anuswara,
Thank you for the effort you took in providing us all the required information. Could you please run this cisreport tool now and share cisreport data.
http://download.comodo.com/cis/download/installs/cisreporttool/cisreporttool.exe
Hi Metheni,
Ok, the whole log file has been just uploaded on your server.
PS:
“Sysinternals” in cisreporttool: handle.exe crashed, but the log says “successful”.
Best,
Thank You. Please upload the package with logs in any online storage like mega.nz or dropbox and share us the download link.
oh, after automatic uploading I deleted the log.
OK I restart from the beginning running again the tool. I will send it to you as requested, but via PM 
Done!
We received your log files, thank you for your cooperation. Our developers are working on it.
Hi anuswara,
Thanks for your patience. Please try following cases and report if it works.
Case 1: Add “All Applications” to shellcode injection exclusion (Refer enclosed image1 and follow below steps):-
Step 1: Open CIS
Step 2: Select Settings
Step 3: Select Advanced Protection → Miscellaneous
Step 4: “Don’t detect shellcode injections” → File Group ->Add “All Application”
Step 5: Reboot
if Case 1 does not solve the problem, try Case 2.
Case 2: Create/set GUARDMODE(REG_DWORD) (Refer enclosed image2 and follow below steps):-
Step 1: Run-> type regedit
Step 2: Select HKEY_LOCAL_MACHINE → SYSTEM → CurrentControlSet → Services → CmdAgent → Mode
Step 3: create/set GUARDMODE=0x40, reboot. (if it works, report D1)
Step 4: set GUARDMODE=0x80, reboot. (if it works, report D2)
Step 5: set GUARDMODE=0x100, reboot. (if it works, report D3)
Step 6: set GUARDMODE=0x200, reboot. (if it works, report D4)
Step 7: set GUARDMODE=0x400, reboot. (if it works, report D5)
Thanks,
Hi Metheni,
could you please explain more verbose the case2 after step2?
(have I to write GUARDMODE in the new key? what means report d2, d3? are they logfiles named d2, d3?
thanks.
You create a new REG_DWORD value called GUARDMODE and set the value data to 40 then reboot and replicate steps that caused the BSoD. If no BSOD happens then you say D1 works, if you still get a BSOD then edit the value data to 80 and keep repeating until BSOD doesn’t happen anymore.
Ok I will do it.
I guess I created it right.
PS: How can you explain that since 2 weeks I am not BSOD? (and at the same time the CrashDumpEnabled value is always 1!! withouyt manual corrections!).
PS2: doing this task the CrashDumpEnabled changed itself to 2, instead of 1.
PS3: to avoid lost of time (try, wait, try, wait…), I set the value to 400, the maximum.
All these tasks seem to POSTICIPATE (delay) the crash, not to avoid it.
(After only 3 months of tests I am really dead).
Please help (and fix), Please! Please!
The changes in regedit suggested by dev are unuseful. They only delayed (and that is even worse, because I lost all my job; its better to bsod at beginning of the work - just after power on the pc - not in the middle) the BSOD caused by Comodo driver.
Here, again, the bluescreen and related CIS crash:
here the log generated by Comodo itself:
https://www86.zippyshare.com/v/aqccGhb1/file.html
here, as usual, the eventviewer and cis daily installation:
https://drive.google.com/open?id=1LKiPlWU-dtQLroI_5KQ-PkeNGJc8d9RH
and, as usual, again the FULL FULL Complete dump (more complete than usual):
https://drive.google.com/open?id=1_abYZIZv8fR8_mEgUlAoIAo0NDL8-c6y
I really dont understand why it is so difficult to fix this big issue via dev instead of via instructions for the user.
(NB: Now I delete the changes in Regedit related to Guardmode!).
PS: since the devs consider “CmdAgent” as the cause of my BSOD, I am sure than after three months I could hope for a real and definitive fix.
Thanks.
Hi anuswara,
It seems previously provided dumps was not valid.
Now developers finished analysis of logs and dumps provided in last post and have some ideas, they will get it fixed as soon as possible.
Wow Metheni, that is a great news!
Thanks!!!
Hi Metheni,
are there “Release candidate” with this new fix?
thanks.
Hi anuswara,
Here it is.
https://forums.comodo.com/beta-corner-cis/comodo-internet-security-v11006778-rc-t123772.0.html
But it doesn’t include fix for your issue, developers are still working on it. Expecting to fix it soon.
Hi Metheni,
may be that the beta v12.0.0.6798
is “mine”, i.e. it fixes my issue?
(Anyway I hope the fix will come before May, because with warm weather I cannot leave my pc always on, even at night).
Thanks a lot.
PS: when available, will I have to perform a clean install after running your removing tool? or just via CIS autoupdate?
thanks.
Hi Anuswara,
Yes, this build can help you. Please wait for the stable release.
Or if you would like try beta, clean install: https://forums.comodo.com/beta-corner-cis/comodo-internet-security-2019-beta-v12006798-is-now-available-for-download-t123873.0.html;msg885758#msg885758
Please give us your feedback.
Hi Metheni,
if you agree I will
-
restore an old C:\ image (since the lot of BSODs may have damaged the OS)
-
delete the changes in Regedit
Comodo Forum -
fully remove the old CIS11 with Comodo Forum
and reboot -
install the new official CIS12 released today, that fixes “- cmdagent.exe unexpectedly terminates in some rare cases.”
https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-2019-v12006810-ndash-released-t124007.0.html
offline version:
http://download.comodo.com/cis/download/installs/1000/standalone/cispremium_only_installer.exe
and reboot. -
manually download the latest def.
If you agree, I do it. If all is ok then I wait at least one month for feedback, just to be sure that all is ok after the boot.
Thanks a lot.
Best,
Hi anuswara,
Yes please do and let us know your feedback. CIS Updates can be downloaded automatically instead of manual download.
Edit: Please also update drivers before installing latest CIS.
Thank you for your time and effort.