Firewall update question


I have been installing comodo firewall on our new domain laptops. these machines are generally used off site and we would rather not give users admin rights on the laptops. i have installed comodo 3.13 on these machines as the admin user. however when the updates bubble comes up saying that there are updates available my users try and start the update but it ultimately fails as they don’t have the correct rights, but then after that the firewall does not seem to run properly - the comodo agent does not start running properly and it prompts you to run the diagnostic agent - which of course you can’t run as a normal user… see attached screenshot

i can’t drag all the users back into the office everytime there is an update to the software, and i would rather not give all my users the admin password…

what is the best way to stop the update messages from appearing? or is there a way i can help them to update the software without giving them the admin password?

any help much appreciated


[attachment deleted by admin]

First of all the program cfpupdat.exe needs to have admin rights. That is the actual updater.

Not sure if this is of any help:
AV not working and Local System Account

This issue is know by the developers and they are looking at it. The issue didn’t exist in version .424 and .427, but started showing up intermittently in version .432 and also now in .437. I have two Vista Ultimate computers configured exactly alike and only one of them is affected by this issue. There is a workaround for this, however it doesn’t seem to work for everyone.

Go to Control Panel → Administrative Tools → Services and scroll down to Comodo Internet Security Helper Service. Right click on this service and go down to the Properties and left-click it. This will bring up a window with 4 tabs. Go to the Log On tab and search for your login account. The procedure that you have to follow to successfully change from Local System Account to This Account is not necessarily self-intuitive, if you have never done it before.

You may know exactly what you are doing, but I found that this process was not exactly straight-forward when I did it. I don’t mean to waste your time, but the step-by-step procedure is listed below.

After hitting the ‘Browse’ button, a ‘Select User’ box opens up. In the window under ‘Enter the object name to select (examples)’, enter your login name exactly as it appears on the login screen at bootup. Then click the ‘Check Names’ button. Now “computer name\login name” should appear in that same window. Click the ‘OK’ button near the bottom. That should bring you back to the Log On tab, with the radio button to the left of ‘This Account’ filled in, and in the window to the right of that should be “.\your login name”. Click ‘Apply’ and a popup opens to alert you to enter your password if you use a password for your Windows logon. Then you have to enter your login password again to confirm. After doing all this, you have to reboot the computer for the account change to take effect. Now CIS version .432 or .437 should allow you to manually update the virus definitions.

There is an entire thread about this problem on Anti Virus Bugs\Can’t update virus database CIS 3.5.55810.432 [Merged Threads].


thanks for your reply, but we are only using the comodo firewall product. or is this updating agent valid for both the firewall and the antivirus?


ok further to your other reply i changed the Logon account for the COMODO service, however when i restarted it gave me problems suggesting that it need to run the diagnostics, which i ran a couple of times and then when it said that it had fixed all the problems it has changed the service Logon account back to the local system account…

Cfpupdat.exe is the updater for the program not for the AV. The av gets updated by cmdagent.exe.

I have no experience in working with Comodo under multi user and LUA for the users. I will ask the other mods to take a look.

Hi jdmc43,

The best way would be to go to CIS GUI, Misc, Settings and turn of “Automatic check for program updates”.
This will stop checking and balloon message.

If you only use firewall there’s no need to update 3.13 anymore, there will probably be no more bug fixes on the firewall engine, all fixes lately where only AV related.

Hope this helps,