze; had to do hard reboot
How you tried to resolve the problem : reboot several times; no change
Upload Memory Dumps on crash if you encounter any : attached
The full product and its version: COMODO Internet Security Premium Beta 5.8.206694.2075
Your Operating System (32 or 64 bit) and Service Pack revision: Windows 7 32-bit Service Pack 1
Other Security and Utility Software Installed: none
Step by step description to reproduce the issue: Software doesn’t work fine using sandbox without virtualization and Proactive configuration. I activated Proactive and put my browsers (Firefox, IE) in the list “Always Sandbox” with “Partially Limited” level and no virtualization. when I opened Firefox (or any other softwares that require an internet connection), it showed me a white page and didn’t permit me to surf on any site or page. However my personal settings there were. When I run emule, it gives me an error about “socket” at beginning and doesn’t connect to internet.
How you tried to resolve the problem: I inserted in the list, the plugin-container.exe (Firefox), nothing else about emule. Then I unistalled and cleaned all before reinstalling.
Upload Memory Dumps on crash if you encounter any: none
Attach screenshots to your posts to clarify the issue further:
Mozilla Firefox
Edit by Dennis2: removed the uploaded to well known image hosting site message
Any other information you think that might be useful: I noticed that the problem comes when the software functions involve internet connection. I tried to delete “Windows Sockets Interface” folders in the Defence+ Rules (Protected file and folders) and all worked again; but I didn’t know if this action could give some problem, so I restored the original Proactive Configuration. However the issue was not in Comodo 5.0. It’s arrived with CIS 5.3
The CIS Security profile your using, and if you imported a previous version of the config: Proactive Security not imported
Your set-up
CIS version, AV database version & configuration used: 5.8.206694.2075, AV DB Version 10074, Proactive Security
a) Have you updated (without uninstall) from CIS 3 or 4: No
b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:
a) Have you imported a config from a previous version of CIS: NO
b) if so, have U tried a standard config (without losing settings - if not please do)?:
Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.):
In Firewall Settings:
I enabled IPv6 filtering
I disabled “This pc is a gateway”
I disabled everything except: Protect ARP cache, Block ARP Messages, Protocol Analize
In Defence+ Settings:
All unchecked in General Settings. All checked/enabled in all other sheets
Defense+, Sandbox, Firewall & AV security levels:
D+=Safe , Sandbox=Active , Firewall = Personalized Policy, AV = Optimized
OS version, service pack, number of bits, UAC setting, & account type:
Windows 7 Professional, Service Pack 1, 32-bit, UAC disabled, Aministrator account
Other security and utility software installed: none
Virtual machine used (Please do NOT use Virtual box): NO
The full product and its version: COMODO Internet Security 5.8.206694.2075 BETA
Your Operating System (32 or 64 bit) and Service Pack revision: Windows 7 SP1 x64
Other Security and Utility Software Installed: Malwarebytes 1.51.1.1800
Step by step description to reproduce the issue: Installed Freeware Version of O&O Softwares Disk Image version 4: Download Archive (The web page says version 5 but the download is for version 4 which is now freeware) This prevents CIS from loading at all at startup. Probably an issue with the Disk Image driver loading.
How you tried to resolve the problem: Uninstall Disk Image 4 is the only way I could fix the issue. Once it is removed CIS loads with no problem.
Upload Memory Dumps on crash if you encounter any: None
Unrecognized, autosandboxed apps still able to access Internet by launching default browser when such browser is already running.
