Crashes over and over again after installing CIS

Hi,

Did a clean install from CIS 3.9… Following the advice I ran the scan in this process and it came up with three malware files which I agreed to remove; no idea anymore which ones. Probably removed something important!!!

After that I restarted my computer but it crashed again and again, as in a loop. Used the “last known good configuartion”-option and it started. Than I received a message from Windows Security Center that I had no AV and Firewall installed. I clicked the CIS shortcut and it said that it was still initializing CIS, so I waited for it to end. Than it said I had to run the Diagnostic tool since something looked wrong, after which I was informed “the program” should fix my problem and should restart the computer again. The same happened as before: crashes, went through the same procedure but I ran checkdisk in between, and the computer ran again but the same errors came up. So it started again as from the beginning.

I haven’t done a clean install fore the second time since I hope it is possible to restore the files I deleted but I cann’t figure out how.

In short: the system doesn’t restart properly; CIS is “installed” but doesn’t work.

Any help is much appreciated.

Hi

That seems the case, check the antivirus logs or just post them on the forum that should tell us what was removed
and maybe fix the problem.

Thanks for the quick response.

..check the antivirus logs..

You mean View Antivirus Events? Nothing in there… unfortunately.

Anymore ideas/suggestions??

Try looking in the defence+ events. If you blocked something important there you could also have problems.

Hi tcarrbrion,

Nothing there as well, …unfortunately. Actually in none of the possible logs I can find there is something showing.

Thanks anyway and hope you or someone else have other suggestions still.

Have you any other security programs installed that might be conflicting?

I don’t think so. Personally I think the problem is caused by one of the files I agreed to remove but I was too fast in doing that so … no idea which ones they were. If the computer starts up again normally I will do a clean install of CIS, but how do I get it working again??

Thanks again.

First try Safe mode, Turn on your PC and start presing the F8 key this should work in getting you to uninstall CIS and do a clean isntall (its up to you if you want to select bettween Safe Mode with or without Network)

Also if you do manage to get loged on do this

Start > Run > type in “Eventvwr.msc” with out the quotes > OK

You will see Under Even Viewer, Application, and System logs, right click on both and select “Save Log File As”
Save anywhere, any name is ok and upload it to the this Topic.

oh and its ok to see some warnings and some errors in these log files.

Hi OmeletGuy,

Will follow your instructions tomorrow morning, since it’s a late here now and let you know the results.

Thanks…

Okay this is what happened:

Restarted in safe mode, produced the logs, which I will attach, uninstalled CIS 3.9…, restarted in safe mode and installed CIS 3.9… While doing the recommended scan, received an error saying that Comodo ran into a problem and had to stop. I siad ‘yes’ and next a message said that the installation was finished succesfully. Restarted and chose ‘last known good configuration’. Computer starts up like it should and I get a Comodo message saying that my installation for the Firewall uses an old format and do I want the new one, yes, and I want it now: yes. Every one to two minutes I receive the same question so I click ‘no’. Next the CIS screen opens but without the AV in it. Firewall isn’t running properly so I run the Diagnostic tool , approve to fix my problem etc…, like in my first message in this topic. Since Windows Security Center doesn’t show a FW and AV, I have turned on the Windows FW for the moment.

Thanks in advance.

[attachment deleted by admin]

… and the system log.

Note: could not attach the original .evt logs so saved them as .txt files.

[attachment deleted by admin]

I have the exact same BSOD problem:

15/05/2009 12:51:22 Save Dump Informations Aucun 1001 N/A YOUR-AB6CD29F8E L'ordinateur a redémarré après une vérification d'erreur. La vérification d'erreur était : 0x1000007f (0x00000008, 0x80042000, 0x00000000, 0x00000000). Un vidage a été enregistré dans : C:\WINDOWS\Minidump\Mini051509-02.dmp.
after automatic update, and also after clean install. Here is the analysis from my dump file:
******************************************************************************* * * * Bugcheck Analysis * * * *******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it’s a trap of a kind
that the kernel isn’t allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a portion of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 00000008, EXCEPTION_DOUBLE_FAULT
Arg2: 80042000
Arg3: 00000000
Arg4: 00000000

Debugging Details:

