BSOD's during feature updates and in-place upgrades

BSOD’s will happen during feature updates and in-place upgrades with CFW/CIS/CAV installed
Can you reproduce the problem & if so how reliably?:
Yes, it’s happened multiple times now, once when I did an in-place upgrade and another time when I installed a feature update from the windows update menu
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1:Start installing an in-place upgrade or install a feature update from windows update
2:At some random point during the installation process, a BSOD will happen and it will continue happening for this kind of update to windows every time I try to do either of these installations for as long as I keep trying with comodo installed
3: after uninstalling comodo, the update finishes without a hitch
One or two sentences explaining what actually happened:
Whenever I try to install an in-place upgrade or a feature update to windows 10, I get a BSOD if comodo is installed
One or two sentences explaining what you expected to happen:
I expected the devs of comodo be on top of this issue without the user having to fiddle with it to get it to work. There have been multiple system-destroying problems related to windows updates that were directly caused by comodo in the past
If a software compatibility problem have you tried the advice to make programs work with CIS?:
Yes, the other security software I run along side it never causes any issues with comodo nor do those other security products cause bluescreens when doing major updates to windows
Any software except CIS/OS involved? If so - name, & exact version:
Voodooshield, again, this never causes any issues with windows or comodo.
Any other information, eg your guess at the cause, how you tried to fix it etc:
I’ve been told by a number of other people that comodo gets pretty deep into your system. After hearing that and seeing all of the tests of it on youtube and seeing it get an A+ every time, I came to the conclusion that comodo “gets deep into the system” like this to ensure that malware can’t go over comodo’s head with its authority over the system.

Exact CIS version & configuration:
Comodo Firewall proactive security, all alerts set to be auto-blocked
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
Everything is turned on.
Have you made any other changes to the default config? (egs here.):
Yes, I enabled all of the options to auto-block all alerts, like it should be by default I also set my VPN’s MAC into the network zones and made a ruleset based on that for all of my daily used applications.
Allow IP out from (my VPN’s MAC) to any
Allow IP in from any to (my VPN’s MAC)
Block IP in/out
That way of enforcing my VPN’s connection does exactly what I want it to, it cuts off internet traffic to all of my apps when my VPN isn’t running and connected
Have you updated (without uninstall) from CIS 5, 6 or 7?:
if so, have you tried a a a clean reinstall - if not please do?:
I had to reinstall it after I finished my in-place upgrade. because that process wouldn’t finish with comodo installed
Have you imported a config from a previous version of CIS:
if so, have you tried a standard config - if not please do:
Any time there’s a config file from an old installation, I switch to the new one and do it my way all over again. (That’s really annoying that I have to do that by the way)
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 10, x64 home. UAC is password protected admin account, virtual box is installed and a few VMs are in there, but that’s never been an issue before
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=VoodooShield b=My VPN

From reading your wish

you say that you “enable all of the options for “do not show popup alerts” and then they set them to block with the container set to block as well”

Could this “do not show popup alerts” and block by default setting probably lead to this bug by preventing critical system applications from doing their job?

Reason for asking this is that I too get sometimes HIPS popup Alerts from System applications that I would not expect to see (they are Trusted so why getting a popup Alert).
When in such a case the request is blocked (without knowing) then this could most probably lead to system instability.

I remember reading in SOME LEAKS THAT CAME OUT about CERTAIN PEOPLE trying to exploit antivirus programs with the intention of subverting them and bypassing them.

In THOSE LEAKS THAT CAME OUT. The PEOPLE exchanging messages back and fourth talked about how comodo will “literally block everything until you tell it not to” and mentioned how it will even block windows system components.

So I guess the next time I do either an in-place upgrade or a feature update I can try turning HIPS off to see what that will do.

I guess it’s good that vital parts of the system are protected like that, but it’s still annoying that I get a BSOD when doing a major system update

Need memory dumps to investigate and it could be an incompatibility issue with voodooShield and CIS. Do you know of the name of the driver file that the BSOD screen says what caused it?

No, all I saw was the frowney face on the BSOD. I wasn’t aware that the BSOD showed those anymore.

Hello DrAlrek,

Could you please check your inbox via PM and share us the requested logs for further analysis of the issue.
Have a nice day.

Thank you in advance,

I doubt CIS is the cause as I just successfully did the upgrade to the new Windows 10 2004 may release with CIS installed.

is your HIPS turned on? Mine is. And it’s set to automatically block requests too.

Interesting. In other words, HIPS may be blocking components of the Windows upgrade?

UPDATE: Yes, I see this point was also covered by CISfan above.

Yes I used the default proactive config except with auto-containment disabled, if you think HIPS blocked something you should check the HIPS logs, but I highly doubt HIPS did anything that would cause the blue screen.

I’ve heard from at least one person so far that the HIPS is probably the culprit here.

Hello DrAlrek,
Could you please check your inbox via PM.

So can anyone clue me in on this? Is the HIPS the culprit here?

Errmmm, I think Dharshu asked you to check your PM inbox in the post before yours…

I send him the logs he wanted.

Hello DrAlrek,

Could you please once again check your PM and send us the requested memory dumps for further analysis.
Thanks in advance.

Have a nice day!

I didn’t see any new messages in my PM’s The dumps from that BSOD are gone now

Hello DrAlrek,

Just for the confirmation I have quoted the message on PM,Please cross check that.I had already reported to CIS team and teams are working in it.
Have a nice day!