Upgrade to v3 disastrous

Tarun · December 4, 2007, 5:42am

JanPoko post:75:

I asked you (and advised you) several times to finish (debug) version 2.4 so that it is mature soft and you have time to finish v3, which I (from my experience) saw as far away from ready to release.

You ignored it, as you ignored many many other people asking the similiar.

My solution is simple: To release you from the function of CEO immediately! By your bad decision you endangered the good reputation of COMODO (that is so difficult to achieve).

You have had enough beta testers (including me. I wrote about insufficient log module - did you perhaps take it into account? No!) What you needed was more time to test and debug and you yourself threw it away and released v3.

It is very simple. Eventhough the soft seems to be free of charge, many people paid for your unacceptable eagerness by many hours of their lives spent at trying do repair what you spoiled.

Just imagine: Releasing soft, which is impossible to uninstall normally!!! That is almost like writing a malware. People have to clean registry, use scripts, spent hours searching through forums just to learn how to get rid of it.

Melih, you might be a good programer, I do not know. But you are not apt for decision making in this field. Sorry, but you proved it.

2.4 had the User Profile Hive bug where it was not unloaded since the betas, reported all the time and never fixed. It’s still ignored to this day.

Barabek · December 4, 2007, 7:50am

After trying Comodo v3.0.13.268, I instantly saw that this freeware was a beta product released as a final. Like many others, I discovered many Major bugs (the freeware was installed after a fresh xp installation) and installed v2.4 after restoring a backup. The problem with v2.4 is that I experimented another bug: Each time there was a popup asking me if I want to… or not, I wasn’t even able to make a decision and click with my mouse because the popups were disappearing all the time. I was only able to see the popups during approximatly 3 seconds and after… gone.

Instead on focusing on a new version, why not releasing a new v2 with more fixed bugs?

After installing V3, I was really excited! I said to myself “Wow, a new FREE and Fonctional hips!” and after many hours, it was “wh** the f*** is this l*** s***”, “why such a buggy version is released” and “what the h*** is their norm of quality”, “how programmers or beta-testers can’t see those bugs unless…” and more! I was told the same old suspicious song: “those bugs weren’t discovered during the rc test”.

And what about the false publicity at the main Comodo page saying that v3 is rated as the #1 most secure firewall in independent security tests when in fact the test was done with v2.4? : “Comodo Firewall Pro 2.4.18.184 9475 Excellent”. It’s not v3 and btw, v2.4 is not #1 - http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php#firewalls-ratings .

system · December 4, 2007, 9:42am

Actually, you and a few others have the problem, lots do not. As I said in you other posts, it could be caused by a conflict between the applications you run,

system · December 4, 2007, 9:46am

After trying Comodo v3.0.13.268, I instantly saw that this freeware was a beta product released as a final. Like many others, I discovered many Major bugs (the freeware was installed after a fresh xp installation) and installed v2.4 after restoring a backup. The problem with v2.4 is that I experimented another bug: Each time there was a popup asking me if I want to... or not, I wasn't even able to make a decision and click with my mouse because the popups were disappearing all the time. I was only able to see the popups during approximatly 3 seconds and after... gone.

The amount of time a pop-up stays on screen is configurable.

After installing V3, I was really excited! I said to myself "Wow, a new FREE and Fonctional hips!" and after many hours, it was "wh** the f*** is this l*** s***", "why such a buggy version is released" and "what the h*** is their norm of quality", "how programmers or beta-testers can't see those bugs unless..." and more! I was told the same old suspicious song: "those bugs weren't discovered during the rc test".

Some details about your ‘problems’…

Melih · December 4, 2007, 1:45pm

Barabek post:82:

After trying Comodo v3.0.13.268, I instantly saw that this freeware was a beta product released as a final. Like many others, I discovered many Major bugs (the freeware was installed after a fresh xp installation) and installed v2.4 after restoring a backup. The problem with v2.4 is that I experimented another bug: Each time there was a popup asking me if I want to… or not, I wasn’t even able to make a decision and click with my mouse because the popups were disappearing all the time. I was only able to see the popups during approximatly 3 seconds and after… gone.

