CIS 5.0.158836.1079 BETA freezes the whole system when I launch a full scan. Stops somewhere at around 65000 files (never at the same file). I can hit the STOP scan button but then the system is completely frozen, CTRL-ALT-DEL not even working. Have to reboot with power button.
I did report it under the bug section but no reaction to my post.
Hi Scubamaster
If you posted your bug using the correct format then it will be looked at even if you don’t receive a direct response straight away.
I have more info from the event viewer:
Faulting application name: cmdagent.exe, version: 5.0.27764.1079, time stamp: 0x4c62c28a
Faulting module name: unarch.cav, version: 1.0.0.1, time stamp: 0x4c62c2e8
Exception code: 0xc0000417
Fault offset: 0x00041a0f
Faulting process id: 0x3d0
Faulting application start time: 0x01cb399bbe5c29dc
Faulting application path: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Faulting module path: C:\Program Files\COMODO\COMODO Internet Security\scanners\unarch.cav
Report Id: e6bf1b5b-a591-11df-b309-00219b2092c5
When I hit the pause button after the full scan has frozen, I sometimes get the following error message (see screenshot).
Before starting the full scan, I have 2GB memory left and CPU load is a t 3%.
[attachment deleted by admin]
Try unticking the option ‘scan archive files’ in Antivirus scanner settings under manual scan and see if it completes ok.Your problem seems to be related to scanning compressed files.
You are correct. Unchecking the archive scan did the trick. :-TU
That means the programming error is probably in the unarch.cav module. Based on the error message perhaps a buffer overflow? ???
I hope this gives the develeopers an idea where too look.
I’m not sure what causes this issue,it has been noted by the developers though previously.As for unticking that particular setting,it won’t lessen your security since zip files etc. will be scanned when extracting them anyway.
In my case too.
Hey xRogue,
Can you please use Process Explorer to locate which file freeze CIS and then send to me?
And can you send me the dump file while CIS freezed?
My Email: xukun@comodo.com
Thanks,
Kun from Comodo Engine team
Here is what you need to do in order o identify the problematic file while scanning:
1 - Disable Defense+
2 - Download Process Explorer from Process Explorer - Sysinternals | Microsoft Learn
3 - Run Process Explorer
4 - In Process Explorer, select View->Lower Pane View->Handles
5 - In Process Explorer Process window, click on cmdagent.exe
At this stage, in the lower pane, you should be seeing handles opened by cmdagent.exe. You are particularly interested in “Type File”
6 - Open CIS and Run a Scan → My Computer.
Wait until the scan hangs. When the scan hangs, you must go to Process Explorer and check the Lower Pane for open “File Handles”. One of those handles are causing this issue. Probably an archive file. Please indentify that file and let us know.
Egemen