JPSoft's Take Command v15 crashes on startup [M386] [v6]

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?:
    This happens every time, without exceptions. Unless I unistall CIS, or disable cmdGuard.sys driver, which renders CIS unusable
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    Install latest Take Command x64 (v15 as of now) from http://www.jpsoft.com. Try to run tcc.exe. If you run tcmd.exe it will start but tcc.exe inside it will immediately crash in same manner.
  • If not obvious, what U expected to happen:
    Obvious.
  • If a software compatibility problem have U tried the conflict FAQ?:
    Yes. Did not help.
  • Any software except CIS/OS involved? If so - name, & exact version:
    No. It happens on clean OS install + latest CIS
  • Any other information, eg your guess at the cause, how U tried to fix it etc:
    The only way tcc.exe will run is if I uninstall CIS or disable cmdGuard.sys driver and reboot. I tried changing CIS configuration to each of 3 types supplied (clean install), entirely disabling HIPS, Sandbox, Antivirus and Firewall. Nothing helps.
  • Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware)
    Attaching Windows Debugger report and Windows crash dump file.
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration:
Product version: 6.1.276867.2813
Database version: 16155
[Mod edit: Happens with all configs]

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
    Any combination will cause crash.
  • Have U made any other changes to the default config? (egs here.):
    No.
  • Have U updated (without uninstall) from a CIS 5?:
    No. It is clean install.
    [li]if so, have U tried a a clean reinstall - if not please do?:
    Yes.
    [/li]- Have U imported a config from a previous version of CIS:
    No. Happens with all 3 stock configurations.
    [li]if so, have U tried a standard config - if not please do:
    Yes.
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
    Windows 8 Pro x64, default UAC setting, Administrator account
  • Other security/s’box software a) currently installed b) installed since OS:
    a=None
    b=None
    [/ol]

[attachment deleted by admin]

Removing CMDguard disables CIS as cmdagent typically does not start, so we would strongly advise against this.

Before we process this further, you try the FAQ for winsshd? Please reboot after making the changes suggested.

https://forums.comodo.com/defense-sandbox-faq-cis/making-winsshd-work-with-cis-v5-v6-t92898.0.html;msg451429#msg451429

I did mention that in my report, didn’t I? :wink:

Yup. Did that. In fact I disabled shellcode injection detection altogether. Didn’t help.

Thank you very much for your bug report in standard format. We very much appreciate the effort you have made to document this bug.

We are sorry to trouble you further but there are some items of information missing or unclear in your post:

  • Please append your complete ‘watch activity’ active process list
  • Please append a CIS diagnostics report

The reasons we need these items of information, though they may not seem directly relevant to the issue are explained here.

We would be very grateful if you would add these items of information so we can forward this post to the format verified board, where it is more likely to get fixed. You can find assistance using red links in the Format and here. If you need further help please ask a mod. If you do not add the information after a week we will forward this post to the non-format board. If this happens we will tell you how to rectify this if you wish to.

In the current process we will normally leave it up to you whether you want to make a report which includes all necessary information or not. We may remind you if we think a bug of particular importance.

Many thanks again

Mouse

Missing files added to original report.
Bear in mind that this is not clean install of Windows 8 any more. I installed other software after original report. But problem is still present, nevertheless.

Thanks, much appreciated.

Before forwarding, just to check that you have tried exempting the program’s directory from the behavior blocker and BO protection at the same time.

Sorry to ask - you almost certainly have as you have been very thorough, but I have to check!

Best wishes

Mouse

Yes, it is excluded from behaviour blocker and shellcode injection (buffer overrun). In fact, HIPS can be disabled altogether and it still happens. Same with Firewall and Antivirus. I can disable all three modules and tcc.exe will still crash.

Thank you very much for your report in standard format, with all information supplied. The care you have taken is much appreciated by Comodo, and will increase the likelihood that this bug can be fixed.

Developers may or may or may not communicate with you in the forum or by PM/IM, depending on time availability and need. Because you have supplied complete information they may be able to replicate and fix the bug without doing so.

Many thanks again

Mouse

Hi 753951,
I’m sorry for the late reply.
Yes, it is a CIS bug and we will fix it in the next release version.

Thanks for the feedback,
Best Regards

Thank you for confirmation. Is there anything I can do in the meantime? Like changing some options?

Hi 753951

I’m sorry not to my knowledge, and Flykite is not normally able to help users directly.

QA have lots of Bugs to fix!

Sorry about that.

Best wishes

Mouse

I can confirm that bug is fixed in version 6.2.282872.2847. Thanks.

Thank you very much for checking this.

I will now move this to Resolved. Be sure to let us know if you experience any other problems.