Instead on focusing on a new version, why not releasing a new v2 with more fixed bugs?

After installing V3, I was really excited! I said to myself “Wow, a new FREE and Fonctional hips!” and after many hours, it was “wh** the f*** is this l*** s***”, “why such a buggy version is released” and “what the h*** is their norm of quality”, “how programmers or beta-testers can’t see those bugs unless…” and more! I was told the same old suspicious song: “those bugs weren’t discovered during the rc test”.

And what about the false publicity at the main Comodo page saying that v3 is rated as the #1 most secure firewall in independent security tests when in fact the test was done with v2.4? : “Comodo Firewall Pro 2.4.18.184 9475 Excellent”. It’s not v3 and btw, v2.4 is not #1 - Learn Bitcoin, buy Bitcoin .

Barabek

You said: " I was told the same old suspicious song: “those bugs weren’t discovered during the rc test”."

Obviously you haven’t checked the forums where RC testers have interacted with us directly thru this forum. its all there, why don’t you check the results yourself? Please let me know if you find anything contradicting what we said.

Also you asked: ““how programmers or beta-testers can’t see those bugs unless…” and more!” Again, why don’t you check the beta forums where all this was discussed in this forum and pls let us know if you find anything contradicting.

False publicity: Again, you must be new to this, we have been there in number 1 position for v2.4 for around 1 year. its just recently changed and our marketing is yet to catch up.

You just want to have a go at us because v3 didn’t work for you dont’ you We understand and we hope you can understand too.

Melih

Tarun · December 4, 2007, 7:08pm

Considering it’s a problem with cpf.exe itself and only those who have UPHClean (made by Microsoft) installed have noticed and reported the issue, it’s inaccurate to say that lots do not have this problem. The only thing it does in fact say is that they are unaware of the issue because they either do not read their event logs or do not have UPHClean installed.

CPF is incorrectly holding onto the User Profile Hives. Upon logoff/reboot/shutdown, these should be released so that everything is properly saved. Unfortunately cpf.exe does not properly release the handles. I have verified this. Users who have reported the issue have properly verified this. I have spoken with Microsoft staff on several occasions and they have verified that it is a problem with cpf.exe. They suggested that the issue be posted here on the Comodo Forums and reported to the Help Desk to get the issue resolved. Oh, and Microsoft took under two hours to reply to the issue when I submitted it; whereas Comodo’s Help has simply brushed it aside for over two months.

Perhaps we need to further and better explain how Comodo is incorrectly releasing the profile hives? Or is the UPHClean log which is in plain, easy to read English too difficult to comprehend?

Event Type:	Information
Event Source:	UPHClean
Event Category:	None
Event ID:	1401
Date:		12/4/2007
Time:		1:04:13 AM
User:		Computer\User
Computer:	Computer
Description:
The following handles in user profile hive Computer\User (S-1-5-21-1845189635-271263077-1858404734-500) have been remapped because they were preventing the profile from unloading successfully: 
 
cpf.exe (784)
  HKCU\Software\Classes (0x7c)
  HKCU\Software\Classes\CLSID (0x80)
  HKCU\Software\Classes (0x374)
  HKCU\Software\Classes (0x3e4)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

What the above is clearly stating is that cpf.exe (Comodo Pro Firewall) failed to release the following handles:
HKEY_CURRENT_USER\Software\Classes (On three different references)
HKEY_CURRENT_USER\Software\Classes\CLSID

The code inside of cpf.exe was not coded correctly for releasing the handles in the proper fashion.

There is no application conflict, it is the sole problem of Comodo Firewall. I’m sorry that you refuse to accept that; but you’re going to have to come to terms that it still has a critical flaw that needs to be resolved.

It pays to be a beta tester with the knowledge of how to find the source of a problem. It also pays to know some people who work for Microsoft programming the hotfixes that we get monthly. I’ve been a beta tester for years, I know what bugs look like. From minor to critical. This bug with the profile hives is a very critical bug and it needs to be resolved, not ignored for more months. It affects Windows 2000 along with XP and Server 2003.

