I’m having a serious problem. I just did a windows update last week sometime and everything went fine. By the way I uninstalled Comodo for the time being because the only way I could connect to the update site was by uninstalling the firewall. Anyway after doing a restart I installed the firewall back on my computer and then did a restart after that. This is where the problem comes. I get this error message which says:
Generic Host Process for Win32 Services is trying to connect to the Internet. What would you like to do?
Details
Application svchost.exe
Remote IP: 239.255.255.250 Port: upnp-meast(1900
Parent services.exe
Security Considerations
svchost.exe has the component wbsys.dll in its memory [b]loaded by a registry based (AppInit_DLLs) hook which could be used by keyloggers to steal private information. [/b] Please verify wbsys.dll is a valid library before proceeding with the request.
and then 5 seconds after that message pops up my system restarts. (Also wbsys.dll is nothing serious it is a file part of my windowblinds program. OK I just think it’s a one time error. Well it isn’t, after several reboots the problem remained the same, constant reboots all the time. So I had to uninstall comodo in safe mode and apparently that fixed the problem. Anyway after uninstalling comodo in safe mode and rebooting I get a system error message saying something about DEP (Data Execution Prevention). This message keeps popping up until I disable DEP. It should be noted that after I did my windows update I uninstalled .NET Framwork 1.0 and 2.0. I already had 3.0 so I didn’t see any use for these old versions. Anyway I don’t know if that could be part of the problem but I just wanted to give that info anyway. Right now I am without a firewall and comodo is the only one I want installed on my computer. Please Help.
OS:
WinXP SP2
Thanks in advance.
Wow, I’m glad we have such an important person frequenting our forums. For 24 hours, at least! ;D
Question 1. Did you respond to the Alert about wbsys.dll loading into memory? If so, what was your response?
Question 2. Why did you uninstall CFP to update Windows, instead of setting to Allow All? (btw, the primary reason for such an issue is that svchost has been blocked instead of allowed)
Question 3. Did you uninstall the .NET frameworks before or after reinstalling the FW and having this issue? (btw, .NET doesn’t work like other updated software; different software requires different versions to run - you may need all three versions, depending on what’s using .NET on your machine)
Question 4. After uninstalling CFP (before reinstalling it) did you run any registry cleaner application?
And finally Question 5. What other security applications do you have installed, that are Active (give Real-Time protection)?
LM
Well thank you. Everybody needs help with something, even Jack Bauer. (:KWL)
Answer 1. Yes I did respone. But I had to do it quickly before a reboot. I allowed it and still a reboot. I denied it and still a reboot.
Answer 2. I know that the primary reason for comodo not allowing access to the update site is because of svchost. It’s been allowed and I still have a problem connecting to the site so the only way was to uninstall the firewall to gain access.
Answer 3. I think I uninstalled it before reinstalling the FW and you might be right about having all 3 versions of .NET Framework installed on my computer.
Answer 4. No I don’t even have a registry cleaner installed on my computer. If you know of a good free program please let me know.
And finally Answer 5. I had only Prevx 2 and AOL Active Virus Shield active during the time of reinstallation. BOClean and spyware terminator are installed but were not active at that time.
I’m not Jack Bauer, not very important, so I guess that’s why no one has bothered to answer MY help request in this forum from 2 days ago (about the same time as your post Jack).
Anyway, glad you’re getting some help at least!
Regards,
Alex
I don’t want to get off topic here, but let me recommend CCleaner and RegSeeker. They’re very useful, and quite safe. Just remember to backup what you delete! 
http://www.hoverdesk.net/freeware.htm
/LA
JB, there are known (strange) issues with AOL’s AVS (and the full Kaspersky version, KAV) and CFP (along with a lot of other FWs). If you’ve got that installed, we may have found the source of the troubles. It’s known to cause all connections to be blocked (without it showing in CFP’s logs), and all kinds of other strange problems. The best test would be to uninstall FW & AV in SafeMode (one at a time), and then (again in SafeMode) reinstall the FW. Then see if the troubles continue.
Alex, I’m sorry nobody responded to your question. We try to do so within 24 hours, but sometimes we miss the mark. PM me a link to your question and I’ll get on it…
LM
Thanks Mac that worked! But I have another question all this time DEP was turned off ever since I encountered this problem, so do you think it would be safe to turn it back on now? Also would you suggest that I reinstall versions 1.0 and 2.0 of .NET Framwork just in case in the future some programs may need it? By the way is there anything you know of that I can do to solve this AOL AVS and CPF conflict thing?
and one more thing. How do I resolve the issue with CPF not allowing me to access the windows update site? I tried to fix it in the past by allowing svchost but it still doesn’t work. Any other suggestions?
DEP serves a definite purpose; I’d reactivate it. If it causes problems, then you can turn it back off; otherwise, leave it on.
On the .NET Framework question, you can go either way on it. A lot of folks consider it to be a security risk in general, and won’t install it (or uninstall, if already installed), unless they absolutely need it. It’s certainly not something everyone wants or needs. In my experience, there aren’t a lot of applications (for the average user) that require any of it. I guess my recommendation would be only to reinstall it if you find you need it.
The AVS & CFP conflict has been acknowledged by Comodo development, and they are working on it for the next version of CFP (v3). They have not elaborated on the cause, but they have said that they are hoping the final release of v3 won’t be “susceptible” to the issue (their word, not mine). AFAIK, there currently isn’t a workaround for it. Some users have found relief by installing the FW first, then the AV. Some have had it by doing the opposite. One recently reported that an update to KAV (the regular Kaspersky version) version 7.125 (which I think is currently only a Beta release) solved the problem. Personally, I think it’s a roll of the dice… whatever causes the conflict sometimes does it, sometimes doesn’t. Wish I had a better answer for you, but at least we know it’s being worked on.
For Windows Updates issues, you might look at these threads, from the FAQ/Threads - Read Me First thread.
Windows Updates Doesn't Update
https://forums.comodo.com/index.php/topic,1632.0.html
https://forums.comodo.com/index.php/topic,1702.0.html
https://forums.comodo.com/index.php/topic,1955.0.html
https://forums.comodo.com/index.php/topic,6518.0.html
https://forums.comodo.com/index.php/topic,6579.0.html
https://forums.comodo.com/index.php/topic,6836.0.html
https://forums.comodo.com/index.php/topic,7866.0.html
Hope that helps,
LM
Guess I’ll wait til V3 of CPF. Anyway I found this strange, since I was without an AV program on my system I installed another one. I installed avira antivir with CPF already installed with no problem. However after performing an update it rebooted within a minute of startup, just like it did with AOL AVS installed. So basically AOL AVS is not the only one that conflicts with CPF avira does too. But what’s really weird about it is that I had antivir and CPF installed for a while without the routine automatic reboot. I update antivir and boom, REBOOT! Could it be something in the virus definitions that causes this problem? Can I install ANY AV program?..This sucks. (:AGY)
I’ve run Antivir & CFP w/o any problem. In fact, the only AV of which I’m aware of issues is the Kaspersky/AOL one.
It’s possible (even probable) that what you’re looking at results from residual remains of AVS that are causing ongoing problems.
Do you have a registry-cleaning program? If not, I suggest downloading either ccleaner or RegSeeker - both are free, and will do a pretty good job for you. Both give options to back up the registry prior to removing any entries, which is an absolute must.
I would suggest uninstalling Antivir in SafeMode (so as to minimize conflicts), and reboot into SafeMode. Clean up the registry using the cleaning program, then reboot into SafeMode again. Reinstall Antivir.
Hopefully that will clear up the problem.
LM