20 minute antivirus initialization

I bought a used laptop. It had Mint on it, but was tied to a Windows 8 license, so I restored it to Windows 8. The computer is no wimp (1st or 2nd gen i7, 8GB RAM, and so on).

It must be noted that the install took hours; much longer than it should. The UI was utterly unresponsive (e.g., 20 seconds between physical mouse click and it responding), it would read some from the disc, take 10+ minutes of thinking/doing nothing before reading more from disc, and so on. I was a bit worried about my purchase at this point, but after untold hours (I let it sit while I went to work), it finally completed and was pretty responsive thereafter. It should be noted, this was a clean install, everything was wiped including partitions, MBR (I assume Mint and Windows use different tables), everything. So, hopefully this eliminates chance of something surviving across installs.

One of the first things I do is install a firewall / AV on a fresh install. I had reasonable success with Comodo, so I gave it another shot. Install of CIS went fine using stock settings. So I started installing more stuff (Firefox, VLC, flash, OpenOffice, iTunes, etc).

Somewhere between OpenOffice and iTunes something goes fishy. Windows 8 tile world stops responding, specifically, “PC Settings” (never had a bluetooth enabled laptop before so I was tinkering with pairing it with my phone; side bar, it really does nothing useful). I tried plugging my phone in via USB so iTunes could recognize it, but nothing happens and Windows fails to recognize it. I try a System Restore which thankfully fixes the tile world responsiveness but iTunes fails to start after re-installation.

Also, somewhere along the line, Comodo notifies me there is a trojan in some user tmp dir. I find this strange since I am only downloading from known sources, but it seems everyone (Comodo included) likes to bundle paid junk with their app. It gives me some line about calling GeekBuddy or some such. When I click “let me handle it”, nothing happens. It shows nothing in quarantine nor any indication that it found something bad. At this point, I am suspecting foul play. I download avast! and let it run, but it finds nothing.

I am confused at this point, but I am not far into my installing so I let Windows “refresh” itself. During the re-install, it reboots unexpectedly due to a DRIVER_POWER_STATE_FAILURE BSOD. Still triaging that as it may explain why initial install took forever, but again everything worked in the end. So, I install Comodo again. One thing I notice this time is that when I drag and drop a folder for it to scan, the antivirus takes about 20 minutes to initialize. After that, it initializes quickly until the next reboot. On a separate Windows 7 laptop, it initializes in seconds the first time.

Assuming you have survived to the end of my story, do you have any ideas of how the pieces of this puzzle fit together? I am afraid with a 20 minute initialization, the antivirus may not be doing anything.

Please make sure that there are no left overs of previously uninstalled security programs around. Not all uninstallers do a proper job. Left over applications, drivers or services can cause all sort of “interesting effects”.

Try using removal tools for those programs to remove them. Here is a list of removal tools for common av programs: ESET Knowledgebase .

Does cleaning up possible left overs help or doesn’t it make a difference?

The first attempt was after a complete reformat.

When things got messed up, I tried uninstalling Comodo, but it got stuck at a certain percentage and failed to fully uninstall. At that point, it would no longer uninstall because Windows thought Comodo was not there even though a few services were left over. Also, it would not re-install because Comodo thought it was already installed.

The second (current) attempt was after a “refresh” which is essentially a new Windows installation. Comodo is the only AV program running, and it is here that I observe the 20 minute initialization times. This worries me because I am not certain it is actually protecting me.

Thanks.

If it happens with a clean installation of Windows and with no other security programs installed then we may be looking at a bug.

That is my situation. Windows install is less than 12 hours old and there are very few 3rd party programs installed and no other anti-virus/malware programs (unless Windows 8 has something I am not aware of)

Are there any logs or dumps I can look at to see if something is blocking Comodo initialization? Can you also point me to the bug filing process?

A bug report can be filed in Bug Reports - CIS board following the format as described in FORMAT & GUIDE - just COPY/PASTE it!.

Reporting of bugs is strictly moderated to make sure Comodo gets clear bug reports. So, please make sure you closely follow protocol. That way your report will certainly be seen by Comodo staff.

I’m tempted to ask why the previous owner installed Linux Mint? Perhaps he/she was having Windows problems too?

I think I’d begin to suspect the hardware. try running chkdsk/r on the disk(s) to see whether there are any bad sectors.

I’d also download Memtest from http://memtest.org. Extract the .iso file from the downloaded archive, burn the .iso to a CD/DVD and boot the CD/DVD. Memtest will start running immediately. Leave it running as long as you can, at least overnight and for 24 hours if you can. You want as many iterations of the various tests as you can get. If it reports any errors at all suspect flaky RAM. Pull all the cards but one and re-run Memtest on each card, one at a time.

Whilst you’re at it stress test your CPU with Prime95 (GIMPS - Free Prime95 software downloads - PrimeNet.