00hmh · December 4, 2007, 7:48pm

Tarun’s post appears to deserve a comment. However, since it is clearly a very specific technical issue, most of us cannot evaluate his post. Surely a response and accountability for an answer is a good thing in this type of forum.

This may be one of many problems where response is to all is not practical, but as a user, I appreciate a community which includes knowledgeable people and would like ot encourage their comments.

OTOH if Tarun is a crackpot (vbg), even then the rest of us have no easy way to determine this and would appreciate Comodo to give assurance they have addressed his concerns adequately. No flame war required.

My point is that the rest of us should be reassured. I am not interested in a debate about whether Comodo techs should be concerned about this problem, just that users need not be!!!

egemen · December 4, 2007, 9:25pm

Tarun post:86:

Considering it’s a problem with cpf.exe itself and only those who have UPHClean (made by Microsoft) installed have noticed and reported the issue, it’s inaccurate to say that lots do not have this problem. The only thing it does in fact say is that they are unaware of the issue because they either do not read their event logs or do not have UPHClean installed.

CPF is incorrectly holding onto the User Profile Hives. Upon logoff/reboot/shutdown, these should be released so that everything is properly saved. Unfortunately cpf.exe does not properly release the handles. I have verified this. Users who have reported the issue have properly verified this. I have spoken with Microsoft staff on several occasions and they have verified that it is a problem with cpf.exe. They suggested that the issue be posted here on the Comodo Forums and reported to the Help Desk to get the issue resolved. Oh, and Microsoft took under two hours to reply to the issue when I submitted it; whereas Comodo’s Help has simply brushed it aside for over two months.

Perhaps we need to further and better explain how Comodo is incorrectly releasing the profile hives? Or is the UPHClean log which is in plain, easy to read English too difficult to comprehend?
Event Type:	Information
Event Source:	UPHClean
Event Category:	None
Event ID:	1401
Date:		12/4/2007
Time:		1:04:13 AM
User:		Computer\User
Computer:	Computer
Description:
The following handles in user profile hive Computer\User (S-1-5-21-1845189635-271263077-1858404734-500) have been remapped because they were preventing the profile from unloading successfully: 
 
cpf.exe (784)
  HKCU\Software\Classes (0x7c)
  HKCU\Software\Classes\CLSID (0x80)
  HKCU\Software\Classes (0x374)
  HKCU\Software\Classes (0x3e4)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
What the above is clearly stating is that cpf.exe (Comodo Pro Firewall) failed to release the following handles:
HKEY_CURRENT_USER\Software\Classes (On three different references)
HKEY_CURRENT_USER\Software\Classes\CLSID

The code inside of cpf.exe was not coded correctly for releasing the handles in the proper fashion.

There is no application conflict, it is the sole problem of Comodo Firewall. I’m sorry that you refuse to accept that; but you’re going to have to come to terms that it still has a critical flaw that needs to be resolved.

It pays to be a beta tester with the knowledge of how to find the source of a problem. It also pays to know some people who work for Microsoft programming the hotfixes that we get monthly. I’ve been a beta tester for years, I know what bugs look like. From minor to critical. This bug with the profile hives is a very critical bug and it needs to be resolved, not ignored for more months. It affects Windows 2000 along with XP and Server 2003.

Hi Tarun,

First of all, we have received your report before and ofcourse evaluated the issue. Besides the fact that we could not reproduce the behavior you observe, CFP.exe does not open or modify any of those keys in the user profile hives. Those keys are of no ineterest to CFP.exe.

It is probably caused by one of the DLL files loaded into CFP.exe process space. And since CPF.exe is resistant to termination requests, this sort of an issue is occuring.

In any case, this is NOT a critical issue and NOT a critical bug with any security/performance/user experience problems. So it will be dealt with when more important issues are resolved.

