Scan with SuperAntiSpyware Causes BSOD

[Guest]

[Chiron494]

Yesterday I ran a scan with SuperAntiSpyware Free Edition and my computer developed a BSOD. I ran WinDbg to analyze the mini-dump and it identified the probable cause to be cmdguard.sys. This is a Comodo file. I tried running the scan with SuperAntiSpyware again and once again I got a BSOD with the same file being identified as the problem. I am unsure whether this is a bug on my computer or a compatibility problem between Comodo and SuperAntiSpyware. I am attaching both mini-dump files. I have also attached a picture that shows the Defense+ Event of the SuperAntiSpyware scan.

I am using:
    32 bit CPU
    Windows XP 32 SP3
    My only real time security program is CIS 3.11.108364.552.
    Defense Plus is set to Safe Mode. AV is set to stateful.
    Administrator Account.

If you require any more information please let me know.

[EricJH]

This is a memory access problem that can easily resolved.

To resolve the memory access problem:

Select Defense+ -->Advanced --> Computer Security Policy. 
Scroll down to Comodo Internet Security, select Edit --> Protection Settings.
Interprocess memory Access (Active Yes) select Modify --> Add -->Now use Running Processes or Browse to point to the concerned file(s) .
Then just "Apply" to each window as you exit.

Does this do the trick here?

I have had a BSOD of the saskutil.sys from SAS on Win 7 Beta that if I recall correctly may be related to compatibility with with CIS.

[Dch48]

My system is very similar to the OP's and I never had a BSOD from this but it did show SAS as accessing the memory space of CIS in my D+ log. I took the steps suggested above and it stopped. The same thing happens with Malwarebytes. It's because the scanners scan the processes in memory and CIS sees it as a possible attempt to modify it's operation.

[Chiron494]

I followed your advice and it does solve my problem, but I am wondering if it makes me more vulnerable to viruses. Does this mean that Comodo will not defend one of its critical files if under attack? How does this work?

[EricJH]

Comodo will only allow Super Antispyware to access CIS files in memory. That does not make your system more vulnerable to viruses. Only if Super Antispyware would get compromised CIS could get under attack. But Defense + or Buffer overflow protection would have alerted you something was happening to Super Antispyware.

[Tags:]