BSOD Probably caused by: cmdguard.sys ( cmdguard+29db )

A. The bug/issue

  1. What you did: i started Hitman Pro 3.6.0 build 138 or scheduled scans . with hitman the problem occurs when scan is almost finished but submitting files to cloud is still in progress.
  2. What actually happened or you actually saw: BSOD i analyzed minidumps with kdfe program and it
    says cmdguard.sys is probably the reason
  3. What you expected to happen or see: normal end of scan
  4. How you tried to fix it & what happened: i have no idea how to fix
  5. If its a software compatibility problem have you tried the compatibility fixes (link in format)?: no
  6. Details & exact version of any software (execpt CIS) involved (with download link unless malware): Hitman Pro 3.6.0 build 138
  7. Whether you can make the problem happen again, and if so exact steps to make it happen: start Hitman Pro 3.6.0 build 138 (poratble) or run scheduled scans
  8. Any other information (eg your guess regarding the cause, with reasons): n/a

B. Files appended. (Please zip unless screenshots).

  1. Screenshots of the Defense plus Active Processes List (Required for all issues): Attached
  2. Screenshots illustrating the bug: No
  3. Screenshots of related CIS event logs:
  4. A CIS config report or file. Attached
  5. Crash or freeze dump file: Attached
  6. Screenshot of More~About page. Can be used instead of typed product and AV database version. Attached

C. Your set-up

  1. CIS version, AV database version & configuration used:5.9.221665.2197 , db version 11416
  2. a) Have you updated (without uninstall) from from a previous version of CIS: yes
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: no
  3. a) Have you imported a config from a previous version of CIS: no
    b) if so, have U tried a standard config (without losing settings - if not please do)?: no
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): no
  5. Defense+, Sandbox, Firewall & AV security levels: D+= training mode , Sandbox= disabled , Firewall = safe mode , AV = stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: xp sp3 32 bit , administrator
  7. Other security and utility software currently installed: malwarebytes free
  8. Other security software previously installed at any time since Windows was last installed: no
  9. Virtual machine used (Please do NOT use Virtual box): no

[attachment deleted by admin]

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again

PS Please note that this bug is a conflict with andother security program. While Comodo endevours to fix such conflicts, it cannot guarantee to do so, as it is not alwyas possible to make security suites co-operate. Further information on this and how to work around such problems can be found here.

By the way, what does 29db mean :slight_smile:

Best wishes



this is a line from the message from kdfe program for analyzing kore dups :

C:\DOCUME~2\user\LOCALS~1\Temp\tmp_kdfe>kdfe C:\WINDOWS\Minidump\Mini020412-04.dmp

Analyzing “C:\WINDOWS\Minidump\Mini020412-04.dmp”, please wait… Done.

Crash date: Sat Feb 4 13:37:13.718 2012 (GMT+2)
Stop error code: 0x8E
Process name: HitmanPro36.exe
Probably caused by: cmdguard.sys ( cmdguard+29db )


i thought this could be useful and i pasted all the line
i don’t know what +29db mean .

Best regards

Thanks for the clarification, may be of use to the devs


now in version
5.10.228257.2253 , virus data base version 11860

the virus scan completed successful with no BSOD

so it seems that the problem is fixed


Best regards

THanks for the feedback much appreciated