Workaround for the 99% CPU Problem with the latest Virus DB Updates

Nice “first” post…!

The first priority of a professional is to get the things back as soon as possible. Research and development can wait, so can postmortem. The pc in question was (XP) running smooth for more than a year with CIS installed and when that hit the fan, that expert with double quotes went the quickest way to get the machine back online.

Time is money.

I have to back up the claim as my fresh XP install with the fresh reinstall of the updated CIS did freeze my system as well however it did calm down after a shut down and restart.

My horror story with this CIS problem goes even further, my perfectly working dual boot setup XP & Win 7 was totally messed up along with partition issues. I could not fix them and could not successfully ghost partitions as I have done in the past, instead of dealing with multiple issues it was easier to completely format and reinstall.

Let’s be honest, there was more to this problem and this was a big F up on Comodo’s part and I thought the lesson was learned from past mistakes.
Lesson learned and experience gained huh?

If anything good comes from this let it be some type of communication system to Comodo users to notify us of a problem.

Glad things are returning to normal though.

No Time is not money : time is time … and money is money ( Jessie Livermore ) Patience is the key of success not speed as said sometimes your money can sleep :wink:

I really feel extremely sorry for all of you losing partitions or dual boot under windows but you can blame your lack of experience, M$ & perhaps a crippled PC … I lose a lot of time too these last twenty years with weird ERRORS in windows … but nevermore since i dualboot now with a dual HD and linux swapping slave to master and fooling windows. In fact i’ve got few others disks… and some backups too including MBRs and datas.

Learn :
https://help.ubuntu.com/community/WindowsDualBoot

tutoriel:comment_faire_multiboot_propre_2_dd [Wiki ubuntu-fr] ( 2 HD illustration in a french article)

Congratulations. That’s exactly what the victims want to hear: it’s not the driver’s fault, it’s theirs for jumping in front of the car.
You’ve just cost Comodo a few more users.

Jose.

Hopefully nobody thinks he was speaking for Comodo when he said what he did

Victims ? Strange analogy. I’m not the driver ( Comodo ?) nor the car ( M$ ?)

Yes i’m a bad driver than but i don’t drink or complain being myself a collateral victim 88)

Read my first posts I registered after this incident and I was one of the first guys to offer help and a solution even before the official workaround.

I’m not working for Comodo I’m just an average user not a so-called expert and also now a proud member of the Malware Research Group join it is free :wink:

I really feel pain for affected users and i don’t think my point of view is wrong we all learn a day or another : Welcome to the Club.

Sorry for being a little bit sarcastic - PEACE :a0

For several years I have used Acronis to archive C:\ ready for instant recovery upon a problem.

Fairly often I install something, try it out, and decide against it.
Instead of un-installing and leaving junk all over the registry etc, I restore the Acronis image.
Such experiments have made PCs un-bootable for some people, I was never that unlucky,
but if they had then the Acronis Boot CD would fix it.

M.$. likes to bundle unwanted junk (e.g. Silverlight) into Patch Tuesday updates.
I absolutely prohibit their updates (including un-announced “emergencies”) until I have a fresh archive,
after which I carefully screen out stuff I neither want nor need,
but even so what I have permitted has on occasions done damage,
and then the Acronis image has made it all good again.
Such patches have made PCs un-bootable for some people, I was never that unlucky,
but if they had then the Acronis Boot CD would fix it.

In over 3 years Acronis has often been needed to restore my P.C. to normality,
but this has been the first time that Comodo caused grief,
and because of Acronis it has only been a mild inconvenience.

To those who never had a computer problem till now I can only say you have not lived yet ! !

If this Comodo problem has been a disaster for you, how will you cope with the latest Patch Tuesday ?

n.b. I did not choose Acronis - it chose me !
Actually it was already installed when this second hand P.C. was given to me, and it works quite well.
I strongly recommend that any-one who wants to avoid re-installing Windows should use one of the many available backup systems that images the system partition, and has a boot CD that can restore the system no matter how badly the O.S. is trashed.

