Whats up with Comodo (the previous version of 2.xxx) [Resolved]

Up to this morning, it was fine. BUT, suddenly, I found out this morning, it was blocking me from getting anywhere or doing anything on the net!

I couldnt even use a browser, as it went nowhere.

The only thing, I could do was ping.

I had to uninstall Comodo, to get onto the net. Which is how I got here, to type this.

I’m going to guess that it’s a delayed result of the recent MS updates (perhaps you didn’t get those last week?), and that as a result, svchost.exe has been denied access to the internet (which would mean no connection for anything else from that point on).

There have been no changes to CFP v2.4, so nothing from that end of it should have caused any problem. I know, however, that the MS updates changed a large number of system files/processes - including the all-powerful svchost.exe - and have been giving users fits ever since.

Several have reported that they uninstalled and reinstalled CFP and have not had any issues since. If you do so, I advise using SafeMode for both uninstall and reinstall so that there won’t be any software conflicts during installation. Also, choose Automatic mode for reinstallation.

I would not advise (in this scenario) using the registry export script to backup all CFP settings, as this will bring Application Monitor rules right back in - and we really don’t want those saved. If you already backed up those settings and plan to re-import them, you might want to remove all AppMon rules, then run the Scan for Known Applications.

LM

LM, or anyone for that matter, if you can find the other topics about the M$ updates deal, let me know so I’ll merge them. (I’m literally mentally exhausted right now.) From now on, instead of pointing to x and y threads, I’ll merge everything to this one. Another mega merge like with error 106. We don’t need 3 million more threads on the same thing. I’ll even sticky it if I have to…

I doubt the MS updates were the prob. It would have happened after I updated. It didnt.

Those were installed WAY before now.

And everything was fine till this morning.

Hey Speedy, anything blocked in the log? Any blocked rules in Application Monitor that might be of peculiar interest?

I’ve uninstalled it now, and deleted its folders.

Since I couldnt do anything when Comodo was running.

Ok, I uninstalled and reinstalled it in safe mode. So far so good.

Just have to get windowsupdate to work now!

I’ve put in the rules for it, it didnt work.

So, I’ll have to do it again.

One manual method is to set the Alert Frequency to Medium or higher than that and allow each AppMon alert (and of course you should reset it back to your desired level afterwards).

Nup installed and reinstalled Comodo, like 3-4 times to see if Windowsupdate would work. It didnt.

Kept on bringing 0x80072EE2 up.

Which means misconfigured firewall. Even tho, I had added the 2 entries needed to network whatever it is.

So, I’ve removed it again. And hopefully v3 is better and will do things better than v2.xx

And its still bringing up this 0x80072EE2 error. Even tho Comodo isnt installed.

How do you get rid of the rest of the ■■■■ Comodo puts in the registry?

I’ve just noticed that even tho Comodo has been removed / uninstalled it still shows its on in security centre. Even tho Windows firewall is OFF. How do you remove it from here?

Does it show something being BLOCKED IN listed in the log when you try to update such as “update.microsoft.com”? If it is listed then I think you need to make a rule to ALLOW IN and use that hostname as the source. When I was using version 2.4 I remember having to make a rule like that to get Windows Update to work from the browser.

jasper

I think the hostname rule method is in one of these:
** FAQs/Threads - Read Me First **:

[b]Windows Updates Doesn't Update[/b] https://forums.comodo.com/index.php/topic,1632.0.html https://forums.comodo.com/index.php/topic,1702.0.html https://forums.comodo.com/index.php/topic,1955.0.html https://forums.comodo.com/index.php/topic,6518.0.html https://forums.comodo.com/index.php/topic,6579.0.html https://forums.comodo.com/index.php/topic,6836.0.html https://forums.comodo.com/index.php/topic,7866.0.html

I did allow windowsupdate twice, like what one of the mods here stated

Rule 1:
Action : Allow
Protocol : IP
Direction : In
Source IP : Any
Destination IP : Host name: http://*.update.microsoft.com
IP Details : Any

Rule 2:
Action : Allow
Protocol : IP
Direction : In
Source IP : Any
Destination IP : Host name: https://*.update.microsoft.com
IP Details : Any

These should be above the block rule in the list of netwok monitor rules.

