Importing v5.12 FW config in fresh FW instal made Windows unbootable [V6][M381]

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?: I would guess so, but since the bug makes WinXP unbootable I am not going to try to repeat it.
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened: Did a clean install of WinXP-SP3, installed Comodo Firewall v6.1.13008.2801, imported v5.12 FW configuration, rebooted, and the system would no longer get to the welcome login screen. I had no choice but to uninstall Comodo in safe mode in order to make the system bootable again. Please see more details here.
  • If not obvious, what U expected to happen: It’s obvious.
  • If a software compatibility problem have U tried the conflict FAQ?: N/A
  • Any software except CIS/OS involved? If so - name, & exact version: None.
  • Any other information, eg your guess at the cause, how U tried to fix it etc: Based on this thread, I suspect the problem is that my v5.12 configuration has Defense+ disabled, but I don’t know that to be a fact. I have always disabled Defense+ in Comodo in v5.12 and all prior versions.
  • Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware)
    I have nothing to attach aside from the v5.12 configuration file I was importing. This bug renders the system unbootable. To make it bootable again I had to uninstall Comodo in safe mode. Since that isn’t actually possible in safe mode by any normal means, I had to use CIS+Removal+Tool+2013.bat, which is destructive. Please see this posting.
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: Comodo Firewall v6.1.13008.2801 importing configuration from Comodo Firewall v5.12.256249.2599

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV: Everything disabled except for Firewall. Note especially that Defense+ is disabled.
  • Have U made any other changes to the default config? (egs here.): Yes, whatever changes I’ve accumulated over the years in the v5.12.256249.2599 configuration file.
  • Have U updated (without uninstall) from a CIS 5?: No. This was a clean WinXP-SP3 install, so no v5 CIS had ever been on that system. However, I was importing an existing v5.12.256249.2599 configuration file from an old system.
    [li]if so, have U tried a a clean reinstall - if not please do?: Yes.
    [/li]- Have U imported a config from a previous version of CIS: Yes!
    [li]if so, have U tried a standard config - if not please do: No. I have too much invested in the old configuration to be re-entering all that by hand. So, no, I will not be trying the standard configuration. Either I can import my existing v5.12 configuration successfully, I revert to v5.12 until such time as Comodo fixes the problem, or I invest any new effort in moving to a competitor’s firewall.
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used: Windows XP, SP3, 32-bit, administrative account, no VM involved.
  • Other security/s’box software a) currently installed b) installed since OS: a= Avast Antivirus Free v8.0.1483.73 with all functionality disabled except for basic anti-virus (same as was used on previous system running Comodo v5.12.256249.2599)
    b= same
    [/ol]

C. SEVERITY
This bug is both critical and urgent. It renders Windows non-functional. My concern is that all our Comodo v5.12 systems may be rendered nonfunctional if an update is permitted that brings them to v6.x. We run all our systems with Defense+ disabled and have no plans to change that.

[attachment deleted by admin]

Well, that’s unfortunate… my posting above links to this thread in which I had earlier also posted with more details. Suddenly that posting has disappeared without explanation. I would hate to think that a moderator could not grasp the possible significance of two different Comodo products suddenly being unable to import CIS v5 configuration files, particularly when both lepota and I both take the less-than-common approach of disabling Defense+. In case the missing post doesn’t magically reappear, here it is:

My experience is somewhat different than lepota's, but I suspect I've run into the same bug. I did a fresh install of Windows XP SP3, loaded it up with most of the applications I need, and then made the big mistake of installing Comodo Firewall v6.1.13008.2801.

My next step was to reboot the system with the expectation of then importing a backup of the firewall configuration I’ve been using with Comodo v5.12 and many versions prior to it. The first thing I was presented with was several Comodo popups, including the expected dialog relating the discovery of a new network. Obviously I had no need of these popups as I was about to import the configuration I wanted. So, close the popups, right? No. Cannot be done. Why? Well, none of these popups have close buttons of any kind. Seriously, Comodo, uncloseable dialog boxes? :-TD I happen to think the new UI is absolutely horrible, but even aesthetically challenged UI designers know better than that, right? Please fix.