BUGCHECK_STR: 0x7f_8

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

PROCESS_NAME: winlogon.exe

LAST_CONTROL_TRANSFER: from 8054c9eb to 805465c3

STACK_TEXT:
f6a21018 8054c9eb 72747052 00000508 00000000 nt!ExpInsertPoolTracker+0x20
f6a21080 f728e131 00000000 001f001d 72747052 nt!ExAllocatePoolWithTag+0x809
f6a21094 f586251d f6a210ac 00000500 72747052 NDIS!NdisAllocateMemoryWithTag+0x13
WARNING: Stack unwind information not available. Following frames may be wrong.
f6a210b0 f5860813 f6579394 00000344 86272b00 cmdguard+0x951d
f6a210f0 f586095f 00010024 00000081 00000000 cmdguard+0x7813
f6a2114c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a211a8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21204 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21260 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a212bc f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21318 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21374 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a213d0 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2142c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21488 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a214e4 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21540 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2159c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a215f8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21654 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a216b0 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2170c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21768 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a217c4 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21820 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2187c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a218d8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21934 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21990 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a219ec f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21a48 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21aa4 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21b00 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21b5c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21bb8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21c14 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21c70 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21ccc f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21d28 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21d84 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21de0 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21e3c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21e98 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21ef4 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21f50 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a21fac f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22008 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22064 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a220c0 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2211c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22178 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a221d4 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22230 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2228c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a222e8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22344 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a223a0 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a223fc f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22458 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a224b4 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22510 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2256c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a225c8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22624 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22680 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a226dc f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22738 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22794 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a227f0 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a2284c f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a228a8 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22904 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22960 f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a229bc f586095f 00010024 00000081 00000000 cmdguard+0x795f
f6a22a18 f586095f 00010024 00000081 00000000 cmdguard+0x795f

STACK_COMMAND: kb

FOLLOWUP_IP:
cmdguard+951d
f586251d ?? ???

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: cmdguard+951d

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: cmdguard

IMAGE_NAME: cmdguard.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4a048e55

FAILURE_BUCKET_ID: 0x7f_8_cmdguard+951d

BUCKET_ID: 0x7f_8_cmdguard+951d

Followup: MachineOwner
---------

Sorry this is probably not of much help to this thread at the moment, but I am trying to find a link to download older version that was working for me (3.8.x.477), however all download links for older versions are gone on this forum …

I just saw a post by a staffer saying a fix for the issues will be put out today

I think my work is done

CIS acualy did a scan in SAFE MODE???

And the logs were giving me somewhat of a problem its in french i dont know french. LOL

Hi OmeletGuy,

I think my work is done

You mean to say that this is it?

CIS acualy did a scan in SAFE MODE???

No idea, since Comodo stopped because of a problem. Furthermore AV isn’t on my computer anymore, so in conclusion I don’t think a scan has been done.

My problems still are:

  1. deleting a ,probably, false positive, which caused/causes the crashes;
  2. CIS isn’t functioning at all.

Any help is much appreciated.

Hi OmeletGuy,

And the logs were giving me somewhat of a problem its in french i dont know french.

For my understanding: I think I should be looking for a file that is deleted. Which one could that be? I don’t think I can find that info in the logs, right?

Thanks in advance.

I was hoping for some error, like File missing cant find it.

Well i think it was a critical file you deleted. If you have a second computer on the same Service Pack with the same updates, you can try to copy C:\Windowns\System32 folder to a disk or USB thumb drive and then move them to the PC with the problem.

That all the help i can give you.

Edit: try a system restore if its truned on. Ask if you dont know how to do it.

Hi OmeletGuy,

Will try that.

That all the help i can give you.

Thanks for that, it’s much appreciated.

Hi,

For almost a week I’m trying to install the latest version of CIS. Used a link at this forum before, which is gone now by the way, and today used Comodo’s official link. This downloaded 3.9…507 version, which is strange since I read there is allready a 3.9…509 version.

6 or 7 clean installs didn’t do the job, so maybe CIS isn’t meant for me. After installation was completed and the computer restarted it crashes and gives me a blue screen which disappears very fast.

Thanks in advance.

3.9…509 doesn’t make any difference: same problems!! ???