TOPIC TITLE
BSODs after installing CFW version 5.8.213334.2131
A. The bug/issue
1. What you did: uninstalled v 5.5, installed v 5.8 ( did twice - BSOD happened both times )
2. What actually happened or you actually saw: First time: BSOD on rebooting as part of installing v5.8 (no previous config imported). Second time: Random cold boot BSOD a few days later. Third time: After a system restore and uninstalling v5.5, CCleaner clean-up, and fresh install of v5.8, BSOD while ticking Defense+ Monitoring settings (i.e before chance to reboot after the install).
3. What you expected to happen or see: No BSODs.
4. How you tried to fix it & what happened: system restore and clean re-install, turned off Enhanced Protection Mode. BSODs have yet to re-occur (after three days).
5. If it's a software compatibility problem have you tried the compatibility fixes (link in format)?: CIS FW and Defense+ previously worked fine with existing Avast free AV and no other system settings or services have been changed during upgrade so unable to guess if compatibility problem exists.
6. Details & exact version of any software (except CIS) involved (with download link unless malware):
Was only installing CIS.
7. Whether you can make the problem happen again, and if so exact steps to make it happen: No. BSODs occurred immediately after the installation of v5.8, one other BSOD was a random event on cold boot (note: not had any BSODs with current setup until these events).
8. Any other information (eg your guess regarding the cause, with reasons):
I am using x64 bit Windows 7 and it seems that CIS's 5.8 upgrade has enhancements for 64 bit protection so my guess this is causing a conflict. Ran full disk check, sfc and Windows Memory Diagnostic --- no reported issues).
B. Files appended.
~~~~~~~~~~~
1. Screenshots of the Defense+ Active Processes List (Required for all issues): Append 1 & 2 - x 2 screenshots
2. Screenshots illustrating the bug: BSODs not captured live
3. Screenshots of related CIS event logs: ?
4. A CIS config report or file. Default 'Proactive Security' config was unchanged at time of BSODs apart from Enhanced Protection Mode
5. Crash or freeze dump file:
Append 3 - zipped Windows minidumps for each BSOD
Append 4 - zipped Process Explorer .txt save (processes + lower pane view: handles)
Append 5 - zipped eventviewer error log re 'CIS Helper Service' ( error did not occur under previous versions of CIS).
6. Screenshot of More~About page. N/a
C. Your set-up
~~~~~~~~~~~
1. CIS version, AV database version & configuration used:
CFW version 5.8.213334.2131 (Not CIS AV).
At time of BSODs: Default Proactive Security with Enhanced Protection Mode.
2. a) Have you updated (without uninstall) from a previous version of CIS: Initially yes.
b) if so, have you tried a clean reinstall (without losing settings - if not please do)?:
The first time v5.5's updater froze; uninstalled v5.5; fresh installed v5.8; system-restored to before v5.5 uninstalled; turned off all CIS settings; uninstalled v5.5 again; ran CCleaner's registry cleaner; re-installed v5.8 without importing any old config. BSOD re-occurred even before rebooting.
3. a) Have you imported a config from a previous version of CIS: No
4. Have you made any other major changes to the default config? (eg ticked 'block all unknown requests', other egs here.): I ticked the Enhanced Protection Mode and Create Rules for safe Applications in Defense+ (no other General Settings).
5. Defense+, Sandbox, Firewall security levels: D+= Safe , Sandbox= On, Firewall = safe, AV = n/a
6. OS version, service pack, number of bits, UAC setting, & account type:
Windows 7 Pro SP1 x64 bit, UAC maximum. Standard user (Admin elevation for installing etc)
7. Other security and utility software currently installed:
-Avast free Antivirus version 6.0.1225 = sandbox disabled; Avast AV runs rootkit scan on boot.
-EMET 2.1: DEP = Always On; SEHOP = Application Opt In; ASLR = Application Opt In
-GP Software Restriction Policy = Default-Deny
-Malwarebytes used for on demand scans. Windows Defender used only for on demand scans.
8. Other security software previously installed at any time since Windows was last installed: No
9. Virtual machine used (Please do NOT use Virtual box): No
[attachment deleted by admin]