GUI mess up after switching accounts, logoff + RDP (V3.5.55810.432 on VISTA X64)

Good afternoon, dear Comodo gurus!

At start my computer config:

  • Windows Vista Ultimate x64 SP1 with UAC enabled
  • COMODO Firewall version 3.5.55810.432
  • Avira antivirus installed
  • 6 RAM DDR2
  • AMD Athlon 64 X2 6000+ CPU on ASUS M2N-E

I’ve figured it out yesterday and will describe it step by step:

  1. Restarting(turning on) my computer, logging in as my account(user which is a member of Administrators group). Everything is fine, firewall starts perfectly, all rules work perfect, all is fine.
  2. Locking my computer by pressing Win+L.
  3. Going at my work, connecting to my home comp via RDP(with 56k modem quality, so 8 bit colors, etc.), doing some stuff and locking the comp by only disconnecting from RDP session(not log off).
  4. Other user logging on locally, from home, which is a member of Users group only. Surfing the net using Firefox and Logging off(not switching).
  5. I connect via RDP again, doing some stuff and then lock the comp.
  6. Finally I come home, log on locally and see such a pucture: see comodoBug.jpg in attachments.

What do I mean?

  • You can see on the screen the tray icon, for sure. As was written here, it indicates that some components of CPF are not running. But main GUI screen say that everything is ok.
  • Next thing - logging screen. It displays only todays log, even if I switch between “Today” and “This week”. I’m 100% sure that there are logs from yesterday(and I definitely will see it after reboot).
  • Next thing - new logs are NOT adding in Firewall events, even if the rule fires, which SHOULD be logged(as there is a needed checkbox).
  • Next thing - newly created rules are NOT working in this firewall “state”. They will work after I reboot and login as myself again. It was happening also yesterday when I couldn’t understand why I can’t connect to my comp via FTP while created all necessary rules AND finally connected just after rebooting my PC.

It all seems to me like some kind of “partially GUI freezing” while the core is still working. It’s like the link is lost between GUI and the core. I don’t know why does it happen, but it definitely connected to vista user accounts.

Will appreciate any comment on it. Thanks in advance, I really respect you, guys, who make Comodo better and better! (V)

P.S.: I’ve tried to make report via your script, but first it gave me the “colection” error, but after I used your “bat-file” workaround, the script hangs up after I try to select CFP Configuration (see screenshot CFPC.jpg). All it could to get is this(XXXXX and YYYYYY - are changed by me user and computer names respectively):

[CIS/CFP Reporting Script Version 0.723.1]

System Information

General Information
User XXXXX Member of {Administrators, Remote Desktop Users, }
Logged on machine YYYYYY at 27.11.2008 1:47:54
MicrosoftR Windows VistaT Ultimate  6.0.6001 SP 1.0
Codepage: windows-1251
Free Physical Memory: 4493MB

Data Execution Prevention Settings
MS Windows DEP Policy: OptOut
Hardware DEP available
DEP enabled for 32Bit Appplications
DEP enabled for Drivers

Vista User Access Control Settings
EnableLUA	1
FilterAdministratorToken	0
EnableInstallerDetection	1
ValidateAdminCodeSignatures	0
EnableSecureUIAPaths	1
PromptOnSecureDesktop	1
EnableVirtualization	1
ConsentPromptBehaviorAdmin	2
ConsentPromptBehaviorUser	1

[attachment deleted by admin]

Hi, J-Pro.
Issue with marked-with-red tray icon after user switching is known bug and will be fixed.

Have you answered any alerts or changed CIS configuration during some of steps described?

Thanks, nice to hear that!

First time - yes, for sure, I was trying to make my FTP server to accept connections. But when I restarted my comp and saw that FTP works perfect, I changed nothing, just worked as usual, then locked the comp, went to work, then my mother logged in her account, etc through steps above.

The thing is, that I do NOT ever turn my computer off(only if emergency or maintenance). So now(just connected home via RDP) there is tha same situation: utorrent works, 50kb/s upload, some download, but Comodo just stays calm and icon is without any animation(as opposed to what I have just after rebboting and logging in). I think there is something wrong in COMODO when switching users… Especially when one user still logged in, but session is disconnected(so firewall is running).

You can see current state of Comodo(system uptime is 1 day, 12 hours) in the attachments.

[attachment deleted by admin]

I want to say about tray.jpg attachment, I’ve post above: such icon was in RDP(8-bit color) session. Maybe that’s the reason of animation absence. But I remember(but not 100% sure) that in the same mode I saw the animation.

And the second thing: I’ve just logged in, home. Windows uptime now is 2 says and 12 hours already. After yesterdays post(the preceding one) nobody was logging in here. So I’ve logged in after RDP session. What I see? I see animated icon(with red/green arrows). I see NO logs, the same 1 entry always(it’s always last if to look at its time). And I’ve tested for new rules: I had one rule for my miranda - allow all. After adding a blocking rule before allowing one and trying to run miranda, the log was changed and the one and only entry changed to “Blocked miranda.exe”.
I’ve also tried to test popups(if new application tries to connect to internet). Found my old application(mail client - jmail.exe), set a rule for it in the application rules: “ASK and LOG for any TCP/UDP connection on any port on any IP”. Tried to connect - no popups, only a log entry(“the only one” changed from “blocked miranda” to “ASKED for jmail.exe …”) appeared. And I should tell you, that NO asking popup was shown.

So, if nobody logs in between my sessions(RDP and local), only log shows its bug - shows last entry always. Also popups can’t be shown(maybe it shouldn’t in my case with jmail.exe?)

P.S.: Just restarted the computer. Have absolutely the same situation - no asking popup(when ASK-rule fires) and only one entry in the log. I should tell you, that it was perfect after restarts only few days ago… (you can see full logs attachments in my other posts)

Please, feel free to tell me what to do to help you found bug.

