Conflict between Google Chrome (6.0.422.0) and COMODO Firewall (4.1.150349.920)

Hello,

I would like to report what may well be a bug in what was at the time CIS’ latest version (4.1.149672.916). I just updated to version (4.1.150349.920) and the problem remains.

I am in the middle of a complete reinstall of my computer and just installed Google Chrome’s latest version with CIS’ firewall running in the background. I am using Windows XP Pro SP3.

Chrome crashed on first launch. On second and subsequent launches, it cannot open any page, which keep loading indefinitely.

Thank you, in advance, for your attention and follow up.

Please see this FAQ, here.

Best wishes

Mouse

Thank you, Mouse, for this link.

I understand the benefits of sandboxing navigators and actually thought Chrome already included this technology. I tried adding Chrome to the CIS’ sandbox but Chrome still appears to be blocked by CIS.

How come other navigators like IE or Firefox are running fine and not Chrome? Shouldn’t they be unblocked by default?

The FAQ indicates what you need to do to run Chrome and Dragon in the sandbox - you need to use the -no sandbox and -single process switches. If these don’t work please do say!

If chrome won’t run out of the sandbox, then that’s a different issue, & we’ll need to investigate. Runs fine on my machine!

Best wishes

Mouse

Thank you for your early reply. :slight_smile:

The issue on my computer is indeed that Chrome cannot open web pages, even out of the sandbox. It starts ok but cannot open even the default home page. Now, could the origin of such a behavior be that I did’t activate the learning mode before installing Chrome? CIS was running in Secure mode at that moment.

Well, you should not need learning mode to install something standard like Chrome. Please post a screenshot your D+ logs and we will try to help from there.

When you installed Chrome did you get an ‘unlimited access’ or ‘elevated privs’ alert, and if so how did you answer it?

I’m assuming the installation was done using 4.1 not 4.0?

Best wishes

Mouse

Same here, google Chrome stopped working since I upgraded to Comodo 4. It opens but can’t seem to connect to webpages, although it has full network access.

Have you updated to 4.1.xxx.920? Similar problem with Dragon (when run sandboxed) fixed now for me.

Best wishes

Mike

yes I did, in fact, it was the first 4.x build I installed , chrome still does not work

To help me help you both please submit the information requested: here.

Also please could you provide the information I have requested in this topic (see above).

Many thanks

Mouse

Hello, Mouse,

Sorry for the late reply: I had to temporarily restore my system prior to installing CIS because of the start menu issue that prevented me from working on my computer.

Please find attached a Comodo Firewall Pro Configuration Reporting Script. Is that what you were expecting?

Should you need additional information on my present configuration, please let me know.

Thanks for your help.

Fantasio

[attachment deleted by admin]

Thanks for the config file, that information will be useful for the devs. To help you, and for the devs to investigate the bug we need the following information:

  • A screen shot of your D+ logs after reboot and attempting to run Chrome. Please make sure all information is visible
  • Any information requested here which you have not yet posted.
  • To know whether Chrome has been accidentally installed or updated virtualised. This is quite likely to have happened if you ran Chrome manually sandboxed and virtualised under version 4.0. Hence my question about 4.0 above. Alternatively if you cannot remember, please check the folder c:\Vritualroot\chrome.exe (misspelling intentional) and subdirectories for the chrome executables like chrome.exe itself. If they are present then you have a virtualised installation. You will need to ask for help from a mod to reverse this.

A list of your chrome add-ons may also be useful to enable bug replication.

Unfortunately I am away for a week now, but given this info another mod will probably be able to help you.

Best wishes

Mouse

Hello,

Please find below the additional details you requested in order to investigate this bug.

  1. 32 bits

  2. Windows XP Pro SP3 up to date

  3. A-squared Anti-Malware

  4. All I did was install Chrome, with Comodo Firewall running in the background.

  5. Did nothing except restart my computer and retry running Chrome.

  6. I am using the default settings

Firewall mode

  • Secure Mode
  • Low alert frequency
  • Block freagmented IP datagrams

Defense+ mode

  • Secure mode
  • Low alert frequency
  • (Third tab, please check attached screenshots)
  1. I am using an administrator account

I attached screenshots. About the D+ logs, they do not seem to change in any way when I run Chrome.

I couldn’t find the c:\Vritualroot\chrome.exe.

I hope this will help. Thank you, in advance, for your attention and follow-up.

Kind regards,

Fantasio

[attachment deleted by admin]

Please find also my exported D+ logs together with a dump file generated by Windows upon the crash of Chrome. I hope it is relevant.

[attachment deleted by admin]

Thanks. No obvious solutions. But a few things to try.

  • Untick 'block fragmented datagrams then reboot
  • Diable all real time monitoring by A squared then reboot, if this does not work uninstall A squared then reboot
  • Disable rocket dock then reboot

This will enable us to eliminate some possibilities.

Did you turn on display of hidden and system files before looking for C:\Vritualroot\chrome.exe? If not please do so and have another look.