It still didnt work. I’ve removed Comodo again so cant tell u whats in the log.

Now it looks like ■■■■ comodo is still somewhere even tho I’ve uninstalled it. Because it shows in security centre. Even tho XP’s firewall is OFF!

I think this is why its still blocking WU, coz some part of comodo is still installed! Even tho I’ve uninstalled comodo.

Where or WHAT do I have to do to kill it from security centre?

The “update.microsoft.com” should be the source IP and not the destination IP in your rule.

As far as Comodo still being listed, it has been discussed in another thread on how to clear that out. Let me see if I can find it for you.

jasper

I got that info from here so if I’m wrong so is the person who put it in this forum.

Here is a thread that tells exactly how to get rid your Security Center problem. There is also a script there that will do it for you if you don’t want to use a command prompt.

https://forums.comodo.com/help/rebuild_repository_folder_to_recognize_comodo_resolved-t2479.0.html;msg19751#msg19751

jasper

Ok that is very possible. You have a default rule that is in place when you install version 2.4 that allows all TCP/UDP traffic out. That rule covers anything that wants to go out. MS Update needs to get in so that it can check your machine to see if what updates you need.

If you want to reinstall the firewall, once you get the Security Center thing fixed, I will be glad to help you with any problems.

jasper

Hmm ok ta. The entry for Comodo has gone from Security Center. now.

One prob left this annoying 0x80072EE2 error, which is a timeout error.

And can happen, if you have a firewall.

Only thing is, I dont have a firewall installed atm, and the only firewall installed now is XP’s.

I’ve just tested (from a site), that I can download this http://windowsupdate.microsoft.com/v4/iuident.cab

And a download dialog does come up, so I’m not the prob.

It also says windowsupdate maybe in the hosts file (it isnt I’ve just checked).

I’ve just checked with LSP fix to see if something is wrong. Its fine.

It says it could be a router, I’m not on broadband so this doesnt apply.

It also says it could be Symantec / Norton Internet Security, this isnt installed either.

i’ve just typed ipconfig /flushdns as a site says to try this…I may have to close this before I can see if this fixes it.

So you can’t access Windows Update no matter what firewall is installed?

Ok, are you possibly getting a yellow popup at the top to install something such as an ActiveX control and possibly missing it?

Is Auto Updates (set to Automatic and started) and Background Intelligent Transfer(set to Manual but not started) enabled in Services (Start>Run>type “services.msc” without the quotes).

jasper

I can access WU, its midway thru scanning for updates, this error comes up.

Altho I dont know why this error is appearing with XP’s firewall.

BITS is on what you said, so is Auto updates.

I have been to Windowsupdate previously (and it DID work previously), and I am up to date with updates atm.

I also, just tried adding the windowsupdate sites to trusted sites, still the same error.

I uninstalled Comodo off of these PC’s not too sure whether there’s stil remnants of it (on the other PC yet). My flatmate is on it atm. So, may have to check tomorrow. I may also have to dialup from this PC, just to check whether its her PC, or just this PC thats giving me this error.

Her security center seems to be ok tho, as it says Windows firewall is ON, not like what it said on this one. It said Theres more than 1 firewall when XP’s firewall was ON. BUT, said Comodo was on, when it wasnt even installed. And XP’s firewall was off.

I thought IE may have been the prob, so tried firefox with the IETAB plugin, same error. So, I reset IE 7 altogether, thought that might fix it, it didnt same error.

Finally fixed it!

I deleted the legacy entries in the registry, belonging to Comodo.

Rebooted tried again and windowsupdate finally worked.

The legacy entries must have been screwing / blocking something up. Or they were corrupted.

And things seem to have SPED UP since removing those entries.

It took at least 1/2 an hr for windowsupdate to do something.

And it used to take at least 30 secs to move aroound a site. When those entries were in the registry.

Compared to now - 3-4 secs…After I removed them.