Alan

Perhaps there is a lesson somewhere in this thread for the (so called) ‘professionals’

Did I install something new (other than an av database/engine update)?

If Yes; think about uninstalling that 1st.

If no or no fix from uninstalling whatever was new; think about uninstalling anti virus, firewall, or anti spyware.

Most ‘professionals’ should know that it is normally the software that works most closely with the OS (ie antivirus) that is the most likely problem. In my experience it has not just been Comodo that has been the culprit where AV and firewalls are concerned.

IMAO the ‘professionals’ can’t all draw on experience gained from using computers since the time of the 8086, 80286 and even Z80. (sarc) after all, that is why people now need 8ghz 16 core computers just to write and run
10 print “Hello”
20 goto 10
in some weird and fashionable scripting language that results in a 10gb program file.

Personally my last reformat and (software) system rebuild took well over 12 hours and that was just the OS and core dev tools. A backup would take too many DVDs and ages and a core operating system files only one would not guarantee me not missing something that was not put where it was supposed to be.

That’s to say the least of it.
Amazing that this issue coincided with an apparent bot attack through Miami, FL.
Half the tech guys (including me) in the Florida Keys awoke to the sound of our phones ringing off the hook. Many of the local businesses lost thousands of $$ because of this issue.
Needless to say, systems were booted into safe mode and CIS was removed. Microsoft Security essentials was installed in it’s stead. No lost revenues now.
Extremely embarrassing that something of this nature should occur, and an excellent way to lose customers from the proverbial fold.
You guys need to engage in heavier testing before releasing to the public…wow…

To minimize thing like this happen again…can CIS made “Rollback Action” procedure by using “bases.cav” that sitting on “Repairs” folder by detecting if the updates was failed or consumed CPU more than normal (let say 30 minutes).

It should be plenty of scenarios can be applied on this procedure.

Thanks.
:comodojiggy:

I have been using Windows for 11 years and I have never had a single problem from any of their updates. As far as things like Silverlight go, they are always optional installations and are never selected by default. If you don’t already have the product installed, you don’t get updates to it. You only get the option to install it if you run Microsoft update in custom mode. You will never get any of the optional components installed through automatic updates. I also have never backed up anything before getting the updates and as I said, not a single problem, ever. So patch Tuesday is never a matter of concern to me. I don’t even wait for the notifications, I go to the site and install what’s there without any trepidation.

This problem with Comodo was very unfortunate but, the safeguards against it happening were already in place. An employee chose to circumvent them. Why established procedures were not followed is a matter for conjecture in my opinon.

There was no carelessness by Comodo as a company but only by an individual who should have known better.

Well, unfortunately you can’t lay the entire blame on the person that released the problematic database…

The software really should be able to fail-safe in such a situation, not create a race condition. The blunder has brought to light some coding issues. Hopefully version 4.0 has more resilient code. :-TU

Okay I can agree with that but if the proper procedures had always been followed before, how could they know it could happen?

Comodo may not have found this bug in the past when testing. But I agree it would make sense if they would consider fixing or working around it in the upcoming v4 or may be in a maintenance release of the 3.1x branch.

I did everything you explained and the issue did not resolved. In the meanwhile,while the issue occured,i had a blackout with the power and my computer did not recognize my hard drives and i had to get it to the technician.

An Uninterruptible Power Supply (UPS) is cheap protection from problems such as this. I don’t think anyone should operate a computer without one. Data is too valuable.

Most UPS’s these days even have over and under voltage regulation so all your PC sees is good clean power within the optimal operating range.

As of this morning I am experiencing the exact same lock up on XP the system acts fine with CIS disabled. Did something happen again? I don’t have a problem with Win 7. Any recommendations?

Hello Wild,

Can you please post the AV database you are running on both systems ?

Hi Ronny, Win 7 AV is 2678 I can’t get the XP one but it was up to date as of last night. I will have to work on this later today when time allows.
Thanks

Okay, did you have this issue on the XP system also with the previous 2526 and 2527 db’s?
And it reappears now?