What you did: upgraded from CFP 3 to Comodo Firewall 5
What actually happened or you actually saw: almost everything works, but all OpenGL software that I have tried (specifically, Future Pinball and Google Earth) goes into “software emulation” mode - very slow
What you expected to happen or see: I expected them to work as they did under CFP 3
How you tried to fix it & what happened: I have added both folders containing the executables to the Defense+ Execution Control Exclusion list, I have added both executables to the Defense+ Trusted Files list - no change in behavior
If its an application compatibility problem have you tried the application fixes?: I haven’t found any specific application fixes related to this. I have tried the generic application fixes in the Defense+/Sandbox FAQ
Details (exact version) of any application involved with download link: Google Earth 5.2.1.1588, Future Pinball 1.9.20081225
Whether you can make the problem happen again, and if so exact steps to make it happen: yes - run either program mentioned (using OpenGL mode in the case of Google Earth)
Any other information (eg your guess regarding the cause, with reasons): the OpenGL graphics board is an Nvidia Quadro FX 3700, driver version 190.38;
UPDATE: I have now updated to the most recent driver version, 259.81, with no change in behavior
Files appended. (Please zip unless screenshots).
Screenshots illustrating the bug: GoogleEarth.jpg
Screenshots of related CIS event logs and the Defense+ Active Processes List:
A CIS config report or file.
Crash or freeze dump file:
Your set-up
CIS version, AV database version & configuration used: 5.0.163652.1142 (Firewall only)
a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?:No - did an uninstall/reinstall, N/A
a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?: No, N/A
Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here. ) none
Defense+ and Sandbox OR Firewall security level: Defense+=Safe, Firewall=Safe, Sandbox=Disabled
OS version, service pack, no of bits, UAC setting, & account type: XP, SP2, 64-bit, N/A, admin
Other security and utility software installed: Vipre
Virtual machine used (Please do NOT use Virtual box): I use VMware, but this is running directly on the host, so it’s probably not relevant in my case
a) answer to this question:
4. Other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here. )
b) There are application compatibility fixes relevant to this problem, so we would be grateul if you would try them out. If the driver is not being sandboxed, then the problem probably can be resolved by either fix number 3 or 4 on the list linked to in the format. POssibly also by unticking ‘block all unknown requests’. Here is the link to the fix list here.
Accordingly, from the information you have given I am not clear whether this is a bug/issue.
For the moment I will transfer you to help so you can work through this issue and hopefully resolve it. Please ask any mod to move this report back to the bugs forum if it becomes clear that it is a bug/issue.
Thanks for the attention and help, but I started a thread about this (https://forums.comodo.com/defense-sandbox-help-cis/opengl-problems-with-comodo-firewall-5-t64579.0.html) 10 days ago in the help forum and have had no replies. I edited the bug report to indicate more clearly that I have tried the “generic” application fixes in the FAQ (I meant that I hadn’t found any specific application fixes that appeared to apply to this). I also edited the report to make it clearer that I have not made any other major changes to the default config. By now I’m pretty sure that this is, at a minimum, an issue that no one has reported before, so whether it’s a true “bug” or just an incompatibility that can be fixed with appropriate config changes, it’s going to need a developer to reproduce it and see what’s actually going on under the hood. How do I go about contacting a mod to move it back to the bug forum?
Sorry needed a little while to think about this. Before moving to format verified I need a little more information.
Under 3. a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?. Did you mean: a) = No, b) = N/A
If not, would you mind trying a clean reinstall using the process described: here. You can back up your settings first by exporting them using ‘manage my configurations’ But don’t re-import before seeing whether the problem is resolved.
If this does not resolve the situation could you append please:
2. Screenshots of related CIS event logs and the Defense+ Active Processes List:
I guess I’m not clear as to what you’re intending for me to do now. The original install of ver. 5 was a clean one (uninstalled CFP 3, installed ver 5) with no config imported. While I didn’t follow the indicated “clean reinstall” procedure precisely (I ran all my commonly-used programs gradually, rather than making a concerted effort to run them all at once, and I dealt with the issues and alerts one program at a time, rather than in a batch), I really don’t see anything in the reinstall procedure that is significantly different from what I did at initial install. I can do a reinstall if you really think that will help, but it’s pretty time consuming and I won’t have a chance to do that until after the first of the month (some deadlines coming up).
As far as the Defense+ logs, etc., I’ll be happy to send those, but I’ve looked at them and don’t really see anything at all relevant - the executables in question show up in the Process List but no events show up in the Defense+ logs.
Needed a clear answer to 3 (a) - which I now have thanks to your response. You given one answer to two questions. Could have assumed what you meant, but you know the old saying… I have now changed the format.
Re the logs and the Active Processes List. We need this because often devs can see things that you or I cannot. CIS is too complex for you or I to be able to be sure they show nothing interesting
apl1-3.jpg are screenshots for the Active Process List at the point where Google Earth has exhibited the problem. d+e1-5.jpg are screenshots for the entire Defense+ Event log.
BTW, one suggestion I would have is an Export Debug Info button that would save these sorts of logs in a format directly usable by the devs so that they don’t have to rely on screenshots of windows that have to have the columns set correctly to make all the info visible, etc. Just a suggestion, but I’ve found that sort of thing extremely helpful in debugging for my own users…
They show one possible source - you have quite a lot of processes including some probably from Nvidia - running with sandbox level=disabled, verdict=unknown.
If you add these to Trusted files and reboot, you may find the problem is solved. Nvpdsvc seems likley to be from Nvidia. But to be sure you should make all these files trusted, presuming you do trust them.
I have resolved this issue - it turns out to be a registry permissions corruption on a particular key. Unless CFP caused the registry problem (which I doubt) this one has nothing to do with CFP - only a coincidence of timing that it didn’t manifest until I upgraded CFP. How should I go about officially marking this one “solved?”
