Event Log Flooding

Comodo Internet Security - CIS Resolved/Outdated Issues - CIS
1

Since the update to the latest version of CIS (10.0.1.6223) the Administrative Event Log is flooded with error messages. Every second are around five to 10 entries of the same type:

cdmagent error id 1
“The descrition for Event ID 0 from source cmdAgent cannot be found.
Either the component that raises this event is not installed on yor local computer or installation
is corrupted…”

“Error in checking url, hr = 0x8007139f”

This is very annoying because it makes it impossible to view any other error messages.
I did not have this error message before the update to the last version so i would assume that this is no configuration problem.

Please advice on how to fix this error
Gemikro

2

Hi Gemikro,
We will investigate.
Is that the full description as it ended in “…” ?
May you please also share diagnostic report as suggested here ?

Thanks
-umesh

3

Hi umesh,

no, just cut it at this point, its not the exact text, i have a german windows so i looked up the englisch translation.

Here is the error message in xml:

  • 1 2 16 0x80000000000000 149214 COMODO Internet Security Max
  • Error in checking url, hr = 0x8007139f

There are currently over 4000 in the log, all the same except the date of course.
I had a similar behaviour about two years ago but that was fixed with an automatic update of Comodo firewall at that time.
Diagnostic did not find any problems. I can send some excerpts from the report but i would rather not send the whole file, privacy concerns…
I have Norton AV installed in parallel but never had any problems in running both programs in parallel up to now.

4

OK, let me see if team has something to suggest based on error.

Thanks
-umesh

5

I went through the system logs and found only one more error in Security Log that seems to be related to Comodo (i assume guard64.dll is part of Comodo ?). In this case the entries are created only once immediately after booting:

Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.

File Name: \Device\HarddiskVolume4\Windows\System32\guard64.dll

  • 5038 0 0 12290 0 0x8010000000000000 14304 Security Max
  • \Device\HarddiskVolume4\Windows\System32\guard64.dll

Neither chkdisk nor sfc /scannow found any issues though.

6

Hi,
Please re-check for this issue in latest v6246:
https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-v10016246-hotfix-released-t119759.0.html

Thanks
-umesh

7

Hi Umesh,

unfortunatly after installing the update i still get the errors in the log.

There were no errors immediately after rebooting the system upon installation for about 2 hours but they reappeared after the second boot and are now logged with the same frequency as before.

Error in checking url, hr = 0x8007139f

8

Found out something new:
When i switch to the default configuration in advanced settings the error seems to be gone.
Even if i switch back to my imported configuration from the previous version there is no error as long as i do not reboot.
If i reboot with imported configuration the error is back.

  • Gemikro
9

Sorry, this is not fixed fully.

It will be resolved in next release.

10

Hi Umesh,

installed 10.0.1.6254 today and finally it seems that the log error messages are history :-TU

Thx,
-gemikro

11

Good to know.
Thanks