Program which interferes with CMF starting up...

Hi everyone,

I thought I would ask the experts here for some help. I know that Comodo Memory Firewall apparently has been discontinued, but nevertheless I thought that I would ask if anyone knows which of the following programs is the one which prevents CMF from properly running.

Over the past week I downloaded a few recommended video programs, plus a HTTP monitoring program for my web browsers. Today I decided to install them, but only after creating a system restore point before installing these video programs and the HTTP monitoring program.

Here is the list of programs which I installed. One of them is the cause of the issue.:


I don’t know which one caused the problem, but after installing them, Comodo Memory Firewall on reboot repeatedly throws an error message about not finding the entry point in USER32.DLL for some sort of function call. I uninstalled all of the above listed programs, rebooted, and uninstalled Comodo Memory Firewall. I rebooted again. Then I tried reinstalling Comodo Memory Firewall and still got the same message (straight from the installer) about not being able to find the entry point in USER32.DLL for whatever the function call was.

I mounted my read-only backup of my computer’s hard disk and compared the checksums for USER32.DLL in the SYSTEM32 directories of both my computer’s hard drive and the backup hard disk. The checksums were identical. Thus USER32.DLL was not modified in any way.

My tentative conclusion is that one of the above mentioned programs permanently installs a dll and/or messes with the registry to take out any form of web browser buffer underrun/overrun protection?

Whatever it is, its sneaky. MalwareBytes Anti-Malware, Spyware Doctor and NAV don’t find anything wrong after full scans. Yet the only way to fix my computer was to do a System Restore to just before I installed the above mentioned programs.

It was late last night when I got my computer restored and Comodo Memory Firewall working properly again. Thus I was too tired to experiment and see which of the above programs is the bad one.

In any event, I think that there may be a new class of malware programs which deliberately and more or less silently try to break various protection programs such as CMF, other firewalls, AV programs, et cetera, by sneakily installing extra DLLs to intercept system calls and without obviously modifying the system registry. I guess that this, more than anything, is what I wanted to bring to everyone’s attention.

Are you running Comodo Internet Security at the same time with Comodo Memory Firewall? That is known to give conflict as the memory firewall is now integrated with CIS.

No, I am not running CIS although I do use other firewall, antivirus and antimalware software. The problem only occurred after installing one of the mentioned apps. Maybe one of the apps installs a dll that intercepts certain calls to USER32.DLL? If correct, that is a sneaky way to block security programs from running correctly.

The only answer I can give is common sense. Install these programs one at a time and see what happens.