Best wishes

Mouse

Hello, Mouse,

Here is what I did :

Action: I unticked ‘block fragmented datagrams’, rebooted then ran Chrome
Result: same problem

Action: I excluded Comodo Firewall from A2 Guard (my Anti-Virus) monitoring, rebooted then ran Chrome
Result: same problem

Action : I disabled all real time monitoring by A squared on start-up, rebooted then ran Chrome
Result: same problem

Action: I disabled rocket dock on start-up, rebooted then ran Chrome
Result: same problem

Q: Did you turn on display of hidden and system files before looking for C:\Vritualroot\chrome.exe? If not please do so and have another look.

A: no, indeed, I hadn’t enabled the display of hidden and system files. Thanks for remindind me. But the ‘Vritualroot’ folder was nowhere to be found. Does Chrome normally create such a folder when it runs? Or is the folder created by Comodo Firewall? I never sandboxed any browser under Defense +.

Instead of uninstalling my AV, I uninstalled Comodo Firewall. Chrome worked fine again.

Action : to make sure that the problem was not caused by my AV upon install, I disabled all real time monitoring by A squared on start-up, rebooted, then reinstalled CIS (without the AV module), only the firewall with Defense +, just like last time; I restarted upon prompt, then launched Chrome. All this without A2 Anti-Malware running in the background.
Result: the problem remains. All other browser work fine.

Shall I try uninstalling CIS and try installing Comodo Firewall? Have you tried replicating this bug with Chrome’s and CIS’ above mentioned builds?

Thank you again for your attention and follow-up.

Fantasio

Thank, Fantasio for your careful and clear report. Much appreciated.

I had a similar problem some time ago, but it was caused by Chrome installation files having been virtualised by a previous CIS version.

Unfortunately if C:\vritualroot does not exist on your system, this cannot be the problem in your case. Since resolving that problem I have had no difficulties with either Chrome or Dragon.

However there is an apparent contradiction in you account, which we need to clear up before proceeding. AT one point you say that “I tried adding Chrome to the CIS’ sandbox but Chrome still appears to be blocked by CIS.” but at another " I never sandboxed any browser under Defense +.". If you had sandboxed a browser using ‘Add a program’ or ‘Run a program’ under D+ using CIS 4.1 or late CIS 4.0 versions using the default settings you would have a folder called c:\vritualroot, unless the CIS installation was corrupt. If you installed under early 4.0 you would have a C\sandbox folder. Both would be hidden folders.

So I guess we need to clear this up before proceeding further, if you don’t mind.

If possible, and not too much hassle, uninstalling A squared would also tell me whether the problem was a ‘mutual’ problem or just one with CIS. Multiple security packages commonly conflict. CIS on its own is quite good enough security, so no need to worry about protection meantime.

Best wishes

Mouse

Best wishes

Mouse

Thank you, Mouse, for this early repy.

You are right, I did add Chrome to the sandboxed applications once, only to find out that it had no effect on my problem, so I later on decided to remove it from this list.

Under my current settings - after removal and reinstall of CIS’s Firewall with Defense + - no application is sandboxed, which can explain why the C:\Vritual Root directory is not there. In other words, I am currently using CIS under its default settings.

Security software do indeed tend to conflict with one another, which is why I decided to keep A2 Anti-Malware as an AV and uncheck Comodo’s AV in the CIS package. I thought Comodo Firewall could somehow play nice with A2 just like my previous firewall (Online Armor) did. Again, what is surprising is that only Chrome is affected by this issue. Other browsers run smoothly with no apparent conflict between CIS and A2 running in the background. Why do you think that is?

I might consider switching to CIS (AV + firewall) altogether. But as long as one avoids installing two AV on my system - which are indeed prone to mutual conflict -, I think one should be entitled to tailor one’s protection by combining “best in class” software on specific functions : the best AV with the best firewall and expect them to work together since they should be totally complementary.

Thank you for your support.

Fantasio

I understand your feelings on this. But in fact CIS is much more than a traditional firewall - defense plus intervenes in software processes in real time using similar methods to a real time AV, and so may conflict. So I guess how you proceed from here depends on whether you most wish to clarify the bug and have the potential for a more secure system long term, or find a solution for your immediate needs as stated.

To find a solution for your immediate needs as stated I’d suggest ticking ‘disable defense plus permanently’, and rebooting. This will leave you with a traditional IP firewall. Chrome will probably run.

To track down this bug, and have the potential for the most secure solution in the long run, I’d suggest uninstalling A squared temporarily. Seeing if this resolves the problem then re-installing it. If it doesn’t solve the problem then we will look elsewhere -there are still a number of possibilities. If it does then we may be able to find a way to prevent the ‘deadly embrace’.

Much is made of AV, which is a ‘default allow’ technology but most real security experts would prefer to be protected by default deny system protection software like Defense plus. ‘Don’t let it do anything at all risky unless I say so’ is the only really secure approach in an ever changing malware world.

Best wishes

Mouse

Thank you, Mouse.

I will wait for the expiring of my subscription to A-squared Anti-Malware in a couple of weeks then proceed as you suggested.

Best wishes

Fantasio