CIS causes Winstep Nexus Docking app to hang

TOPIC TITLE
CIS causes Winstep Nexus Docking app to hang

The bug/issue

  1. What you did: Nexus Docking app was installed and working properly until…
  2. What actually happened or you actually saw: Clicking on any icon in the dock causes the app to hang. It freezes. Clicking on any part of the screen causes the dock to appear white and after a few seconds windows reports that the app is not responding.
  3. What you expected to happen or see: I expected the correct program to open when I clicked on the dock icon.
  4. How you tried to fix it & what happened: I reported the issue to Winstep as follows:
    canuckjay Post subject: Nexus hangs
    Posted: Sun Feb 27, 2011 4:40 pm

Joined: Sun Feb 27, 2011 3:43 pm
Posts: 2 I am running Nexus.exe 10.9.0.921 under Windows 7 - 64 bit. The program loaded well at first and I was able to configure it properly. Recently, however, the program has run into a problem and hangs when I click on any item in the dock. The only way to stop it is to end the process in task manager.

Windows reports this (two different times):

Description:
A problem caused this program to stop interacting with Windows.

Problem signature:
Problem Event Name: AppHangB1
Application Name: Nexus.exe
Application Version: 10.9.0.921
Application Timestamp: 4caf1c2e
Hang Signature: 01ab
Hang Type: 0
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 4105
Additional Hang Signature 1: 01ab1da01d6d33602fc8b1cc8e455673
Additional Hang Signature 2: 8bc4
Additional Hang Signature 3: 8bc4de42d4890d45321bf5cda6f99dc0
Additional Hang Signature 4: 01ab
Additional Hang Signature 5: 01ab1da01d6d33602fc8b1cc8e455673
Additional Hang Signature 6: 8bc4
Additional Hang Signature 7: 8bc4de42d4890d45321bf5cda6f99dc0

Description:
A problem caused this program to stop interacting with Windows.

Problem signature:
Problem Event Name: AppHangB1
Application Name: Nexus.exe
Application Version: 10.9.0.921
Application Timestamp: 4caf1c2e
Hang Signature: 1173
Hang Type: 0
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 4105
Additional Hang Signature 1: 11730b69344ac49790b1724b47986c5c
Additional Hang Signature 2: f3c5
Additional Hang Signature 3: f3c52c7323ddc30596d3c74c0d12eccd
Additional Hang Signature 4: 1173
Additional Hang Signature 5: 11730b69344ac49790b1724b47986c5c
Additional Hang Signature 6: f3c5
Additional Hang Signature 7: f3c52c7323ddc30596d3c74c0d12eccd

I have also tried creating a dump file which reports this:

Nexus Crash Dump File

On Sun 2/27/2011 2:22:26 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Nexus (3).DMP
This was probably caused by the following module: guard32.sys (guard32!?Exported@@YAXXZ+0x802)
Bugcheck code: 0x0 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: guard32.sys .

I do not have the file guard32.sys anywhere on my computer, but guard32.dll is part of Comodo Internet Security. I tried disabling Comodo but the problem persisted. I have also tried uninstalling and reinstalling Nexus.

I then tried running the program in safe mode and it works. I then added the normal startup programs that I usually use one by one and Nexus continued to function properly. I then tried running msconfig and setting up to boot with a diagnostic boot with esssential services and drivers only and Nexus would NOT work under that setup.

Is there a way to determine what service or driver is loading that is interfering with the program?

I am stumped. Any ideas?

Back to top

winstep Post subject: Re: Nexus hangs
Posted: Sun Feb 27, 2011 5:18 pm

Site Admin

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 4448 You did a pretty good job at diagnosing the problem and answering your own question: Comodo is the culprit.

You see, even if you disable it, the device driver it depends on is still running and causing problems on your system (the device driver, however, will not load in Safe Mode, which is why you were able to run Nexus there without issues).

Personaly I use Eset’s Smart Security suite and I never had an issue with it (I’m actually a beta tester for them). Comodo, on the other hand, has been known to cause problems with 3rd party applications.

Have you tried contacting Comodo technical support about this issue? I know they are aware of Winstep applications as they have contacted me before about white listing Winstep apps in their AV suite so they are not flagged with false positives.


Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies

Back to top

canuckjay Post subject: Re: Nexus hangs
Posted: Sun Feb 27, 2011 11:40 pm

Joined: Sun Feb 27, 2011 3:43 pm
Posts: 2 Thanks, Jorge.

First let me say that I love Comodo, especially when I compare its price to Eset.

That being said, I consulted the Comodo forum to see if I could find anything there. One user suggested in the Wish List that Comodo should be made compatible with the Nexus Docking program but I saw no response to that message.

