Game trainers and comodo

Hey there.
I’ve used comodo for 2 years or so. I’ve also successfully used game trainers, more specifically from cheathappens website alongside Comodo without problems up until a few days ago.
Normally when I run a new trainer a comodo popup window says “will you allow access” etc etc. I click “trusted program” and it then works like a charm. Well it did until 3-4 days ago.
Now I cannot get some of the trainers to work, eventhough I havent done anything new to my system nor used any new trainers or messed with my Comodo settings. I try to run a trainer and it briefly runs for half a second (as seen in the processmanager) but then stops and vanishes. I dont get any warnings from Comodo at all. I think all this started after an automated Comodo update was installed several days ago. So after process of elimination I cannot see that there is anything else but Comodo responsible for this sudden change in functionality. Of course I’m not a Windows guru or programmer or anything but with my current knowledge I cant see any other reason.

I’ve tried to put every trainer and every trainer-folder into the excluded list for AV, Defense and firewall but I still cannot run them. I never use windows built in security and its been disabled for some time.
I’ve tried every trick I know to get the trainer to be excluded from Comodo and put in “safe” category and so on, but I cant get it to work.

I started a thread at cheathappens forums but they in turn referred to the fact that comodo, apparently, has a habit of blocking certain of their trainers and recommended another Security system. I would preferr not to however as I’m fairly pleased with it, excluding this current little crisis.

If I cant get comodo to work I’ll have to remove it and use something else. That is if you guys cant help, though I hope you can. :slight_smile:
But just to be prepared: Is there a comodo removal tool just for uninstallation? I dont want any residue left that could interfer.

best regards.

Does anything show up in your Defense+ logs?

The only updates that happen automatically are virus database updates. Program updates need to be given the OK by the user. There also haven’t been any recent program updates.

There are a couple of things you could try though, but I don’t feel CIS is to blame, because if it was going to block something, it would be blocked from starting. You wouldn’t see it start then disappear.

Have you tried adding the trainers to Defense+ Settings → Execution Control Settings → Exclusions? You could also select the application in your Trusted Files list and try giving them the Installer or Updater profile.

Like I mentioned I tried all the regular “trusted files” list and all that.

After I posted here I tried something else. I put the defense on the highest setting so I could see exactly what happens. A trainer works a bit suspiciously to a regular security program so there is no lack of warnings.

A regular feature of trainers is the installation of “global hook” dpinput.dll. (I’m translating from Swedish so I dont know if “global hook” is correct). After I click “approve” and chose the trainer as “trusted”, it simply closes down with no warning. I’ve tried other trainers that doesnt use this “dinput.dll” and they work perfectly eventhough they are from the same creator (cheathappens).

This might not be a comodo problem, but do you have any tips? :slight_smile:

Hey and warm welcome to Comodo forums Fredster32!

try to put D+ in training mode and if that isn’t enough put the firewall also in training mode for some minutes (10min max).

Regards,
Valentin N

Thank you.

I’ve had the sec-systems on training mode as standard for a long time. I only switched to highest mode today to check out the action behind the scene.

let us know how it goes :slight_smile:

You haven’t mentioned what is in your Defense+ logs.

My bad.

After I switched to the highest sec-setting all it shows is “install hook” "c:\windows\system32". Nothing else. ???

Did you try giving the applications the Installer or Updater profile? And you haven’t mentioned specifically if you added them to the exclusions in Execution Control Settings. This is different than the AV exclusions or D+ Trusted Files.

CIS → Defense+ → Defense+ Settings → Execution Control Settings → Exclusion. (This is written in order to ensure that the person that is asked to perform right actions)

Regards,
Valentin N

My apologies, it slipped my mind.

When I have it set on “training mode” (learning mode?) it doesnt show anything in the logs. When I have it on the highest setting it shows the whole “dinput.dll”, but I cant see if its accepted or declined. Most likely it was accepted.

I do not have execution control activated, but I entered the trainer programs in question into the exclusion list anyways just in case. Still does not work.

I’ve tried setting the application as a “installer/updater”, still nothing.

I realise this might have drifted from a comodo issue to an un-related issue, but could there be something wrong with dinput.dll? Comodo might not hinder the “injection” of dinput.dll into the trainer, but maybe the .dll file is somehow broken or otherwise hindered to do this.

Any opinions? Like I said I’m not a programmer or an expert on windows.

The monthly updates from Microsoft were distributed on 8th Feb, which would be about the time you said you started experiencing problems. Could one of those updates be the cause?

You could try re-installing DirectX, or using system restore to go back to a point prior to the updates being installed.

That could be an option.

I’ll try it. Thanks.

How long do you run it in training mode? Training mode is only intended for very short durations because it will create allow rules for anything and everything that tries to run on your system. Malware included.

You may want to follow the steps in this thread to ensure you aren’t infected.
How to Know If Your Computer Is Infected

I have no virus infections. I scan regularly.

Anyways, I had no systemrestore points from beyond the 12th feb.

I cant reinstall directx as the setup program refuses to do so.

This might help

if this helps I suggest you download CTM 2.9b and install. After the installation make a snapshot; if something goes to help a day later you can return to a day when your computer worked but keep in mind to put your important file on a external device such as sub/ external hard disk.

Regards,
Valentin N

P.S go later after the installaion is finished to settings and make sure that all options within program settings are unchecked/unmarked.

Maybe this trainer doesn’t get on with CIS’s buffer overflow protection. Have you tried excluding the program using the shellcode injections Exclusions (D+ Settings - Execution Control Settings tab)?

WOOHOO! If it were possible I’d kiss you mate! ;D

Yeh that did it. I had the execution control deactivated before so I never thought it was an issue. But then I reactivated it and PRESTO! It of course gave a warning, but after approving warning the trainer started working!
Now thats ironic…After activating a security feature it worked, not the other way around.

Thanks for the help guys!

So this worked? You might have saved yourself a lot of grief if you had just tried this as I asked in Reply #1 and again in Reply #8