Crashes after installing SP1 on Win7 x64

Yesterday I installed Service Pack 1 for Windows 7 Home Premium x64. Since then, I have experienced a number of crashes where the computer locks up and I have to reboot (It starts with Firefox not responding, then I can’t start Task Manager, soon after that nothing works). Entries in the Windows Application log made just before the crashes appear to implicate Comodo. I will include them here:

Log Name:      Application
Source:        Application Error
Date:          5-3-2011 0:31:36
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Description:
Faulting application name: cmdagent.exe, version: 5.3.45685.1236, time stamp: 0x4d348b32
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000002dea67c
Faulting process id: 0x3d8
Faulting application start time: 0x01cbdabacb9c38f1
Faulting application path: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Faulting module path: unknown
Report Id: 8b6b8a86-46b7-11e0-bdb1-00247ef28316

Log Name:      Application
Source:        Application Error
Date:          4-3-2011 21:44:05
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Description:
Faulting application name: cmdagent.exe, version: 5.3.45685.1236, time stamp: 0x4d348b32
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000000680a67c
Faulting process id: 0x3bc
Faulting application start time: 0x01cbda6c92fe6733
Faulting application path: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Faulting module path: unknown
Report Id: 24f62a13-46a0-11e0-91c8-00247ef28316
Log Name:      Application
Source:        Application Error
Date:          4-3-2011 13:54:49
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      TRIBYTE
Description:
Faulting application name: cmdagent.exe, version: 5.3.45685.1236, time stamp: 0x4d348b32
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000000000680a67c
Faulting process id: 0x3e0
Faulting application start time: 0x01cbda681b770ea1
Faulting application path: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
Faulting module path: unknown
Report Id: 96911e7e-465e-11e0-8225-00247ef28316

Is anyone else seeing these problems? What can I do to prevent it? Can someone confirm this is a problem with Comodo and if so, fix it?

Running CIS 5.3.181415.1237

(And I don’t mean to be rude, but please don’t blindly suggest reinstalling anything unless you have an actual reason to believe it will fix things.)

Hi Ibyte. Can’t solve your problem, but interested that you get this error code. I’ve had similar experience since installing SP1 with a couple of programmes crashing (tho’ not the whole system or related to Comodo :-\ )

All I found out so far is that the error 0xC0000005 is generated by an illegal “memory access violation”. Seems DEP related, i.e. applications that attempt to violate DEP will receive an exception with status code STATUS_ACCESS_VIOLATION (0xC0000005).

I use EMET for DEP and these programs worked fine before SP1 so I’m interested in the solution too :slight_smile:

That might be a worthwhile clue here. I do indeed use EMET to enforce DEP for most programs, which worked fine before installing SP1 (with a few exceptions, which I fixed by making them DEP-exempt in the EMET config).

I saw a similar crash today, including one of those cmdagent log entries.

I could try tinkering with the DEP settings, but I would not prefer that to be a permanent solution, as that would require me to wrap my head around the irony of security software (Comodo) requiring me to lower security settings…

In some senses, is having DEP on and running Defense+ doing the same thing? [Do you use UAC?]

I have to admit, I run DEP (on full settings on my XP machine) with my Defense+ without any issues, but your post has got me thinking that maybe I could lower my DEP settings and have Defense+ alert me when a program tries to do something naughty.

mmm :frowning: Tried that with my crashers. Unticked DEP for them both in EMET — made no difference. Could, I suppose, change System DEP to opt-in or opt-out? But no idea what that does to security of everything else. :-[

Comodo is fine for me. Whatever problem SP1 inflicts is a sneaky little sucker.

Beats me :slight_smile: I use UAC on full with secure desktop. But problem only started after SP1… that I do know.

I’m slow but i get there sometimes.

Wilders told me to change the EMET system setting for DEP to Opt-Out from Always On. That way unchecking my miscreant apps could actually achieve something. Duh.

Works! ;D

Guess it’s rubbing salt in your wounds if that’s what you already did? Sorry…I’ll exit now. >:-D

Well, adding the Comodo file to the DEP exclusions in EMET doesn’t fix it. Firefox doesn’t have to be running for it to crash either. I was still examining the logs of the last crash when my system locked up again. (So it’s starting to get rather annoying…)

Shutting down Defense+ doesn’t fix it either. I’ll lower DEP to Application Opt-In and see whether that reduces the number of crashes for the time being, meanwhile looking for a better fix.

Using EMET, I’ve set the DEP setting to Always Off (although the Windows Task Manager still lists DEP as Enabled for several processes, even after rebooting). Crashes continue; I’ve experienced 21 crashes generating a cmdagent.exe log entry over the past 8 days.

The next thing to try appears to be uninstalling SP1, although that should be a temporary fix as well, of course.

Uninstalling Service Pack 1 for Windows 7 did not fix the problem. As crashes occurred minutes after or even during boot, I’ve had to uninstall CIS for now.

(People may be wondering why I’m replying to myself. I am creating a public record of the troubleshooting steps I’ve tried, so it can be included in bug reports or support requests.)

Hey :slight_smile:

download the SP1 on your computer, disable AV realtime protection and install SP1. tell me if this helps

Regards,
Valentin N