But it gets worse. I drag the uncloseable popups off to the side and use the weird new Comodo UI to import my v5.12 configuration. Done. So I reboot the system. When the system gets to the point where I should be seeing the usual welcome login screen, I get nothing but a black screen, a usable mouse cursor, but absolutely nothing to point at and no response to keyboard activity. My computer is now unusable, courtesy Comodo Firewall v6.1.13008.2801 >:(

Fortunately, I can still reboot into Safe Mode, so I do so with the intent of uninstalling Comodo. No can do. Apparently this requires the Windows installer service, which isn’t available in safe mode. After some painful futzing about, I did eventually manage to get rid of Comodo. I may just install an older version of Comodo, but I’ll look at the competition first. My concern here is that Comodo will eventually upgrade the Comodo Firewall installations on all our computers to this v6 nightmare, at which point all our systems may be wrecked :cry:

Here is why I think my experience links to lepota’s. I too disable Defense+ and always have. In my case the HIPS Settings Mode is 9365502 (0x8EE7FE). The bug in question should be rated Critical and Urgent given the severity of its affect on those who disable Defense+. It has been 3 weeks with no word from Comodo in this thread. May we please have a status update?

With any luck this post won’t vanish too.

In theory this is not supported until the autoupdate release. But you are right, as its such a severe problem QA should know. I will inform them.

Best wishes

Mouse

PM to QA sent

Thank you very much for your bug report in standard format. We very much appreciate the effort you have made to document this bug.

We are sorry to trouble you further but there are some items of information missing or unclear in your post:

A.8 Your watch activity process list
A.8 Your CIS diagnostics file

The reasons we need these items of information, though they may not seem directly relevant to the issue are explained here.

We would be very grateful if you would add these items of information so we can forward this post to the format verified board, where it is more likely to get fixed. You can find assistance using red links in the Format and here. If you need further help please ask a mod. If you do not add the information after a week we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.

In the current process we will normally leave it up to you whether you want to make a report which includes all necessary information or not. We may remind you if we think a bug of particular importance.

Many thanks again

Mouse

I appreciate why you would like that information but, as I stated in my original answer to A.8, I had nothing to attach aside from the v5.12 configuration file I was importing. This bug renders the system unbootable. To make it bootable again I had to uninstall Comodo in safe mode using CIS+Removal+Tool+2013.bat, which is a rather destructive process, thus no files to give you.

I’m sure you can understand why I’m not inclined to wreck my system again in an attempt to get those files for you.

It would be appropriate for you to forward my submission to the format verified board in any case. I did submit in the correct format, unavailable additional files notwithstanding.

I can certainly understand that you would not want to incur further problems.

If you have 5.x installed now perhaps you culd append your active process list instead. Or you can do cntrl-alt-del and post your windows task manager list. If you do please ensure you post the complete list and that all columns are showing.

If 6.0 is no longer installed I’ll pass on the diagnostics file :slight_smile:

Best wishes

Mouse

Thanks, Mouse. At the moment I have no version of CIS installed on that system. My plan now is to finish up some other admin work on the system but leave out the firewall. I will then clone the drive before installing a firewall. We can’t afford the downtime if CIS kills the system again, but restoring from a clone is at least relatively simple, albeit time consuming. Once cloned I’m not sure if I’ll try CIS v5.12 or try something from someone else. Since v5.12 and earlier has been giving me no trouble and I still have its configuration file, that would be the easiest for me if it works, but clone first :wink:

Should I assume you folks couldn’t reproduce the problem when loading my v5.12 configuration into a fresh v6.1.13008.2801 install on WinXP-SP3? If I had the time and knowledge, I would edit that configuration file myself to enable Defense+ to see if that changes anything, but nuking computers is a wee bit too dramatic for me right now.

I doubt this is any help without CIS installed, but the current process list is as follows:

