Struggling to implement solution to known bug

Hi I’m new to this forum, please be gentle.

I have already searched and found the bug that I seem to be experiencing with Comodo Firewall after having just installed it but I don’t know how to implement the solution. I’ve found the Computer Security Policy within Comodo and the explorer.exe entry but unsure where to go from there. Could someone break down the following for me please into easy to understand steps.

The start->all programs menu in windows XP inacessible -

If you go to Computer Security Policy, is explorer.exe allowed to install global hook %windir%system32SHELL32.dll? If no, then allow explorer.exe to do so. It should fix the problem for you.


I recommend installing the new version, version 3 is very old. Many bug have been fixed. first of course I recommend uninstalling version 3 using revo uninstaller ( free version) set to moderate. Then installing version 4.1

Version 4 is installed, its just that I searched the forums/internet to find the problem I was having and that bug fitted the problem exactly. It works some times and other times nothing.

well then this is a known bug on computers running XP and version 4.1, comodo is working on a fix for this as we speak.

At least its not just me then, thats a relief. Yes I should of said that I’m running XP MCE.

I can put up with it for a while as the software apart from that seems solid/good. Is there any timescales for the fix?

I don’t know but I would imagine they are working on it as fast as possible.

I’ve added the link to the bug now

Wont the solution in this thread work?

It might, give it a try.

That’s the thing, I don’t know how to do what it’s saying.

try this from Mouse1 first

Navigate to Defense+ ~ settings ~ monitoring settings tab

Then untick: Windows/Winevent hook monitor

You may or may not need to reboot

Devs have been told about this bug, but I will re-iterate.

I recommend installing the new version, version 3 is very old. Many bug have been fixed.
You mean that some minor firewall/defense+ bugs have been replaced by a major sandbox bug?

As far as i am concerned, cis3 works flawlessly under xp sp3, and you are actually advising that it should be replaced by cis4, so as to be sure that start menu won’t work anymore? (This same behavior exists if applying excessive defense+ settings in cis3, but at least you can reverse them).

This is a very contestable comment from a moderator, making a general rule of a particular failure, whereas in the general case (mine, and the one of lot of other cis3/xp users), the only general rule is always the same computing general rule: never change whatever as long as it works.

Sorry buddy but version 4 in my opinion is more secure then version 3 because in a stock configuration it has more setting enabled and there is no security sandbox problems, are there compatibility problems yes (and they are getting fixed) but no security problems.

Thanks, will try this tonight. Not sure where it came from though ???

stock configuration

I don’t know about 4.1 “stock configuration” but both 3.0 and 4.0 stock configurations (outbound allowed in this last situation) are lousy in my opinion, and you have more generally noted that a lot of people have wished in 4.x the sandbox installation only as an option.

For sure, denying access to xp start menu is not a security issue, and even if i understand it shall be fixed, it has about the same absolute level of security then the power off button, as it forbids one of using his computer.

A lot of the bugs that you are referring to have been quoted by some users as real security issues and, even if some might be very theoric and if only a small part could apply in the “real world”, i am using Comodo and not criticizing it by stating that, like every security software, it has some security flaws, whereas we read everyday in this forum that Comodo is the only security software having none: this is not very serious.

It is not fair to compare only “stock congurations” (themselves not “of one piece”, as one can e.g. choose between internet and proactive security, not providing the same security level), and more largely opens the question to know if such a stock configuration should be significatively less secured in order to be more user friendly.

That workaround seems to have worked. Will this effect the firewall performance of the software though?