I’m pretty impressed with CPF, and today I installed the new beta. A lot of my wishes are implemented!
But there’s one small present I don’t really like: a big fat ugly darkblue BSOD with lots of topsecret codes, that make me feel like I’m a spy. And I hate spyware.
I could replicate the error, so I’m pretty sure I know exactly when it’s happening.
If I enable “Secure the host while booting” everything looks normal, also shutting down the system. But instead of a normal boot that blue BSOD is gazing at me, right after the screen with “Welcome”.
Accidentally I was doing some testing and the only program starting up was CPF. When I disabled (in safe mode) “Secure the host while booting” everything went as it should. So I’m pretty sure CPF caused this error.
I don’t have a screenshot, not much to see, except the codes, here they are:
To my knowledge, it’s not a required setting. In the 2.1.1.1 version (my first CPF install), I was having issues with that setting. My issues were smaller however, no BSOD, as I was unable to browse my LAN.
Can you please try to send us(personalfirewall@comodo.com) the memory dump so that we can see what is going on? And do you get this error with 2.2.0.11 or with previous beta? And does the BSOD screen show the guilty driver name? That option blocks all outgoing connections and there is a probability that some other driver may not like this feature and BSODs. What other security software are you using?
Thanks for the reply. I’d like to have that option on, because I am what’s called in the other thread a highly suspectible computer, because of the work I do. Anyway, the option shouldn’t give a BSOD.
Hi Egemen,
That’s a fast reply!
I’l send you the memorydump and there’s a log-file with it too, I’ll send that too. But it’s partially in Dutch, I’m afraid…
I’l name the subject Goeroeboeroe BSOD.
I didn’t have the issue with the last regular version, and it was enabled then.
I don’t have a screenshot, because it’s a bit difficult to print a BSOD ;D, but there was nothing more on it than what I wrote, no name.
If you have suggestions how to get you more useful info, please let me now.
The other security software I use (which was all disabled on the moment I installed and tried the CPF beta, but of course the drivers etc. were installed, and some may have been started, even though disabled…):
Avast!
System Safety Monitor
Ewido Anti-spyware (with real-time-protection, paid version)
Process Explorer (not really security software, but it installs a driver and I use it for security)
All-Seeing Eye (not everything enabled)
Lot of scanners, but I have to start them manually
Lot of ActiveX etc. from on-line-scanners, but also not active
Lots of prevention like SpywareBlaster.
Some small things like Spoofstick, SiteAdvisor, etc., and some things for Firefox and Internet Explorer, but I can’t imagine they have any influence since they only run when a browser is started.
Before you start to say I have much too much: I know, but it’s pretty balanced, and I am doing some things for which I really need a lot of protection.
According to the BSOD parameters, CPF secure boot seems to be triggering a bug in one of the drivers, most probably netbios.sys or tcpip.sys.
Until we solve the problem, please open your computer in safe mode and delete the “Tag” value under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdMon. This should stop BSOD.
In the mean time, if you have a crash dump, please do send it so that we can analyze the issue faster.
Thx,
Egemen
EDIT : We have fixed the issue. It was another driver which was crashing and CPF was triggering the bug. The BETA setup will be updated today.
Hi Egemen,
Maybe I wasn’t clear, but BSOD stopped after I disabled “Secure the host while booting” in safe mode. So I just leave Tag under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdMonjust like it is now.
Hi,
You’ve fixed it! (V) It seems to work okay now.
In another topic I wrote about warning-events, they still exist. But this seems to work now!
I have one small suggestion. The installer/uninstaller workst great now. But.
I had to agree to uninstall, and then it rebooted. Since I was updating I thought all rules would be preserved. Not so. Maybe it’s an idea to give a warning on one of the screens, before the actual un-installation happens.
Yes, I know, but I thought rules would be kept because I was updating. After 20 years with computers I should have known you shouldn’t think when working with such a stupid machine
Going to bed. In this part of the world it’s bedtime!