Name Pid Pri Thd Hnd VM WS Priv Idle 0 0 2 0 0 16 0 System 4 8 71 338 1884 240 0 smss 448 11 4 24 4064 420 192 csrss 504 13 15 376 27736 3752 1716 winlogon 912 13 25 589 61520 7512 8820 services 956 9 16 280 25804 5264 1776 mainserv 484 8 3 158 43748 8472 8260 IPROSetMonitor 588 8 2 39 18776 2104 504 smartd 724 8 3 49 22428 2660 828 dataserv 812 8 9 282 235896 65712 73460 ati2evxx 1160 8 4 103 25432 3628 2004 svchost 1180 8 24 237 63124 5208 2796 svchost 1244 8 9 239 35192 4280 1732 svchost 1404 8 71 1531 110380 21936 13516 svchost 1524 8 5 72 30416 3592 1292 svchost 1628 8 11 164 35196 3912 1488 AvastSvc 1676 8 38 850 215764 30776 16940 spoolsv 1928 8 10 129 42336 5156 3300 lsass 968 9 22 375 42436 2876 3848 scrnsave.scr 2512 4 1 14 13096 1392 312 logonui 3044 8 6 177 37764 4012 3176 csrss 1560 13 12 173 22724 3268 1180 winlogon 2848 13 17 273 50432 4032 3756 rdpclip 368 8 4 108 35940 4280 1308 wscntfy 688 8 1 37 27552 2368 564 ati2evxx 2416 8 4 91 27400 3700 2028 explorer 1392 8 15 478 108420 27760 17424 jusched 760 8 2 164 39660 5736 2420 ctfmon 1456 8 1 95 34180 3720 984 AvastUI 2476 8 15 316 98384 13128 12252 soundman 2636 8 2 76 32084 3172 1912 cmd 2720 8 1 34 30884 2968 2068 pslist 3172 13 2 121 29560 2732 1136 apcsystray 2468 8 1 68 36884 7036 5464

Just a reminder: Yes, Avast is installed, but it has everything disabled but the basic anti-virus component and, when installed, CIS has everything disabled but the basic firewall. This combination has always worked well for me on Windows XP up to and including CIS v5.12.

Thanks, that is absolutely fine. It’s good of you to clone the drive so that QA can investgate further if needed.

Should I assume you folks couldn't reproduce the problem when loading my v5.12 configuration into a fresh v6.1.13008.2801 install on WinXP-SP3? If I had the time and knowledge, I would edit that configuration file myself to enable Defense+ to see if that changes anything, but nuking computers is a wee bit too dramatic for me right now.

Unfortunately we mods are just volunteers, it’s Comodo QA that does such testing! If I had a 2801 VM running I would try it now, but I only have my production machine, and well you know :slight_smile:

So I’ll forward now and thanks for supplying all the required information

Best wishes

Mouse

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again

Mouse

Thanks, Mouse. I knew that at least most of the forum sections are modded by volunteers, but I was unclear what the story was for these formal bug reports.

I’m sorry I couldn’t produce more data for you.

BTW, it seemed too obvious to file a separate bug report for, but the corollary bug to this one that also needs fixing is the difficulty of uninstalling Comodo in a scenario like mine. Perhaps you might mention to the developers that they should not overlook fixing that too. I stupidly installed the new Comodo on a production machine one day before a critical need for it, so you can imagine the desperation when I found that I could not uninstall Comodo to get the system bootable again. I did eventually manage it with the aid of a tool of last resort that unfortunately caused additional collateral damage, but it was a scramble to achieve the deadline. An official CIS removal tool bundled with the application that works even when one is stuck with nothing but Safe Mode is a real need here, I think.

In any case, Mouse, your efforts are very much appreciated :slight_smile:

Hi bgx4exfjumrf,

Please help me understand, you did a clean install of XP then installed Comodo Firewall.
This above statement is not entirely correct and is misleading as other applications have been added since the OS re-install, therefore it is not on a fresh install.
A fresh install is classified as OS with no other third party applications added.
These other applications especially other security programs could be very detrimental to the developers being able to reproduce it.

You have also said how the system is loaded with numerous other applications before installing Comodo Firewall.
No chance at that BSOD. System wrecked too fast for that with v6.1

Also why would you have non security applications added and configured on a fresh OS before you have your security applications set-up?
IMO programs like LibreOffice or any other third party applications would not be installed on my system until after I had all my security applications in place and configured.
Reference to the LibreOffice issue found here.
I do not understand why anyone (Layman, Programmer, Developer) would not get their security applications configured before being concerned with installing any other non security applications first on a fresh OS.

The following is not an accusation, rather just a curiosity question.
Do you help with the Development of LibreOffice?

Please help me better understand the above line of events.
Thank you.

Can you please check and see if this is fixed with the newest version? Please let us know whether it is fixed or you are still experiencing the problem.

Thank you.

PM sent.

The devs have been unable to reproduce this behavior. Can you please provide more details about how this occurred.

Also, is this still occurring with CIS version 6.3.294583.2937?

Thanks. PM sent.

The devs have been unable to replicate this. Thus, as the request for further information was not answered, the devs have assumed that this is fixed for CIS version 7.0.313494.4115. I will therefore move this to Resolved.

If this is still not fixed for you please both respond to this topic and send me a PM (including a link to this bug report).

Thank you.