BSOD’s will happen during feature updates and in-place upgrades with CFW/CIS/CAV installed Can you reproduce the problem & if so how reliably?:
Yes, it’s happened multiple times now, once when I did an in-place upgrade and another time when I installed a feature update from the windows update menu If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1:Start installing an in-place upgrade or install a feature update from windows update
2:At some random point during the installation process, a BSOD will happen and it will continue happening for this kind of update to windows every time I try to do either of these installations for as long as I keep trying with comodo installed
3: after uninstalling comodo, the update finishes without a hitch One or two sentences explaining what actually happened:
Whenever I try to install an in-place upgrade or a feature update to windows 10, I get a BSOD if comodo is installed One or two sentences explaining what you expected to happen:
I expected the devs of comodo be on top of this issue without the user having to fiddle with it to get it to work. There have been multiple system-destroying problems related to windows updates that were directly caused by comodo in the past If a software compatibility problem have you tried the advice to make programs work with CIS?:
Yes, the other security software I run along side it never causes any issues with comodo nor do those other security products cause bluescreens when doing major updates to windows Any software except CIS/OS involved? If so - name, & exact version:
Voodooshield, again, this never causes any issues with windows or comodo. Any other information, eg your guess at the cause, how you tried to fix it etc:
I’ve been told by a number of other people that comodo gets pretty deep into your system. After hearing that and seeing all of the tests of it on youtube and seeing it get an A+ every time, I came to the conclusion that comodo “gets deep into the system” like this to ensure that malware can’t go over comodo’s head with its authority over the system.
B. YOUR SETUP Exact CIS version & configuration:
Comodo Firewall 12.2.2.7036 proactive security, all alerts set to be auto-blocked Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
Everything is turned on. Have you made any other changes to the default config? (egs here.):
Yes, I enabled all of the options to auto-block all alerts, like it should be by default I also set my VPN’s MAC into the network zones and made a ruleset based on that for all of my daily used applications.
Allow IP out from (my VPN’s MAC) to any
Allow IP in from any to (my VPN’s MAC)
Block IP in/out
That way of enforcing my VPN’s connection does exactly what I want it to, it cuts off internet traffic to all of my apps when my VPN isn’t running and connected Have you updated (without uninstall) from CIS 5, 6 or 7?:
No if so, have you tried a a a clean reinstall - if not please do?:
I had to reinstall it after I finished my in-place upgrade. because that process wouldn’t finish with comodo installed Have you imported a config from a previous version of CIS:
no if so, have you tried a standard config - if not please do:
Any time there’s a config file from an old installation, I switch to the new one and do it my way all over again. (That’s really annoying that I have to do that by the way) OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Windows 10, x64 home. UAC is password protected admin account, virtual box is installed and a few VMs are in there, but that’s never been an issue before Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=VoodooShield b=My VPN
you say that you “enable all of the options for “do not show popup alerts” and then they set them to block with the container set to block as well”
Could this “do not show popup alerts” and block by default setting probably lead to this bug by preventing critical system applications from doing their job?
Reason for asking this is that I too get sometimes HIPS popup Alerts from System applications that I would not expect to see (they are Trusted so why getting a popup Alert).
When in such a case the request is blocked (without knowing) then this could most probably lead to system instability.
I remember reading in SOME LEAKS THAT CAME OUT about CERTAIN PEOPLE trying to exploit antivirus programs with the intention of subverting them and bypassing them.
In THOSE LEAKS THAT CAME OUT. The PEOPLE exchanging messages back and fourth talked about how comodo will “literally block everything until you tell it not to” and mentioned how it will even block windows system components.
So I guess the next time I do either an in-place upgrade or a feature update I can try turning HIPS off to see what that will do.
I guess it’s good that vital parts of the system are protected like that, but it’s still annoying that I get a BSOD when doing a major system update
Need memory dumps to investigate and it could be an incompatibility issue with voodooShield and CIS. Do you know of the name of the driver file that the BSOD screen says what caused it?
Yes I used the default proactive config except with auto-containment disabled, if you think HIPS blocked something you should check the HIPS logs, but I highly doubt HIPS did anything that would cause the blue screen.
Just for the confirmation I have quoted the message on PM,Please cross check that.I had already reported to CIS team and teams are working in it.
Have a nice day!