Comodo suggested reinstalling before reporting any bugs, so I tried to do that and found that there was an error when I ran the uninstall program. I completed it and then cleaned out all of the Comodo entries from the registry manually. I then ran Nexus again and lo and behold had the same problem!

I ran a dump on the Nexus file and it still said that guard32.sys was the culprit. I did a file search and found a guard32.dll file hidden in Windows/System32. When I deleted that, Nexus ran fine. Progress!

I then tried a reinstall of Comodo and when it was done the Nexus issue reappeared as before. However, there did not seem to be a guard32.dll file in the Windows/System32 folder. There was a guard64.dll file. When I did another dump check, it again showed guard32.sys as the problem and a new search for it showed that it had reappeared in the windows/syswow64 directory. Weird.

I am pretty sure that the guard32.dll file is from Comodo as I edited the content and found that there was some verisign information regarding Comodo in it, so it looks like a legitimate file installed by Comodo.

When I again tried to delete the guard32.dll file at this location, I received the message that the file could not be deleted because it was being used by the Acronis Scheduler Helper. I have Acronis True Image installed, so I disabled the two Acronis services so that no other Acronis services were running, but still could not delete this file after a reboot with the Acronis services disabled.

And that’s where it stands. It looks to me like you are right and it is a Comodo issue so I will send this information along to them in the hope that I can get some help there. I really like both Comod and Nexus but it may be that I will have to give up either one or the other.

Jay

  1. If its an application compatibility problem have you tried the application fixes here?: I have explored the application fixes without success. I have made sure that all of the Nexus files are trusted files as well as Comodo files including guard32.dll and guard34.dll.
  2. Details & exact version of any application (execpt CIS) involved with download link: The application concerned is Winstep Nexus Advanced Docking System downloaded from Welcome Winstep Nexus Dock users - CNET Download
  3. Whether you can make the problem happen again, and if so exact steps to make it happen: The problem reoccurs each time I try to run the program.
  4. Any other information (eg your guess regarding the cause, with reasons): There appears to be some incompatibility between the Nexus application and the guard32.dll file. The Nexus program runs properly if I uninstall CIS and delete the guard32.dll file.

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug:
  2. Screenshots of related CIS event logs and the Defense+ Active Processes List:
  3. A CIS config report or file. attached
  4. Crash or freeze dump file:
    Description:
    A problem caused this program to stop interacting with Windows.

Problem signature:
Problem Event Name: AppHangB1
Application Name: Nexus.exe
Application Version: 10.9.0.921
Application Timestamp: 4caf1c2e
Hang Signature: 9bec
Hang Type: 0
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 4105
Additional Hang Signature 1: 9bec22aa14b33e9681d6a1b5f52129b4
Additional Hang Signature 2: 6d44
Additional Hang Signature 3: 6d44285f3a5de7e5bb5905d69fc8bbdf
Additional Hang Signature 4: 9bec
Additional Hang Signature 5: 9bec22aa14b33e9681d6a1b5f52129b4
Additional Hang Signature 6: 6d44
Additional Hang Signature 7: 6d44285f3a5de7e5bb5905d69fc8bbdf

Read our privacy statement online:
Windows 7 Privacy Statement

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

Crash Dump Analysis


Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Mon 2/28/2011 11:31:00 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Nexus (5).DMP
This was probably caused by the following module: guard32.sys (guard32!?Exported@@YAXXZ+0x83F)
Bugcheck code: 0x0 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: guard32.sys .
Google query: guard32.sys CUSTOM_ERROR

Your set-up

  1. CIS version, 5.3.176757.1236 AV database version 7828 & configuration used: Internet Security
  2. a) Have you updated (without uninstall) from CIS 3 or 4:
    b) if so, have you tried a clean reinstall (without losing settings - if not please do)?: updated after complete uninstall and cleaning of files and registry.
  3. a) Have you imported a config from a previous version of CIS: no
    b) if so, have U tried a standard config (without losing settings - if not please do)?:
  4. Have you made any other major changes to the default config? (eg ticked ‘block all unknown requests’, other egs here.): I don’t think so.
  5. Defense+, Sandbox, Firewall & AV security levels: D+= Safe Mode , Sandbox= Disabled, Firewall = Safe Miode , AV = Stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: 7. Other security and utility software installed: Windows 7 Home Premium 6.1.7600 64 bit SP1 NOT installed yet UAC = Never Notify Account type = Administrator
  7. Virtual machine used (Please do NOT use Virtual box): none

[attachment deleted by admin]

Hey and warm welcome to comodo forums thebluejay! :slight_smile:

I would appreciate if you could take your time to make a new thread (not in the bug sector) so that members here can help.