Egemen

Melih · December 4, 2007, 10:20pm

Tarun post:86:

Considering it’s a problem with cpf.exe itself and only those who have UPHClean (made by Microsoft) installed have noticed and reported the issue, it’s inaccurate to say that lots do not have this problem. The only thing it does in fact say is that they are unaware of the issue because they either do not read their event logs or do not have UPHClean installed.

CPF is incorrectly holding onto the User Profile Hives. Upon logoff/reboot/shutdown, these should be released so that everything is properly saved. Unfortunately cpf.exe does not properly release the handles. I have verified this. Users who have reported the issue have properly verified this. I have spoken with Microsoft staff on several occasions and they have verified that it is a problem with cpf.exe. They suggested that the issue be posted here on the Comodo Forums and reported to the Help Desk to get the issue resolved. Oh, and Microsoft took under two hours to reply to the issue when I submitted it; whereas Comodo’s Help has simply brushed it aside for over two months.

Perhaps we need to further and better explain how Comodo is incorrectly releasing the profile hives? Or is the UPHClean log which is in plain, easy to read English too difficult to comprehend?
Event Type:	Information
Event Source:	UPHClean
Event Category:	None
Event ID:	1401
Date:		12/4/2007
Time:		1:04:13 AM
User:		Computer\User
Computer:	Computer
Description:
The following handles in user profile hive Computer\User (S-1-5-21-1845189635-271263077-1858404734-500) have been remapped because they were preventing the profile from unloading successfully: 
 
cpf.exe (784)
  HKCU\Software\Classes (0x7c)
  HKCU\Software\Classes\CLSID (0x80)
  HKCU\Software\Classes (0x374)
  HKCU\Software\Classes (0x3e4)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
What the above is clearly stating is that cpf.exe (Comodo Pro Firewall) failed to release the following handles:
HKEY_CURRENT_USER\Software\Classes (On three different references)
HKEY_CURRENT_USER\Software\Classes\CLSID

The code inside of cpf.exe was not coded correctly for releasing the handles in the proper fashion.

There is no application conflict, it is the sole problem of Comodo Firewall. I’m sorry that you refuse to accept that; but you’re going to have to come to terms that it still has a critical flaw that needs to be resolved.

It pays to be a beta tester with the knowledge of how to find the source of a problem. It also pays to know some people who work for Microsoft programming the hotfixes that we get monthly. I’ve been a beta tester for years, I know what bugs look like. From minor to critical. This bug with the profile hives is a very critical bug and it needs to be resolved, not ignored for more months. It affects Windows 2000 along with XP and Server 2003.

None of those keys are of interest to CFP. None of them are used in CFP in anyway. Those keys are usually related to windows shell components. windows components loaded to CFP is holding it. It should release it, we suspect termination resistance we built in could be causing this (the defense we built in against termination attacks)

None of those keys are directly used or opened by CFP.exe itself. However, this does not mean CFP does not hold those keys. Those keys can be held by many of the windows shell DLLs loaded into process CFP.exe or any other program.

We will fix the bug according the criticality of them and this is not a critical bug.

hope this clarifies…

Melih

Tarun · December 5, 2007, 12:55am

Well, considering that I get the exact same results with 2.4 on a clean install, even in VMware itself. I would say that you (Comodo Team) are highly underestimating the issue at hand. What really makes me grin is that Microsoft staff have confirmed that this is a critical issue caused by cpf.exe.

There are plenty of logs, from my machine and every machine I own, including the server I have. Does the Comodo team not wish to admit that there is a critical issue with their software? It certainly appears to be that way. Months of being brushed off only to be told here on the forums that “We will fix the bug according the criticality of them and this is not a critical bug.” I do believe you should take into consideration that Microsoft would obviously know best when it comes to User Profile Hives and how their registry functions. Also considering Microsoft developed UPHClean because they have to clean up after sloppy developers (in this case Comodo with their v2.4 of the firewall) to prevent registry issues and problems stemming from what ill-effects Comodo causes to the registry.

Perhaps the Comodo Team needs some insight into how UPHClean works and what it does. See below:

Handles are having to be remapped because of this critical error on Comodos part.

