BSOD during restoring from hibernate

A. The bug/issue

  1. What you did: I turned the computer on from hybernation.
  2. What actually happened or you actually saw: The system rebooted while restoring and then indicated that there had been a serious error. Event log showed that there had been a BSOD.
  3. What you expected to happen or see: The system should have been restored and continued its normal operation.
  4. How you tried to fix it & what happened: I’ve analyzed the crashdumps with WinDBG and it has shown the ‘inspect.sys’ module to be responsible for the fault. This module appears to be a part of the Commodo Firewall (it has a corresponding digital signature). I’ve checked for updates, but the software is already up to date.
  5. If its a software compatibility problem have you tried the compatibility fixes (link in format)?: Well, I doubt it is a compatibility issue. The system usually restores fine.
  6. Details & exact version of any software (execpt CIS) involved (with download link unless malware): None, I believe. I wasn’t using the computer while it was being restored.
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: No.
  8. Any other information (eg your guess regarding the cause, with reasons): Looks like an incorrect synchronization with the kernel during restore from hybernation. The error is a null pointer error after all.

B. Files appended. (Please zip unless screenshots).

  1. Screenshots of the Defense plus Active Processes List (Required for all issues): Attached (Processes1-3). Defense+ is turned off on the machine if it matters.
  2. Screenshots illustrating the bug: Don’t have :slight_smile:
  3. Screenshots of related CIS event logs: Appended (CFPLog1-2)
  4. A CIS config report or file. Attached (
  5. Crash or freeze dump file: Attached ( I can also provide with the full dump, but it’s big (136 MB zipped)
  6. Screenshot of More~About page. Attached (About.png)

C. Your set-up

  1. CIS version, AV database version & configuration used: Comodo Firewall 5.10.228257.2253, No AV, Firewall Security.
  2. a) Have you updated (without uninstall) from a previous version of CIS: Yes.
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: I won’t do that because of a single BSOD.
  3. a) Have you imported a config from a previous version of CIS: No
    b) if so, have U tried a standard config (without losing settings - if not please do)?:
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): I don’t think so, but you have my active config attached in any case.
  5. Defense+, Sandbox, Firewall & AV security levels: D+=Disabled, Sandbox=Disabled, Firewall=Safe, AV=Not present
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows 7, SP1, 64 bit, Highest UAC, Regular User
  7. Other security and utility software currently installed: Avira Free Antivirus
  8. Other security software previously installed at any time since Windows was last installed: None
  9. Virtual machine used (Please do NOT use Virtual box):] VirtualBox 4.1.16 is installed on the machine but is rarely used.

[attachment deleted by admin]

It is possible that this is a Virtualbox or Avira interaction, but I will move to format verified anyway, as it’s a good bug report, and it’s equally possible it is not.

If it occurs again I would recommend uninstalling Virtualbox and reinstalling CIS. VMware player (free) works fine with CIS, with the occasional CIS tweak if run under a non-admin account.

I would also recommend reading this post re Avira: Making other security programs work with CIS.

Best wishes


Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again