Regards,
Valentin N

Valentin:

To what forum do you suggest that I post this? Sure looks like a bug to me! :slight_smile:

Jay

make one more then in the D+ sector.

Sorry, but I have no idea what you mean by the D+ sector.

Jay

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

WHY WE ASK YOU TO FOLLOW THESE GUIDELINES
Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation

Dennis

Dennis2,

I am a little surprised by your request as I believe that I did, in fact, follow the suggested format for bug reporting. If you take the trouble to examine the entire post, I believe that you will find this to be the case.

Please correct me if I am wrong and explain to me where I should post this item.

Thanks.

Jay

Example of what your bug report should look like.

If you wish to add extra information please do not include it in your first post.

Thank you

Dennis

TOPIC TITLE Unlimited access alerts generated for program defined as an installer/updater

The bug/issue

  1. What you did: Applied the Installer/updater policy to myprog.exe, rebooted, then ran myprog.exe
  2. What actually happened or you actually saw: Unlimited access alert
  3. What you expected to happen or see: No alert
  4. How you tried to fix it & what happened: Ticked ‘don’t ask again’ on the alert, did not work
  5. If it’s an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (except CIS) involved with download link: myprog.exe v. 5.1.005 (Beta), www.xyzwprog.com/download
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: Yes. a) Check Myprog is installer/updater in Computer Security Policy ~ D+ rules b) run Myprog from Start menu ~ All programs ~ MyProg c) Get Unlimited access alert d) tick don’t ask again and press allow e) close program f) Re-start Myprog from same location g) get Unlimited Access alert
  8. Any other information (eg your guess regarding the cause, with reasons): D+ malfunctioning under load - cpu usage was high at the time.

Files appended

  1. Screenshots illustrating the bug: Appended
  2. Screenshots of related CIS event logs or the Defense+ Active Processes List: Appended
  3. A CIS config. report or file: Appended
  4. Crash or freeze dump file: Not applicable

Your set-up

  1. CIS version, AV database version & configuration used: 5.0.1000.1135, 6770, Proactive config
  2. a) Have you updated (without uninstall) from CIS 3 or 4: Yes
    b) if so, have you tried reinstalling (if not please do)?: Yes
  3. a) Have you imported a config from a previous version of CIS: Yes
    b) if so, have U tried a preset config (if not please do)?: Yes
  4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security level: D+=Safe, Sandbox=Enabled, Firewall=Safe, AV=Stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP3, 32 bit, None in XP, Admin account.
  7. Other security and utility software installed: CAS
  8. Virtual machine used: Vmware player

Make here a thread

Thanks

Dennis2,

That is precisely the format which I used. There is simply quite a bit of detail in each answer.

Jay

Sorry but in it’s current state I cannot move it to Verified.

I will leave it here for awhile so that any Staff members may comment if they wish

Example of what your bug report should look like.

If you wish to add extra information please do not include it in your first post.

Thank you

Dennis

TOPIC TITLE Unlimited access alerts generated for program defined as an installer/updater

The bug/issue

  1. What you did: Applied the Installer/updater policy to myprog.exe, rebooted, then ran myprog.exe
  2. What actually happened or you actually saw: Unlimited access alert
  3. What you expected to happen or see: No alert
  4. How you tried to fix it & what happened: Ticked ‘don’t ask again’ on the alert, did not work
  5. If it’s an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (except CIS) involved with download link: myprog.exe v. 5.1.005 (Beta), www.xyzwprog.com/download
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: Yes. a) Check Myprog is installer/updater in Computer Security Policy ~ D+ rules b) run Myprog from Start menu ~ All programs ~ MyProg c) Get Unlimited access alert d) tick don’t ask again and press allow e) close program f) Re-start Myprog from same location g) get Unlimited Access alert
  8. Any other information (eg your guess regarding the cause, with reasons): D+ malfunctioning under load - cpu usage was high at the time.

Files appended

  1. Screenshots illustrating the bug: Appended
  2. Screenshots of related CIS event logs or the Defense+ Active Processes List: Appended
  3. A CIS config. report or file: Appended
  4. Crash or freeze dump file: Not applicable

Your set-up

  1. CIS version, AV database version & configuration used: 5.0.1000.1135, 6770, Proactive config
  2. a) Have you updated (without uninstall) from CIS 3 or 4: Yes
    b) if so, have you tried reinstalling (if not please do)?: Yes
  3. a) Have you imported a config from a previous version of CIS: Yes
    b) if so, have U tried a preset config (if not please do)?: Yes
  4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security level: D+=Safe, Sandbox=Enabled, Firewall=Safe, AV=Stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP3, 32 bit, None in XP, Admin account.
  7. Other security and utility software installed: CAS
  8. Virtual machine used: Vmware player