Please, tell me what to do with it. Because I just need it to know. I want to reinstall CFP, because now I have NO popups at all and whole CFP log consists of only one record - the last event happened(no matter what I select - last month or last week, or today). I don’t like it and want to reinstall CFP. But can’t do it. Just in case you need any information about this already installed version which caused a bug.

Yes, I suggest you to re-install latest CIS. We are working on user switching problems.

It’s very nice to hear that. Thank you very much!

There is still version with Release Date: November 18, 2008 in downloads section(which I already have installed). I’ll wait for the new one then. Or can I find any beta-versions to test for switching users issue?

While I wrote this post, Comodo itself asked me to update to the latest version(which is not yet listed on the web-site, the last one listed there is 3.5.55810.432) . So I’ve updated to the latest one and in About I saw that my CFP version is now 3.5.57173.439.

Should I assume that the new version solves the users switch problem completely or if I face any similar problems again, should I start a new topic like this one, but with hew version in it’s subject field? Or should I continue to post here?

Thanks in advance!

If the problem still exists - continue this topic.

The problem still exists. Everything is the same(like it was in previous version - described above):

  1. No new popups showed. No popups for new programs or for the old defined rules. I’ve again tried to define a rule for a program - “ASK for any connection” and it gave no result - the program can’t connect internet and no popup is shown. BY THE WAY, I’ve done THE SAME thing with the same program and the same version of CFP - asking popup shows up. I have one account there and there is XP SP2.

  2. No old logs are shown! It’s all just like it was before. With one small difference - now it’s not one last log record shown, there are two of them and they’re always last events. No more logs I can access and pages “Last week”, “Last month” are showing me the same two last log records.

  3. New rules do NOT work. I’ve defined my program(which connects to inet) as a trusted and it still can’t connect. But the same on the other computer works perfect! (I assume that like in previous version, this new rule will work only after I restart the computer)

And just as before, these things started to happen after:

  • other users logged in/off few times while my session was active but disconnected
  • I connected via RDP few times
  • I logged in locally few times.

My environment is in my signature.

Suggestions and/or fixes are very needed. Thank you in advance!

Here is my log screen :frowning: Every time I see it - there are always only two last entries :frowning:

I’ve wanted to ask people from COMODO staff… Maybe you can give me some extended(debug) version of CFP, so I could run it with some special logging enabled and next time I face such situation - I’ll have all necessary logs for you! You can really count on me! (besides, I’m a Java Developer, so maybe my knowledge will be useful in this situation).

Waiting for your answer. Thanks.

[attachment deleted by admin]

Good afternoon.

Can you please tell us if there is any progress with this issue? At least, have you managed to reproduce it?

I’m asking because it’s not possible to work for me with new programs(I can’t see seeing the full log) and I should always reinstall CFP to see via the full log if application was blocked. (Few days ago I’ve installed VMware Workstation and it wasn’t able to open/create virtual machines while CFP was working(with defense+ disabled). I still can’t reilize why, because there are only 2 last entries CFP shows to me and these entries are from other programs which are frequently blocked from internet access. Now I should reinstall CFP to figure it out(to see full log). But still it will be working untill first user switch :frowning: P.S.: Making vmware trusted application didn’t help too. Because as I mentioned above, “broken-by-switch-user” CFP recognizes new rules only after reboot)

So it would be very nice to hear if there are some news with this issue or if you have reproduced it. And don’t forget please, that I’m always able to help with any debug info you need!

Thank you very much in advance!

Dear Comodo gurus and developers!

I have waited for some time, tried other firewalls, but for my x64 Vista only Comodo is the best one. I really want to install it back, but the subject prevents me from doing it.

Please tell me what’s the progress with this bug fixing?

Thank you very much in advance!

Just wanted to let you guys know I’m having about the same problems J-Pro is describing. Once I connect to my PC through RDP, Comodo stops showing pop-ups for undefined firewall rules. This causes the connections to be automatically disallowed. For me, a workaround is to exit the GUI in the RDP session, wait a few seconds, and then restart the GUI again. At that time the pop-ups start showing up again.

When I return home and login locally, Comodo continues to be working fine (also if i did not perform the workaround). If I have performed the workaround remotely, the tray icon shows this disabled picture in the icon. This again can be worked around by restarting the GUI.

I find this bug to be quite annoying and hope you guys can figure out what causes the problem. If you need any information from my side, I am willing to provide it.

Using J-Pro’s template for showing my sys specs:

  • Windows Vista Ultimate x64 SP2 RC-Escrow (but bug also existed with SP1) with UAC disabled
  • COMODO Firewall version 3.8.64263.468 (only Firewall component enabled)
  • Avira antivirus installed (not likely to be the cause, as the bug also existed when I was using Kaspersky)
  • 4GB RAM DDR2
  • Intel Core 2 Duo E8400 CPU on ASUS PQ5

Good afternoon!

I just wanted to tell that last Comodo version 3.8.65951.477 has the same issue.

Moreover, my father experienced the same problem on his work computer, but there is Windows XP SP3 installed. The bug shows up just as he enters his computer via RDP or another user enters while his account is locked.

I think that you better know it because of your strong assumptions that it’s only Vista issue.

His work computer config:

* Windows XP Professional x86 SP3
* COMODO Firewall version 3.8.65951.477
* DrWeb antivirus installed (withOUT Spider active)
* Intel(R) Pentiium (R) 4 CPU 3.20GHz

I don’t use Comodo for myself anymore, but check every week if you fixed this issue. Please, spent some time for it, it’s very important IMHO. Comodo is VERY good product, but this issue makes its choise impossible for people who use their computer with another users or RDP.

Thank you very much in advance!