Defense+ is not functioning properly in 3.0.14.276

I still get Defense+ not functioning properly in the latest version. Any idea how to solve this?

The first thing to try is click Miscellaneous>Diagnostics and see if that fixes the problem. If it still persists, post your security software, OS, and computer details.

Using Avast AntiVirus
OS: Windows XP Professional

What’s it doing wrong?

I am assuming that you are seeing a X on the summary page with the message about Defense+ not working properly. Have you tried the Miscellaneous>Diagnostics route? Finally, is the Avast! version the free or the paid version and how long ago was it installed? You may have to shut Avast! down while CFP is installed.

I also still have big problems with defense +

I’ve installed v3 at home (win xp prof sp2 - win defender - etrust anti-virus 8.1). I’am using the same programs/os at work and there comodo 3 works more or less fine now. The big difference between home and work is the way to internet: at home it’s an usb adsl connection that has to start up every time

At home commodo v3 worked a short time but at a certain moment all programs I’ve started give the message ‘not a valid 32 applic…’. When I turn off defense + I can run my programs. But defense + in learning mode blocks them also with the same error message.

I’ve installed yesterday the patch so now it’s 3.0.14.276. I’ve hoped this would solve the defense + blocking problem but the same problem is still there. But now I receive the message something like ‘you’ve got not the rights to start the applic’ (errormessage is now in the homelanguage of my o.s. so this was a free translation of it) in stead of ‘not a valid 32 applic’

So is there a way to let run commodo in full version without creating own rules etc. The programs on my computer now can be assumed safe, so I only want to be disturbed when I go online

p.s. I’ve ran also the analyse tool, it said it has to fix something but didn’t fix the defense+ problem

Much the same here, fvdcaste - I’ve just posted about it, but I can’t run Diagnostics or anything.
I hope that we get a solution soon!

Just curious, which version of cfp were you both using before installing 276?

In my case first the latest version of version 2 was on it, the automatic update informed that there was a new version: nr. 3 so, I installed that version. And as I wrote above, because of the problems, I 've installed yesterday the patch that upgraded to 3.0.14.276

I think it might be wise to do a clean install, in your case, at least, fvdcaste. Download the full 276 version. But, before you install anything, make sure your system is clean. That means removing all traces of previous cfp installations.

Make sure there are no folders or files left in Program files\Comodo… or Documents and settings\name\Application data … It also means cleaning out the registry.

here’s a link here that may help, although it needs updating:

Manual uninstall

Once you’ve done that, restart, then reinstall cfp.

ok, I’ll try de-install and full reinstall this weekend

I am using avast! home edition.

I even try using clean boot as mentioned at How to perform a clean boot in Windows - Microsoft Support

Hi decrypt - Would you also try a fresh install? I don’t know the details of your installation, but downloading the full version 3.0.14.276 and installing it fresh might help the problem. If you have been doing that, there may be entries in the registry that have not been properly removed by the uninstall process. To check that, uninstall CFP and then edit the registry as follows. Click Start>Run and type Regedit. On the Regedit Menu bar, click Edit and then click Find. Type in Comodo and press Enter. If you have other Comodo products installed, you will have to visually identify the entries that apply to CFP and delete them. If you have no other Comodo products installed, you can just delete all the entries. Then do a fresh install.

I found some regkeys that cannot be deleted. like HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDAGENT etc…

How to delete those keys?

You can ignore the LEGACY keys; they seem to cause not problems.

a clean install does not solve the problem :-[

I suppose we have to ask what we should have started with. What cpu do you have? Are you logged in as an Admin? Did you have Avast turned off when you installed? Do you have any other AV/Anti-spyware/HIPS/scanner software installed? Do you have a boot manager or tray manager? Did you install in safe mode (not recommended)? It is getting to the point that we should be posting a bug report, but there are a lot of questions about what is happening that need to be answered before we can pin down a bug. Sorry that you have had all this trouble. I should have referred you to the list of questions that are good to have as a starting point for this kind of problem, but it seemed a bit rude. Anyway, for reference:
https://forums.comodo.com/help_for_v3/important_how_to_write_help_requests-t14914.0.html

You need to change the permissions setting for that reg-key in order to delete it.

Al

In my case it was OA. I uninstalled it (using Z-Soft), rebooted, then removed all Reg refs to OA and a couple from CFP 2.4.

A clean install didn’t do anything for me either, and I’ve had this problem since CFP3 came out (it worked fine from the start in my secondary PC, but I didn’t have CFPv2 there). I followed the clean-up instructions in the sticky before reinstalling… no change, however.

I’ll provide answers to the questions above to see if it helps…

What cpu do you have?

AMD Athlon 64 3000+
The OS is WindowsXP Pro SP2, 2GB RAM, all drivers up to date.

Are you logged in as an Admin?
Yes
Did you have Avast turned off when you installed?

In my case, I’m running NOD32 2.70.39

I’ve installed CFP with the AV on and off… no difference.

Do you have any other AV/Anti-spyware/HIPS/scanner software installed?

None running in the background. I use Spybot’s immunizations and use it to scan manually, but I do not have not TeaTimer active. I also use Superantispyware for manual scans only.

Do you have a boot manager or tray manager?

Hmm, does Codestuff Starter falls into this category? I do use it to deactivate unwanted startups… I also have disabled Windows’ Security Center service.

Did you install in safe mode (not recommended)?

No.

The following is a list of the running processes (taken from my HijackThis! log):

C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Stardock\SDMCP.exe (all it does is provide support for Stardock's systray icons, namely WindowBlinds) H:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe d:\Program Files\DU Meter\DUMeterSvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe H:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe h:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe H:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\PGPserv.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\PROGRA~1\Mitsumi\7-IN-1~1\FDCRDKsk.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Creative\AudioHQ\AHQTBU.EXE D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe H:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Rainlendar2\Rainlendar2.exe D:\Program Files\DU Meter\DUMeter.exe C:\WINDOWS\system32\rundll32.exe D:\Program Files\Logitech\SetPoint\SetPoint.exe H:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe C:\Program Files\PowerMenu\PowerMenu.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (this is from the Adobe Acrobat installation I believe)

Don’t know if this data will be useful but there it is.

Ed.