After deciding my P.C. was busted so bad it would never work again
( I knew cmdagent was stealing 100 % CPU but could not use Google to find out why )
I restored C:\ from an Acronis backup image and was relieved that the 100% CPU bug was removed.
(I had feared that a hardware defect might need repairing.)
I found the Internet was terribly slow and intermittent, and was unable to access any information about Internet problems.
I viewed the Firewall Internet Connections, and saw a few things listening, but nothing much happening.
I again feared that a hardware defect might need repairing.
I launched DigiGuide and it only knew the T.V. programmes scheduled one month ago. I told it to update and it bombed several times. Eventually it retrieved data and told me there was 2.3 MB to download, and then the progress bar showed spasmodic activity at around 500 bps on a 2.7 Mbps connection.
After half a day trying to recover from the 100% CPU overload, I then had a flaky Internet,
and suspected that perhaps the 100% CPU was due to damage caused by failure of “something” to safely roll-back a transaction that had been disrupted.
I had another look at Firewall Internet Connections and immediately saw that cmdagent was now hogging the entire Internet, and after about 1 hour it had downloaded 100 + MBytes, and then it was finished and the whole Internet was available, and the DigiGuide download jumped from 500 bps to 1 Mbps.
I then found that cmdagent had been downloading bases.cav.
I was happy with the expected installation delay when full download of bases.cav was followed by a system scan.
I am happy with the negligible delays that I have never noticed when a partial update occurs.
I am NOT happy with a totally unexpected full download delay using the entire Internet bandwidth for a full download when only a partial update is appropriate.
Will similar aggravation occur whenever the computer starts after a few weeks powered down ?
Was that aggravation due to the aftermath of the 100% CPU fiasco upon the Comodo servers.
Please note that my P.C. knew nothing of that fiasco after a BOOT CD restored on C:\ the previous Acronis image, though I suppose pagefile.sys and hiberfil.sys might have retained some “ancestral knowledge”.
Was that aggravation a consequence of Comodo disrupting CryptSvc and corrupting CatRoot2 etc. ?
I am also a victim of https://forums.comodo.com/empty-t45568.0.html;new;topicseen#new
Immediately after the Acronis image was restored to C:\ the event logs started at
07/10/2009 20:47:22 Event Source: EventLog Event ID: 6009
07/10/2009 20:47:22 Event Source: Security Event ID: 514
07/10/2009 21:02:24 Event Source: crypt32 Event ID: 7
There were 50 off crypt32 error events, each preceded by a crypt32 information event.
The first two were 20 seconds apart, but thereafter the information and error events were in the same second.
There were about 50 events in 25 pairs from 21:02:24 to 21:03:37
and another 50 events from 21:46:19 to 21:46:51.
I guess the sequence number needed less than one Internet packet and came quickly enough,
but the root list cab needed a lot more and horrendous internet delays caused a time-out and error and multiple retries.
I guess that may have been because Comodo wanted to validate the signature database it hoped to download.
The complete information for the first two crypt32 events is below.
Regards
Alan
Event Type: Information
Event Source: crypt32
Event Category: None
Event ID: 7
Date: 07/10/2009
Time: 21:02:24
User: N/A
Computer: ACER-311VPBCEH0
Description:
Successful auto update retrieval of third-party root list sequence number from: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
Event Type: Error
Event Source: crypt32
Event Category: None
Event ID: 3
Date: 07/10/2009
Time: 21:02:44
User: N/A
Computer: ACER-311VPBCEH0
Description:
Failed auto update retrieval of third-party root list cab from: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab with error: This operation returned because the timeout period expired.
p.s. dberr.txt errors for 07/10/2009 were :-
CatalogDB: 20:48:17 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 20:48:20 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 20:48:31 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 20:48:32 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 20:57:48 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 20:58:01 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 20:58:03 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:02:19 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:03:19 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:03:23 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:03:37 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:42:45 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:47 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:48 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:49 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:50 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:51 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:51 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:51 07/10/2009: File #2 at line #1236 encountered error 0x00000057
CatalogDB: 21:46:51 07/10/2009: File #2 at line #1236 encountered error 0x00000057