Defense + scan crashing pc

Download an update yesterday and followed the install wizard. When it suggested scanning for malware I said yes. Part way through the scan my pc rebooted without warnin. Tried again - same thing. Any help welcome

Greetings!

I think you’re a victim of the BSoD, so follow the steps in this thread and post your minidump file there, so that the developers can take a look at it.

I guess this is link to v2 BSOD thread. So proceed to this thread instead.

Yeah, you’re right.

If your pc is clean and you know it is no reason to run the scan just install which is what I do.

Yes, that’s true. But it would be nice if johnyysmith posted a minidump, so that we maybe can avoid similiar problems in the future.

True. I have never ever had a BSOD ever. Most BSOD’s are drive conflicts or software conflicts. I always use Revo Uninstaller in Advanced mode and use Registry Mechanic to keep my system at top speed. People install this and install that and uninstall this and uninstall that but never make sure that all files are gone. Look in your msconfig folder and you will see some left over entries or even in services.msc. I use to use ATI video cards till I blew up 2 of them cause they cant take over clocking. I switch to Nvidia and had a hard time booting up at first. I went into windows services and found that ATI drivers were still trying to start up. I cleaned out all entries and I booted up just fine.

Thanks for the interest guys. I can’t post a minidump yet as I don’t log crashes and I have bsod turned off so the pc simply reboots.

[

If your pc is clean and you know it is no reason to run the scan just install which is what I do.

(:TNG) Don’t be so silly. How do you know you are clean? Because your av or as says so? Lol. Try running different ones and you might be surprised

No I am not clean which is why I ran the scan. My pc has been infected for a couple of months and I have tried every ■■■■ thing to get it sorted out - except posting up on castlecops or similar forum. Dont waste your time asking or posting suggestions. No offence intended but I repair infected pc’s and the problem I have is not reported anywhere on the internet. But I will sort out a minidump tomorrow, after a maxi dump, and post up after another scan

If your pc is infected then you need to address that first before putting blame on Comodo for your boot up issues. I use NOD32 in real time mode and use SuperAntiSpyware and Spybot as on demand scanners. I have never been infected in over 5 years. I also fix pc’s on the side and I have never ever not gotten a machine clean. I install NOD32 and run a full in depth scan. Then I run SAS and Spybot. I have fixed all pc infections this way. Also at times had to use Hi Jack this to find problems. Worse comes to worse then reformat. Posting a problem about D+ on an infected,non clean, improperly running machine is absurd.

Are you using Vista? One thing to check is that all of the xxxx.cav files in program files/comodo/firewall/repair are also in firewall/scanners. Should be 6 of them. There have been a number of reported scanner installation problems in Vista. Shouldn’t cause a BSOD, but worth checking.

True sled. I have heard of this. I am a XP user at heart and always will be. The poster said his pc is infected.

Sorry haven’t found time to sort this out today

I use XP and also have NOD32 which is the reason I know I have an infection. I am regularly getting a NOD32 AMON message warning of files ff.bat, run.vbs, arp.bat and startrun.vbs being a form of TrojanDownloader.AgentTrojan. Yes I also use SpyBot, AdAware, AVG AntiSpyware, and every other major and minor AV and AS programs (installable and online scanners) I can lay my hands on - in other words all of them. NOD32 reports the problem once every day. It seems that it presents the trojan payload from installing in the root of C: but does not touch/find the trojan itself

Posting a problem about D+ is hardly absurd. Should it only be used on clean machines? Then what would be the point of it. The purpose of posting is to alert the developers to a problem that needs to be sorted out.

If all you do to clean an infected machine is run the above programs then you are deluding yourself that you have properly disinfected customer machines fully. And also deluded yourself that you have never been infected yourself. Running only one AS program and a couple of AS programs only tells you that those programs have not found anything. It is an absolute that not all problems are found by any one program - no matter how good. On occasions I have had to clean badly infected machines by running up to 6 antivirus programs, and as many AntiSpyware programs. In addition any remaining persistent nasties have to be rooted out manually sometimes. Some of the progs report nothing found. That is not because those progs are bad but simply that they dont find everything

Oh and my problems are not boot up issues. If you notices my original message the problem is that during the installation of Comodo running the scan causes a REBOOT

Comodo is installed and running fine - but I wont be touching the ‘Scan My System’ in D+ for the time being

You need to address the obvious first. You pc is infected so start there. I am a GM Master Certified Technician and I specialize in vettes and diesels. I had a customer with a diesel truck complaining of a hard start and smoke. I checked his fuel and it was contaminated. I told him we had to start with clean fuel first before we start replacing parts. My point. Start with a clean system if you want to diag your problem properly.

Sorry but I’m not going to wipe my disk to get rid of a minor infection. Bit likes saying chop off your head to cure a cold. I don’t think you can apply a mechanical analogy to a software problem like this. If the Comodo scanner is to be effective it should not crash my system during a scan. Saying I should make sure I am not infected before doing a scan for infections …words fail me. Please stick to vettes and diesels

But all this discussion has stimulated me to take the time to check this out a bit more. My NOD32 log reports like this:

Time Module Object Name Threat Action User Information 15/02/2008 12:34:19 AMON file C:\run.vbs probably a variant of BAT/TrojanDownloader.Agent trojan NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\COMODO\Firewall\cmdagent.exe. The file was moved to quarantine. You may close this window. 13/02/2008 16:55:32 AMON file C:\run.vbs probably a variant of BAT/TrojanDownloader.Agent trojan NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\COMODO\Firewall\cmdagent.exe. The file was moved to quarantine. You may close this window. 11/02/2008 18:28:50 AMON file C:\run.vbs probably a variant of BAT/TrojanDownloader.Agent trojan NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\COMODO\Firewall\cmdagent.exe. The file was moved to quarantine. You may close this window. 10/02/2008 12:00:29 AMON file C:\run.vbs probably a variant of BAT/TrojanDownloader.Agent trojan NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\COMODO\Firewall\cmdagent.exe. The file was moved to quarantine. You may close this window.

So I guess that part of my problem is NOD32 not working with Comodo :o

I have used NOD32 2.7 and NOD32 3.0 along with Comodo and no conflicts at all.