Kojo JAR installer disables Defense+


Win7 x64, Java 7u3 x86

Running Kojo JAR installer.

If Defense+ is in in Inactive or Learning mode - all goes okay: Windows asks for UAC Escalation and then installs application.
If Defense+ is in Clean PC mode, then it asks about the program (which user can classify as Isolated or system but neither as Trusted nor as Installer, which it was) and after that - freezes. CFP.EXE takes 100% CPU single-thread (33% on 3-core CPU), Comodo GUI became partially unresponsible, UAC escalation is not asked for, installer delasys for long and then reports it was run without admin priveleges.

same when run AMD Catalyst new version installed.

It unpacked itself, then it should launch unpacked EXE but i cannot see it and see cfp.exe 33% CPU load instead…

I installed it on Win 7 SP1 x86 but it does not reproduce here. It runs as Trusted/Installer. See image with Active Processes.

Do you have sandbox enabled or disabled?

[attachment deleted by admin]

buiilt-in sandbox is disabled, i have Sandboxie for long time.

recently during deintallation of Firefox Win64 14a1 got similar cituation.

  1. intaller just did not show any windows
  2. cfp.exe process could not be cilled, though it did not took 33% CPU
  3. Comodo GUI could not be launched and “learn mode” could not be engaged.

then finally it just crashed

[attachment deleted by admin]

In the attach trails of attempts to install some development libraries from Mitov.com to Delphi XE2.

“2 blocked intrusions” are installer actions, that Comodo seemed failed asked user for, nor it could auto-detect they are installers (i remember some advertisement told that Comodo 5.x detects installers automatically)

I could only brought up GUI a while after i terminated installers.

Next is typical picture, Comodo shows me 3 “unknown” files, and if i switch to “Clean PC” mode it asks me to review them - but the list is empty.
Maybe they belong to path that si no more accessible, or have some specific characters in name that make Comodo GUI layer go nuts ? dunno.
To me they are just three ghosts.

I turned to manual start Windows Defender service, maybe would change something.

Also TeamViewer service is running, don’t know if it may interfere.
At least previous version was known to interfere with Embarcadero Delphi debugging sessions.

[attachment deleted by admin]