Comodo Internet Security v11.0.0.6704 - RC

Have the same issue with Windows not recognising Comodo FW is turned on after restarting Windows.

welcome shane its include firewall only install

AnyDesk still has a problem connection to other desks if the firewall is on. Version 10 did not have this problem.

The rest is running fine by me.

Thanks for all the really helpful feedback everyone.

The dev team is looking into this issues.

You most likely need to configure the global rules to allow incoming connections to the anydesk listening port.

The following Metro App opens in this RC build, but does not open in the latest stable with the ‘Metro Apps’ Ignore rule disabled in the Auto Containment settings.

Was this application somehow added to a whitelist?

Asphalt 9

https://forums.comodo.com/defense-sandbox-help-cis/access-is-denied-error-when-trying-to-upload-file-t122686.0.html

Kind regards,

Reece

Now that 6704 RC is public, I am replying to PremJK here, who asked me for my event logs and screenshots for my Windows 10 x64 (17134.285) system which is still showing the wrong messages that Comodo is not active.

Details:
About 2 or 3 reboots after installing CIS 6704 RC, I noticed that only one instance of cmdagent.exe was running rather than 2. Shortly afterwards the false messages about Comodo being disabled began to be seen.

Screenshots from the security center are attached. I will send the event logs in a moment.

All the same. I confirm.

Also in response to Prem JK, I’ve found the following interesting entries related to cmdagent (used as part of the protected process) in my event logs.
I hope this helps, let me know if you need more info (these are from Windows 10 x64 17134.285)

I list below some items from the event log that sound suspicious…

Service: COMODO Internet Security Protected Helper Service
Will not start (even though set as auto start).
Shows error 1053:

When trying to start it:
Windows could not start the COMODO Internet Security Protected Helper Service service on Local Computer.

Error 1053: The service did not respond to the start or control request in a timely fashion.

Messages in event viewer that sound suspicious are:

ID 3033:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\COMODO\COMODO Internet Security\cmdagent.exe) attempted to load \Device\HarddiskVolume4\Program Files\COMODO\COMODO Internet Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

ID 7009:
A timeout was reached (30000 milliseconds) while waiting for the COMODO Internet Security Protected Helper Service service to connect.

ID 7000:
The COMODO Internet Security Protected Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

ID 4338:
Error HTTP read from download.comodo.com/cis/download/updates/release/inis_5160/common/StopServiceLauncher.exe.7z, httpCode: 404 Error Code: 0x80070002 (The system cannot find the file specified.)

ID 4339:
Error HTTP read from download.comodo.com/cis/download/updates/release/inis_5160/common/StopServiceLauncher.exe, httpCode: 404 Error Code: 0x80070002 (The system cannot find the file specified.)

I also see the same events in the system log.

Shane, Welcome to CIS/CCAV Forums.

You had introduced CFW offline installer with the previous beta. This RC has CIS installer only. I hope there will be CFW offline installer on the final release.

Shane, after the final release, I hope to see a new beta version soon with the 2 promised features-

  1. Ask option for Containment like in CCAV.
  2. Auto-Containment alert appears only the first time, it should appear every time until the user click don’t isolate on the alert like in CCAV.

And, can you provide Comodo Alerts option instead of Windows 10 Alerts on Windows 10 systems?

And, I have installed this RC version on Win 10 64 bit. I have installed CFW install only.
I tried eicar, potentiallyunwanted and cloudcar from AMTSO.
All were Auto-Contained and then Quarantined. Auto-Containment Alerts appeared but Cloud Anti-Virus/Quaranine Alerts didn’t appear. Please look into this.

Regarding my investigations into the errors of Comodo being detected as not running, I think I’ve made a breakthrough… I’ve just sent this to Prem JK:

Hi PremJK. I think I’ve made a breakthrough…

Following my looking at the event logs last night (which referred to problems with Code Integrity) and the messages about dbghelp.dll, I tried renaming dbghelp.dll in \program files\comodo\comodo internet security.
This was to prevent cmdagent.exe from trying to load it. As soon as I did so, the “COMODO Internet Security Protected Helper Service” started immediately. :slight_smile: And there are now 2 instances of cmdagent.exe running in Process Explorer :slight_smile:

One thing I have remembered is that shortly after installing build 6704 I installed KillSwitch, is dbghelp.dll installed by that? Could that be the issue? Does it install an incompatible version of dbghelp.dll?

Mike

I agree with that, but let them to focus on the v 11 release now, since people are downloading a bugged and nearly unusable version from website.

An excellent find. It’s strange why the user should look for it. After renaming dbghelp.dll, the “COMODO Internet Security Protected Helper Service” service starts without error 1053 and integration works.

Thanks DeathCat - the clue was in the event log! :slight_smile:

My hunch (that I’ve mentioned to PremJK) is that KillSwitch (if you install it, which I had done a few minutes after installing 6704RC) is installing the dbghelp.dll which then causes cmdagent.exe to fail to start as a protected service.

Strangely the copy of dbghelp.dll in Comodo Internet Security’s directory is NOT signed by Microsoft, but is signed by Comodo!

Hi MikeDiack,

Yes, you are absolutely right. Its a great find.

We have fixed this issue and fix will be available to verify.

Kind Regards
PremJK

Thanks Mike and others for your input, greatly appreciated.

We’ll get an RC2 too ready.

Hi PremJK,

The issue with cmdagent taking up around 17% of my CPU has come back whilst using this RC build.

Have sent you a PM.

Kind regards,

Reece

Hi Reecen,

I have replied to your message. Please provide requested logs when issue is reproduced.
Thanks in advance.

Kind Regards
PremJK

I wonder whether it’s normal that the COMODO service takes about 20% CPU usage in daily use. My CFW version is 6606.