RANDOM BSOD’s IN COMODO FREE FIREWALL
Can you reproduce the problem & if so how reliably?:
I can reproduce the bug about 8 out of 10 times.
If you can, exact steps to reproduce. If not, exactly what you did & what happened:
1: Using RT7Lite x64 - old slipstream program to patch 64 bit Windows OS Install DVD’s
OR
2: Using NTLite x64 - a newer slipstream program to patch 64 bit Windows OS Install DVD’s
AND
3: a) Comodo Firewall is running, or b) If I Exit Comodo - that leaves cavwp.exe and cmdagent.exe running in memory
One or two sentences explaining what actually happened:
These slipstream programs are heavy CPU/DISK usage. They update multiple Gigabytes of 64 bit data and it usually take an hour to complete on my I5 3.2 Ghz PC. Random BSOD’s mostly different, but “BAD POOL HEADER” is a common error. I suspected bad memory, but tested it with microsoft memory tester, then memtest86+ (latest version) and it tested clean.
Once I uninstalled comodo firewall the problem went away. Then I did the slipstream process about 8 times more with no BSOD’s.
One or two sentences explaining what you expected to happen:
Check cavwp.exe and cmdagent.exe module for memory leaks and/or 64 bit compatibility issues.
If a software compatibility problem have you tried the advice to make programs work with CIS?:
?
Any software except CIS/OS involved? If so - name, & exact version:
NTLite 1.9.0.7455 64 bit and also rt_7_lite_win7_x64_sp1.exe 2.6.0.0, processing Win7x64 DVD install files.
Any other information, eg your guess at the cause, how you tried to fix it etc:
My guess is: A possible memory leak or 64 bit compatibility issue in comodo processes, that’s triggered by the
multi-gigabyte FILE, MEMORY, and CPU operations done with these slipstream programs.
B. YOUR SETUP
Exact CIS version & configuration:
Comodo Free Firewall 1.2.2.7036 - other comodo addons - disabled no dragon browser, etc.
Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
HIPS [Safe Mode], Firewall [Safe Mode], VirusScope [Enabled], Website Filtering [Enabled],
Have you made any other changes to the default config? (egs here.):
Device control [Enabled] - Filter USB storage devices.
HIPS [Enable] - Adaptive mode under low system resources.
Have you updated (without uninstall) from CIS 5, 6 or 7?:
no, in-fact this problem continued to follow me after doing a clean install of windows, then installing Comodo Firewall again.
if so, have you tried a a a clean reinstall - if not please do?:
Yes, Clean install with default settings.
Have you imported a config from a previous version of CIS:
No
if so, have you tried a standard config - if not please do:
OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used:
Win7x64 SP1 with latest patches installed, I5 processor, Z97 chipset - only 4 GB Ram - UAC untouched- - Admin - no V.Machine used.
Other security/s’box software a) currently installed b) installed since OS, including initial trial security software included with system:
a=Microsoft Security Essentials - RealTime protection disabled for testing against BSOD’s. It didn’t cause any issues or use CPU.
b=
On Mon 6/1/2020 1:15:52 AM your computer crashed or a problem was reported
crash dump file: C:\Windows\Minidump\060120-16208-01.dmp
This was probably caused by the following module: cmdguard.sys (cmdguard+0x2E140)
Bugcheck code: 0x19 (0x20, 0xFFFFFA8008AAFBE0, 0xFFFFFA8008AAFE40, 0x4260034)
Error: BAD_POOL_HEADER
file path: C:\Windows\system32\drivers\cmdguard.sys
product: COMODO Internet Security Sandbox Driver
company: COMODO
description: COMODO Internet Security Sandbox Driver
Bug check description: This indicates that a pool header is corrupt.
This might be a case of memory corruption. This may be because of a hardware issue such as faulty RAM, overheating (thermal issue) or because of a buggy driver. This problem might also be caused because of overheating (thermal issue).
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: cmdguard.sys (COMODO Internet Security Sandbox Driver, COMODO).
Google query: cmdguard.sys COMODO BAD_POOL_HEADER
I changed the all caps title to normal case. Eric