CIS BSOD - Windows 10 Pro 1607 [M2221]

I love COMODO’s products and I honestly don’t want to stray from them, but this might be a breaking point for me.

Summary - Upon leaving COMODO CIS on my and another very similar setup, Windows will randomly BSOD. After a lot of debunking with other items, removing COMODO CIS leaves both machines crash free.
I’ve reinstalled it on one, and within 4-5 hours I have another BSOD identical to the previous. This occurs on both computers with almost 100% identical dumps.


I’m not 100% sure COMODO CIS is the underlying cause of this, but removing COMODO CIS proves the problem goes away.

Can you reproduce the problem & if so how reliably?: Reliably? within 24-48 hours I usually get 3-4 depending on the use of the computer

If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: Leaving it sit overnight
2: During heavy loads (games/heavy use of applications)
3: Right after heavy loads (letting it idle after being used)

If a software compatibility problem have you tried the conflict FAQ?:
I could reinstall the computer(s) if need be but I have not removed anything else as I don’t see any real connection with any software, possibly drivers though.

Any software except CIS/OS involved? If so - name, & exact version:
Not that I’m aware of

Any other information, eg your guess at the cause, how U tried to fix it etc:
None, I’ve never dealt with memory/irq bsod’s being a software issue, and it seems to be the case here.

B. Your Setup
Exact CIS version & configuration:
Product version:, Database version: 26948 - standard configuration from install

Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
HIPS, Autosandbox, Firewall, AV (whatever is enabled by default, but any questions let me know)

Have U made any other changes to the default config? (egs here.): No

Have U updated (without uninstall) from CIS 5 or CIS6?: No

if so, have U tried a a clean reinstall - if not please do?: I’ve done a clean reinstall of COMODO regardless on 4/20 with the issue still there

Have U imported a config from a previous version of CIS: No

OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used: Windows 10 Pro 1607, 64bit, UAC disabled, Admin, no virtual

Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
I tried two others on this system to see what they offered before installing the normal CIS, the other computer only got CIS installed
b= Comodo Internet Security Essentials
b= Comodo Cloud Antivirus


  1. Attached is my minidumps from one of the computers I have access to at the moment, which is the one I reinstalled CIS on and it started BSOD’ing again. I removed CIS on 4/18 (after 8pm) and reinstalled it on 4/20 at 3pm. The other computer has been running for 4-5 days now without a BSOD after uninstalling CIS.

Can you switch to collecting kernel memory dump by going to System in control panel and then advanced system settings. Then under startup and recovery select settings the under write debugging information choose kernel memory dump. Then reproduce the BSOD and attach the new dumps here thanks.

Also attach the CIS diagnostic report even if it doesn’t find any problems.

I’ve bumped the dumps to kernel memory dump and I’ll get it up here once I get the dump/report + uploaded.

Thanks for the prompt response.

I had a crash today at 12:12 EST I believe according to the timestamps. I’ve pushed the CIS report and memory dump to onedrive (1.2gb/1.6gb). They’re still uploading at the moment, but once they’re done they will appear. It was at 1.5gb/2.7gb at the time of the post, should be done in a couple minutes.!AqQK0JYKMulBxS5WKfUqII2TB_yS


Thanks for the info I have submitted your link into the tracker and previous submitted dumps are under investigation.

If it happens again, try BlueScreenView Blue screen of death (STOP error) information in dump files. I used it and found a windows update caused my problem. The download links are toward the bottom of the page.

I’m well aware of Bluescreenview and whocrashedit; however both pointed in no particular direction between 2 computers with similar physical/software setups. Upon removing comodo CIS the bluescreens stopped, as mentioned in the original post. It kinda points to comodo having an issue with a new amd ryzen/chipset driver, but that’s pure speculation.

I’ve uploaded another memory dump from noon today to my google drive (ran out of space on onedrive). (The computer was inactive from the previous night → 2pm today, it crashed inbetween)

Ok I let them know of the crash and dump from a computer that was inactive. They have previously said to re-name c:\windows\system32\drivers\cmdguard.sys reboot and check issue again. Do note that CIS will warn indicating that HIPS is not functioning properly, this is normal. I’m guessing they want to narrow down the driver that might be the cause of the BSOD.

I’ve done as asked, also renamed the latest dump at 11:36. Do you want me to bother uploading that one? That would be before this change.

No only upload a dump if you get another crash after renaming cmdguard.sys

I see just came out (today…). Do you want me to upgrade or hold on the version I’m on? No BSOD yet.

It always best to try with a newer version just in case it might be fixed without realizing. So I guess you can update normally and check, if it happens again rename cmdguard.sys and check again, then if after rename you still get crashes provide dump.

Sounds like a plan, fingers crossed.

Crashed at 5:56 EST. The memory dump and cis report is uploaded to my google drive (cis was still going while posting this) right now and interestingly enough the upgrade did not replace the missing cmdguard.sys, its still renamed and “missing” to comodo.

So cmdguard.sys was never active before or after upgrade and still crashed? That is interesting to say the least and it was never replaced.

Correct and it did not get replaced. Comodo did say it needed me to reboot again as well but I’m not sure why.

I wanted to hold off to confirm it was still crashing with cmdguard.sys missing, which it is.

I renamed the file, reboot, and after a reboot the cmdguard.sys gets replaced now after a few minutes of being logged in and comodo asks for me to restart. I’ve confirmed HIPS is displaying the “is not functioning properly” still upon booting after the crash. So, cmdguard.sys missing still crashes. Both files are uploading, memory dump from 4/26 6:16am est and the cis diag report from 8am.

I uninstalled CIS as of 5pm yesterday and I have yet to see any crash. Is there anything you guys want me to try to do? I’d rather not let my PC sit there crash constantly.

Going on almost 6 days now steady uptime without CIS.

They said dumps were investigated and it seems BSOD is not caused by CIS. They asked if it still occurs without CIS in which I explained that once CIS was removed you could keep system running for 6 days straight without a crash.