HELP! Comodo Firewall doesnot initialize properly after update to 5.0

Hello,

I need help. Just updated from Comodo Personal Firewall 4.x to 5.0.
Here seems some kind of problem that I am not able to fix.
Clicking on the firewall icon at tray, I open the main panel. On the left bar yellow exclamation icon lights sayin g firewall is initializing, it takes several min utes , then it turns red and says COMMODO Application: Agent is not running. If I click the Run diagnostics button, dialog box appears afterwhile saying that diagnostic tool revealed some problems. Asking to fix them I chose YES. Then I get a message about diagnostic tool fixed all problems, and saying to restart computer. But after restart I get the very same problem. Again let fix, again restart and so on and so on.

Please help me to get FW working properly as I need internet connection permanently and it seems to block some applications now ;(((((

thanks for any help

How did you update from 4.x to v5? Did v4 get uninstalled when you ran the v5 installer?

Try a clean installation. Uninstall v5, reboot and run this clean up tool. Then try again.

I didnot uninstall 4.1 because I didnot want to lose my rules
So I don’t know if three left kernel from 4 still running
I’ll check it out, thx.

I have got the kernel running after about 4th diag fix/reboot. But after half a day it turned status red again. However the firewall is running now. Does the cleanup script remove all my rules also? Can I save them some way?

No way
Problem persists.

What I’ve done:

Uninstall CIS via Windows control panel
Reboot
Run CIS Clean-up Tool.bat
Reboot
Run CIS Clean-up Tool.bat
Run cfw_installer_x64.exe
Reboot
FW Main panel status was green
Set network rules for several applications
Reboot
FW Main panel status yellow(initializing), after several minutes RED!!!
Then Diag->FIX->Reboot-> Red again and again

Don’t know what’s wrong, pls HELP

Are there other security programs or network related programs running in the background? Try disabling them.

We are gonna take a look to see if there are some old drivers of your previously uninstalled security programs are still around. Go to Device Manager → View → show hidden devices → now look under Non Plug and Play drivers → when you see a driver that belongs to your previous security programs click right → uninstall —> reboot your computer.

When the problem persists make sure there are no auto starts from your previous security programs. Download Autoruns and run it.

This program finds about all auto starts in Windows. This tool can therefore seriously damage Windows when not handled properly. After starting push Escape and go to Options and choose to hide Windows and Microsoft entries, to include empty locations and then push F5 to refresh.

Now check all entries to see if there are references to your previous security program. When you find them untick them. After unticking reboot your computer and see what happens.

The firewall behaviour is following: If it has status red, I execute diagnosis and let it to fix it. Then I reboot and CIS seem to start properly (status green). After some hours it turns red for unknown reason to me. Then I let diag fix it, reboot and firewall status is green again for some while, till it turns red again.

Only security software installed at present I know about is SuperAntiSpyware without runtime protection. ie. it doesnot run at background.
These programs are hooked to network adapter or use own network adapter emulator: PGP Desktop, VMware virtual adpater, Sony-Ericsson USB Ethernet Emulator.

Okay, I found no suspicious or outdated drivers. Except that most device there are cryptic or undeterminable for me.
Only I found there are these two devices which I am unable to determine if they’re from old firewall or not:

COMODO Internet Security Firewall Driver (running)
COMODO Internet Security Helper Driver (running)

About the AUTORUNS:

COMODO Internet Security COMODO Internet Security COMODO c:\program files\comodo internet security\comodo\comodo internet security\cfp.exe

Anyway despite the red status CPF seems to be working. It asks for unknown applications permissions and network traffic is working also.

Please for solution. I haven’t this problem with CPF 4.1.

What happens if you disable “PGP Desktop, VMware virtual adpater, Sony-Ericsson USB Ethernet Emulator”? Does that help or not?

Hello,

I cannot find PGP driver hooked to network adapter.

These are services I unchecked at LAN network adapter:

VirtualBox Bridged Networking Adapter
VMware Bridge Protocol

Moreover I disabled VMware Virtual Ethernet Adapter for WMnet1 + VMware Virtual Ethernet Adapter for WMnet8 in Device Manager

Comodo Firewall seems to start OK (green) now for three times in a row, this looks promissing.
But there is still chance status turns red after some hours of uptime. I’ll give a report about this later.
Bad thing is that even if disabling all VM adapters would resolve the CIS problems, I cannot consider this is as an acceptable solution since I need the virtual drivers for virtual machines network access.

What exactly does the Agent not running message mean? It’s confusing CPF seems operating despite it’s agent not running. Does CPF create a logfile to see what’s wrong?
Does the diag feature create a log since it seems it is able to determine the problem?
I’m missing any detailed information about the “agent not running” problem.

[attachment deleted by admin]

Enabled back VirtualBox VirtualBox Bridged Networking Adapter since this is what I need

After reboot status OK

Uninstalled WMvare Player so all it’s drivers are gone

After reboot problem is back so I would say it has nothing to do with virtual network adapters

Instead of this I looked to services control panel and found COMODO Internet Security Service is NOT(!) running. So this is most probably the culprit. I started the service manually and restarted COMODO Internet Security control panel → Status is OK now.

So the problem is COMODO Internet Security Service starts only sometimes.
Why is so and how to force it to start?