The full product and its version CIS 5.8.206694.2075 BETA 3
Your Operating System (32 or 64 bit) and Service Pack revision WinXP SP3
Other Security and Utility Software Installed None
Step by step description to reproduce the issue
a) Switch to default Proactive Security confinguration.
b) Enable Sandbox if disabled.
c) Close all opened browser windows if any.
d) Create file with such content:
start http://www.example.com
save it as bat or cmd file.
e)Launch this file.
f) Our new batch file will be sandboxed and, by execution of “start” command, will launch new default browser’s instance. Browser will be sandboxed also and will be unable to open supplied url (However, in difference with “Internet Security” config, there will be no single alert).
g) Close previously launched browser window.
h) Open default browser as usual, so it’ll not be running in sandbox.
i) Execute our, still unknown and untrusted, batch file again, while browser launched in step “h)” still running. New tab in browser’s window will be opened and url, supplied by bat-file, will be opened.
5. N/A
6. N/A
7. Attach screenshots to your posts to clarify the issue further No screenshots.
8. Any other information you think that might be useful
Tested with Internet Explorer 8/Firefox 6/Dragon 13/etc. all - current stable releases. There is no noticeable differences between “single-process” browsers, like Firefox, and “multiprocess”, ie Dragon, Chromium etc.
9. The CIS Security profile your using, and if you imported a previous version of the config
Default “Proactive security” configuration wit Defense+ and FW in safe mode.
Antivirus is unable to scan files when full path to those files exceeds MAX_PATH characters.
The full product and its version: CIS 5.8.206694.2075 BETA 3
Your Operating System (32 or 64 bit) and Service Pack revision: WinXP SP3, Win7 x64 (Any Windows NT version in fact)
Other Security and Utility Software Installed None
Step by step description to reproduce the issue
a) Create subdirectory structure, long enough to full path name exceeds MAX_PATH (260) characters. (See attached picture for instance) Unfortunately, Windows Explorer prior to Windows Vista is unable to handle such long paths, but this can be done using some file managers, eg. FAR. In Vista and above Windows Explorer can be used.
b) Put EICAR test virus in deepest subdirectory just created.
c) Navigate to root directory and try to scan this newly created directory structure with Comodo Antivirus, eg. using Explorer’s context menu. No threats will be found.
N/A
N/A
Attach screenshots to your posts to clarify the issue further Attached
Any other information you think that might be useful
Possibly CreateFileA instead of CreateFileW was used.
lpFileName [in]
The name of the file or device to be created or opened.
In the ANSI version of this function, the name is limited to MAX_PATH characters. To extend this limit to 32,767 wide characters, call the Unicode version of the function and prepend "\\?\" to the path. For more information, see Naming Files, Paths, and Namespaces.</blockquote>
The CIS Security profile your using, and if you imported a previous version of the config
Any config.
Have reported this before, when BETA 2 was tested, but vulnerability is still exists, so I’ll drop copy here.
CIS allows modification of Access Control Lists of protected registry keys for partially limited autosandboxed and for not sandboxed, but limited in write access to theses keys, applications.
The full product and its version: CIS 5.8.206694.2075 BETA 3
Your Operating System (32 or 64 bit) and Service Pack revision: WinXP SP3
Other Security and Utility Software Installed: None
Step by step description to reproduce the issue
4.1 (with sandbox disabled)
a) Add regedit.exe to Computer Security Policy as “Isolated Application”. From now write access to protected registry keys should be denied.
b) Try to create some value or subkey under any of the protected keys. Operation will be denied by CIS.
c) Now try to change access permissions on any of the protected key using “Permissions” item in the regedit’s context menu (or main menu) while any of these keys is selected. There will be no alerts or something else from CIS and permissions will be changed as requested.
4.2 (with sandbox enabled and unrecognized apps treated as “Partially Limited”)
a) We should find some registry editor, unknown to CIS, so it will be sandboxed at execution. Alternatively, we can modify regedit’s executable file, preferably in DOS stub, so this modified file will be launched in the sandbox. Another alternative is to add regedit to “Always sandbox” list (as “Partially Limited”) with registry virtualization disabled.
steps b) and c) are the same.
N/A
N/A
Attach screenshots to your posts to clarify the issue further No screenshots.
Any other information you think that might be useful N/A
The CIS Security profile your using, and if you imported a previous version of the config
Mixed, described in “4)”