Event 1401 is when profile hives have to be remapped. You will see:

Event Type: Information
Event Source: UPHClean
Event Category: None
Event ID: 1401
Date: 10/26/2004
Time: 9:56:52 PM
User: RCARON2-NC\u1
Computer: RCARON2-NC
Description:
The following handles in user profile hive RCARON2-NC\u1
(S-1-5-21-796845957-1275210071-1801674531-1024) have been remapped because they
were preventing the profile from unloading successfully:

regopenkeyex.exe (368)
HKCU\Software\Classes\Software (0x4)

What gets me is that the Comodo team says they cannot reproduce the error, yet I can install Windows XP SP2 (totally clean, just Windows and nothing more) followed by UPHClean and Comodo, and UPHClean still catches Comodo refusing to release the registry.

USSS · December 5, 2007, 1:33am

I have been running UPHClean for the better part of 5 years on an old desktop system. Specs: Windows XP Pro SP2, 500 MHz PIII, 384 MB RAM, 12 GB HDD, Kaspersky Anti-Virus 7.0.0.125.

More recently I installed UPHClean on a ThinkPad T43 (submodel 2687-D3U). Specs: Windows XP Pro SP2 on 1.84 GHz Pentium M, 512 MB RAM, 60 GB HDD, Kaspersky Anti-Virus 7.0.0.125.

CFP 2.4 has previously been installed on both systems, and both were upgraded to CFP 3.0 about two weeks ago.

More than 100 applications of various shapes and colors, including those from Microsoft, are installed on both systems.

Event Viewer logs for the past 30 days for both systems show NO events caused by CFP.

What does this prove? You tell me.

adric · December 5, 2007, 11:08am

It proves that he has a problem with UPHCLEAN and you and I don’t.

Al

JanPoko · December 5, 2007, 3:53pm

Melih post:76:

JanPoko

here is my question again

"Again, as I asked cdogg, we would love to learn from your experience and please tell us how we could test a product for millions of users with different configurations with h/w and s/w in a QA environment. We would love to hear from you! For the benefit of other users, pls put your years of experience to a good use and tell us how we can test it. You can give us test cases or configurations if you like. We are open to any suggestions as to how we can improve our testing for the millions of different combinations of h/w and s/w out there. "

Can you tell us or not? You will either continue talking negatively and provide nothing valuable to the readers, or you will help everyone by choosing to answer.

which is it?

or perhaps, you don’t have a solution, because you simply can’t test all the possibilites of incompatibility that exist in the wild due to such a huge variety of h/w and s/w combinations in a QA environment!

Again, if you have a solution as to how to do that, I am all ears! I think the whole world of QA will be all ears!!..

OK, you seem not to be listening at all to what people are saying to you.

I gave you some initial hints (longer testing, listening to users, etc) FOR FREE.

Now, your soft is free too, but your work IS NOT. So I suggest that you send me your financial offer for QC/QA analysis and proposal of improvements. Than we can come to some deal. In any case, the first step for improvement will be installation of someone (more) responsible and apt as supervisor over your team.

And please, stop complaining about insufficient no. of beta testers. You have hundreds of pages full of remarks, wishes, complaints just here, on this forum. It is not true, that you corrected all the reported errors before going out with v3.

IT IS SIMPLY NOT TRUE!

The only apropriate response from you should be apology to users, your resignation and hard work on some position, you are fit for.

JanPoko · December 5, 2007, 4:14pm

Oh dear!
Now even you must be blushing a bit, don’t tell that not!

Variability in configurations is handled by means of standards, interfaces, unified architecture, so your “million” argument is simply false.

BUT:

Surprisingly, most problems appears to be with standard configurations of a common user who would never hack their systems in some weird way.

BUT:

QA dptmnt would surely not eliminate any existing software errors, it is not its job! A functioning QA department would never allow for the situation, where reported errors are not eliminated before the product goes out.
YOU DID EXACTLY THAT !!! Kindly stop lying and whining about insufficient support from your testers, insufficient support is what YOU provided.