You can set a service to restart after it crashed in the Recovery tab in properties.

On a side note. When running CIS in VB it will not work properly because VB does not emulate all OS functions.

I kept the following note in my Opera browser. It might be of help.

AV not working and Local System Account Source: https://forums.comodo.com/anti_virus_help/comodo_internet_security_wont_update_its_virus_definitions-t31097.0.html;msg223549#msg223549

This issue is know by the developers and they are looking at it. The issue didn’t exist in version .424 and .427, but started showing up intermittently in version .432 and also now in .437. I have two Vista Ultimate computers configured exactly alike and only one of them is affected by this issue. There is a workaround for this, however it doesn’t seem to work for everyone.

Go to Control Panel → Administrative Tools → Services and scroll down to Comodo Internet Security Helper Service. Right click on this service and go down to the Properties and left-click it. This will bring up a window with 4 tabs. Go to the Log On tab and search for your login account. The procedure that you have to follow to successfully change from Local System Account to This Account is not necessarily self-intuitive, if you have never done it before.

You may know exactly what you are doing, but I found that this process was not exactly straight-forward when I did it. I don’t mean to waste your time, but the step-by-step procedure is listed below.

After hitting the ‘Browse’ button, a ‘Select User’ box opens up. In the window under ‘Enter the object name to select (examples)’, enter your login name exactly as it appears on the login screen at bootup. Then click the ‘Check Names’ button. Now “computer name\login name” should appear in that same window. Click the ‘OK’ button near the bottom. That should bring you back to the Log On tab, with the radio button to the left of ‘This Account’ filled in, and in the window to the right of that should be “.\your login name”. Click ‘Apply’ and a popup opens to alert you to enter your password if you use a password for your Windows logon. Then you have to enter your login password again to confirm. After doing all this, you have to reboot the computer for the account change to take effect. Now CIS version .432 or .437 should allow you to manually update the virus definitions.

Hi EricJH !

I have setup the service to restart 3 times in case of failure. Despite that the CIS service is not running. This points me to that the service didnot fail but even didnot start.
It may be caused by many reasons, maybe a service or driver or hw it depends on not yet ready.
This is likely as the service starts lately without problem from services CP.
Does it require access to all hard drives? It takes quite long before my external drives get ready.
In this case the service should count with it, ie. wait for respective driver or service or HW to get ready instead dying silently. This is definitely not good.

Anyway if the CIS service is set to start automatically, it should be running and there’s something wrong if it doesnot. At least it should log somewhere or popup an error why it has not started. I would be thankfull if Comodo fixed this behaviour as this service not started gives me headache as it is very uncomfortable to open services control panel on each startup and manually start CIS.

If I understand things correctly the problem arises with the virtual box drivers enabled. If that is the case you found a bug.

To be certain we are looking at a bug here please disable the VB drivers and check your system’s behaviour on several reboots.

No, probably I didnot write clearly.
The problem occured even after uninstall of VMware completely.
CIS is running on host HW, ie. not on virtual machine. This is just presence of Virtualizing software which installs own emulated net driver.

For now with certainty I can confirm the service doesnot start reliably under some conditions although it is setup to autostart. This behaviour by itself is no good, especially more by security kernel service. it should be more importune to start or atleast broadcast an error.

I cannot reboot atm but I’ll do so asap to find out VirtualBox driver influcence and also starting the service under users credentials.

Hello,

here are my results:

I confirm that CIS agent doesnot start always.
I confirm that the service didnot start at least once with VMware uninstalled and also VirtualBox service unchecked from my net adapter (if there;s an option how to disable it completely please let me know, I don’t see any VB driver in device manager)
For now I confirm the service startted always under my account’s credentials (about 4 times).

So that could be the solution, but it isn’t. Starting CIS service under my credentials causes some side effects: starting and shutting off Windows takes too long (~10mins), moreover I get tray icon notify about failure to connect to Windows service. Probably there’s a problem starting some services at logon screen (it may be to soon). I saw in eventlog occassional problem with starting another service which was missing some dll which however is present). It may be related to CIS problems.
I don’t have time now to browse thru eventlog but on any case I would appreciate fix more aggresive CIS agent svc starting which probably will not resolve services problems starting generally but at least it may force CIS firewall to start:

I suggest the service will give more timeout if there’s device or service it depends on not ready.
Also I suggest it to make an alert or log record why it couldnot start.
And at last point I suggest the CIS Control panel self should try to start CIS service if it doesnot run.

Service Control Manager created two records for CIS start problem:

EventId 7009:
By waiting to connect COMODO Internet Security Helper Service service timeout reached (30000 ms).
EventId 7000:
COMODO Internet Security Helper Service service failed to start due to following error: Service did not respond to control or starting request in time.

Can you please post the diagnostics report?

Hello, where can I find diagnostics report?

Ah sorry forgot, that only works when diagnostics can’t fix the issue.

Can you please tell us what your Hard Disk setup is?

Are you running software mirroring or something similar?
Maybe a screen shot of the disk layout from disk-manager would be nice…

HD setup:
1× internal SATA-II drive
2× external USB2.0 SATA-III drive

Not using any mirroring

I wrote already in relation to starting CIS service which were suddenly woken up from power saving mode.
It takes quite long to both ext drives to become mounted and ready (30 sec or more)