APPCRASH cmdagent.exe

Around 1200-1300GMT my Vista 64 locked up during skype session. Reboot hangs on desktop loading.

No icons or complete taskbar etc.
Safe mode OK.
Only way to recover OS is boot into safe mode & enter these keys & reboot after each :

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

Getting the GUI back then gives this error

Problem Event Name: APPCRASH Application Name: cmdagent.exe Application Version: 5.3.45685.1236 Application Timestamp: 4d348b32 Fault Module Name: StackHash_c33b Fault Module Version: Fault Module Timestamp: 00000000 Exception Code: c0000005 Exception Offset: 0000000003c836be OS Version: 6.0.6002. Locale ID: 2057 Additional Information 1: c33b Additional Information 2: 8808675e140dfa89f41a5b248af2e725 Additional Information 3: 3598 Additional Information 4: adef693f72a68fa8969e2d5eec815b07

CIS - 5.3.176757.1236 AV dB - 7781
Diagnostics finds issues - (doesn’t say what) reboot back to lock-up & re-entering the 2 reg keys
Disabled D+ - no difference.
Am going to keep playing…

So bad update or virus or what?

Any ideas appreciated

Also discussed…

… here:

… and here:

Those links are for Win7 SP1. ???

This isn’t a hang or slowdown. Win totally locks during loading of desktop, Icons don’t even get loaded, no key or mouse response.

Checking event logs I find my first lockup was related to cmdagent

Faulting application cmdagent.exe, version 5.3.45685.1236, time stamp 0x4d348b32, faulting module unknown, version, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0000000002ff36be, process id 0x1fc, application start time 0x01cbd343652a057a.

@12:12 GMT

Obviously the Win 7 patches/Service Pack haven’t been applied to my OS.

Whether or not it involved SP1 is an assumption made by the OPs.

“Got this problem today. I installed some latest updates from Windows Update and left to have dinner. Music player started to hang sometimes. When I tried to reboot PC I couldn’t. After reset, when windows finished booting after 30sec-1min it become to hang again. If I can kill cmdagent.exe, system start to work like it should.
Yesterday all was ok, and only today I get this bug (few hours ago).”

“actually I think there is a problem with the new update.what happened today that I was working on my laptop and I had to go to have lunch and when I came back and started using my laptop,it suddenly stop working.everytime I start my laptop and after 5 minutes everything freezes and I have to restart.I saw the windows 7 updates and I installed them hoping that they will solve anything but they didn’t.until I saw this thread about disabling the antivirus and it actually worked! I also noticed that there is an update about stopping the new weird message that tells you that there is a new update (I saw that one again btw) so it has nothing to do with SP1.the conflict is between windows 7 + new update + Comodo antivirus.I will keep disabling the antivirus until Comodo solves this.”

I also do not have Service Pack 1 installed.

Yes there may be a connection of sorts but I am thinking that if the listed reg keys are gone, then the OS is being crippled at a basic level - ie - no explorer.exe access. This is quite a lot different to a slowdown.

I’m wondering about the probability of CIS actively blocking/killing those entries. Win7 registry may be better protected but it seems a bit specific in terms of impact.

Only updates since 17 Feb from MS are defender definition updates. These don’t coincide with the problem starting. System has been on & off repeatedly up til 1200 today w/out this kind of issue.

AV dB has just been updated to 7785. Now things seem to be working OK. Have been able to sucessfully reboot into the OS.
Time will tell if that was the (only) problem I guess… Time to try skype again.


Check CIS’s logs for any references to what you have observed. You can use CIS’s external log viewer (C:\Program Files\COMODO\COMODO Internet Security\cfplogvw.exe). it’s more extensive and will allow you to browse all of CIS’s component logs from one place.

This problem started after installing the following updates: KB2387530, KB2484033

Unfortunatelly, the only way to have my comp back to normal was to uninstall CIS.

Hi Guys,
We had a signature live in v7781 which may have caused crashes observed by some of users in forums.
This has been fixed as of v7785. It might have affected Windows 64-bit users alone.

Sorry for inconvenience.


And here I thought Mcafee were the only ones throwing out live bad signatures that would cause several computers to crash. Thank god, it didn’t corrupt my windows, I did lost the entire morning, plus the inability to use my computer for a good part of the day (I also lost a backup recording that I needed for work)… Anyways, thank you for a really fast update/fix.

Thanks for quick fix. Hope we will not get it in the future :a0

Hi Guys,

If you are still having problems, please follow the instructions


How can I get this update. I am running v7781 and when checking for updates CIS says “Your product is currently up-to-date”. Has this been released yet?

Please use Antivirus->Update Virus Database function. IF it does not work, please use the instructions here:

I have the same problem. I do not use Comodo AV. I reinstalled Windows 3 times. Even on a clean system (without AV), Comodo is not worked properly. For Windows 7 x86 everything was ok, but the x64 is the problem. With Comodo Internet Service Sercurity Helper Service computer will start in 20 minutes. Service off - computer works pertectly and start in 20 seconds, but does not work online. Anyone know 100% effective solution?


Is that a clean Win 7 x64 installation you are referring to where this delay is happening?

Do you have any other utility or security software running in the background?

There is surely something going on which is worth a bug report.

This is happening on a clean Windows 7 64-bit. The system load of about 18 minutes. Trying to run in safe mode ends in Classpnp.sys file (Google shows 70 000 results for the query “Classpnp.sys” and nobody has a solution for this, I tried everything already. So this is a huge issue.) Additionally, when start the computer from the DVD, drive letters are completely converted. At first I thought that the problem is with the file Classpnp.sys or disks with letters, but disable the Comodo Internet Security Helper Service each time a 100% helps. I tried and Comodo Internet Security and Comodo Personal Firewall version 2011 5.3.181415.1237. On 32-bit system, everything was OK.

It takes two weeks already, I don’t want to use another program, I want Comodo :slight_smile: Please help me.

Sorry for my English, I use Google Translator :slight_smile:


U shouldn’t disabe defence +

When you say “safe mode”, is that Windows Safe Mode or CIS Defense+ Safe Mode?

PS What is your native language? We may have a member that can help.

Go to(In safemode) start type msconfig and press enter go to start up tab and disable everything(Yeah even skype) and restart, Go to safe mode again and do a system restore(If the first step didn’t work)
Start type system restore, or restore select an available date click all next and finish then it shall restart
Good luck ;D
Sorry for my bad spelling and bad English :a0

OK, disabling start-up entries that will not run in Windows Safe Mode is a little unusual. But, given what rooney321 posted why do you advise a system restore? I’d like to find out more and confirm something things first myself.