BUT:

Enough! You will find so many grateful and diplomatic supporters in this forum, that you do not have to listen to someone completely dissapointed and dissatisfied. That, after all, is what you have been doing all the time. My email is I think accessible to you, so if you really feel hurted and in need of responding, you can use it. Your responses so far have not been truthful and I am not going to get accustomed to such a level of discussion. Eventhough it might be quite diplomatic.
Bye.

USSS · December 5, 2007, 4:27pm

In more than 35 years as a marketing and public relations consultant, I have periodically experienced difficulty in convincing some clients – which include CEOs – that the customer is NOT always right. Eventually, most of them finally understand that THEY sometimes have to FIRE a few customers because they are no longer worth supporting, despite management’s best attempts to resolve their problems.

Melih Abdulhayoglu is the CEO of Comodo. NOT you.

JanPoko, YOU are fired.

Moderators, this thread has probably run its course and, certainly, it has deviated far from its initial topic. After JanPoko has been given a final opportunity to respond, I recommend that this thread be closed as it no longer serves its original purpose.

JanPoko · December 5, 2007, 4:30pm

I take it.
Bye

Melih · December 5, 2007, 6:27pm

JanPoko post:94:

Oh dear!
Now even you must be blushing a bit, don’t tell that not!

Variability in configurations is handled by means of standards, interfaces, unified architecture, so your “million” argument is simply false.

BUT:

Surprisingly, most problems appears to be with standard configurations of a common user who would never hack their systems in some weird way.

BUT:

QA dptmnt would surely not eliminate any existing software errors, it is not its job! A functioning QA department would never allow for the situation, where reported errors are not eliminated before the product goes out.
YOU DID EXACTLY THAT !!! Kindly stop lying and whining about insufficient support from your testers, insufficient support is what YOU provided.

BUT:

Enough! You will find so many grateful and diplomatic supporters in this forum, that you do not have to listen to someone completely dissapointed and dissatisfied. That, after all, is what you have been doing all the time. My email is I think accessible to you, so if you really feel hurted and in need of responding, you can use it. Your responses so far have not been truthful and I am not going to get accustomed to such a level of discussion. Eventhough it might be quite diplomatic.
Bye.

"Variability in configurations is handled by means of standards, interfaces, unified architecture, so your “million” argument is simply false. "

this is funny!!!

Which standards do any security vendor follow when they write code to eat into the heart of the OS exactly?

Please… JanPoko… I respect and appreciate you and your efforts, but please… it is very obvious that you don’t know how to test code for millions! Your statement that you will use the standards, interfaces, unified architecture is pure dream and has no relation to reality! What standards do any security companies follow when writing code for compatibility with other security vendor’s product, can you pls point me to it? Ok I will make it easier: Can you pls point to us which standard (as if there is any) has lets say webroot, or kaspersky or norton followed. Is there a Worldwide Security Products Compatibility Protocol Standard that I am missing? If so pls point me to it!

Melih

PS: USS, you gave JanPoko an easy way out! He claimed, I called his bluff, now he is back pedalling and not providing what I asked him! Firing him is an easy get out clause!

I still am waiting for an answer from both people: JanPoko and cdogg!!! Come on guys!!! For the sake of millions of users out there, come and help and answer my questions!!

Netman · December 5, 2007, 9:04pm

Thanks for the workarounds for 100%CPU consumption and system slow down.

Has the cause for CFP asking the same thing again and again (despite of the ‘remember this answer’ option being checked) found yet, and is there a temporary fix for that ?

Thanks

Matt

USSS · December 5, 2007, 9:11pm

Heh . . .well, Melih, time is money. But some CEOs enjoy a good verbal sparring match from time to time, and who am I to deny them?

Seriously, I respect your passion and desire for high customer and user retention rates. It just sometimes demands more work than it’s worth. However, you’re certainly savvy enough to pick your own battles.

Regards.

Melih · December 5, 2007, 9:31pm

LOL…

thanks USSS

Melih