Several programs show in task manager, but don't fully load. [M2244]

Win10x64/Creator’s Update

I’ve been using Comodo for years, but this is something new that’s crept in during the last few weeks. Programs I’ve noticed this with include Photoshop, NitroPDF, and Visual Studio’s remote debugger.

After starting the computer, they’ll work fine for a bit, then will no longer load. They will appear in task manager holding steady at ~15% CPU usage but the window will not appear or the parent program will complain that the process could not be loaded. Once the problem appears once, I won’t be able to get them to load again until after a reboot (then they’ll load a few times before the problem returns). How many times they’ll work varies quite a bit, which makes troubleshooting a bit more of a pain. I cannot reproduce the problem with CIS uninstalled.

I haven’t installed any additional security software and have tried uninstalling and reinstalling CIS. I’ve tried disabling the antivirus, firewall, HIPS and virus scope (autosandboxing is always disabled) but that does not prevent me from having to restart to get things working again. I couldn’t find any evidence of blocking them in logs and marking exe’s/folders as trusted/excluded didn’t seem to help either.

Currently have CIS uninstalled and am just wondering if this is a known issue which may be fixed in an upcoming update before(if) I reinstall and try a little harder to narrow down the problem.


Yeah I have the same issue with mspaint on Windows 7 but I didn’t really notice it until after I installed windows updates. I haven’t gotten around to reporting it yet. What you should do is install again and provide memory dumps for each application that it occurs with. You can use task manager and use create dump on process that is hung. Or you can use procdump. Either way zip each dump separately and attach to post. It would also be helpful to attach a diagnostic report.

I think the dumps were too large, so I put them on DropBox (Comodo report is attached here). Since reinstalling, only NitroPDF has been affected. If others go bad before I uninstall, I’ll upload them. I’ve also included a dump from when Nitro was working (NitroPDF(Working).zip) in case comparing the two may be useful.

Okay thanks I have reported the issue and included your links for your dumps.

Thanks. The frequency of the problem seems to have gone down a bit for now. If it goes back up, I’ll uninstall and try again at the next update.

A small correction to what I said earlier. It seems that once the problem does appear, it can go away without a reboot if I try again later. As with waiting for the problem to arise, the time for it to pass is variable as well.

They unfortunately could not replicate in their test environment and that they request your CIS config and output of msinfo32. For msinfo go to start type msinfo32 and when it opens go to file > export choose a name to save it as and then attach here with your exported config.

Done and thanks. (I had to put a .txt extension on the Comodo config because .cfgx was not in the allowed types for upload to the forum).

Can you check with I haven’t experienced it yet with this build.

I’m experiencing the same issue with Comodo Firewall (latest).

It appears very frequently for me when trying to open an excel document from the desktop.

Find attached the msinfo, config and a screenshot of the infinite loop it gets stuck in with:

  • module base address in the top right
  • call stack on the top left
  • appearently overflown(?) register values on the bottom

Here the process memory dump:

Thanks for the detailed info but can you check with version RC thanks. This issue was reported based on version 6223.

Thanks for your response. Since the issue is so sporadic I’m unable to just “check” it and I’m unwilling to install beta driver software on my system. Once the update is live and the issue still appears, I’ll get back to you.

After installing the latest update the issue still persists. This is on version

Find attached the updated offsets.

Can you specify the applications and their versions that experience this issue? Does adding the affected applications to the detect shellcode injections exclusions help?

In my first report it was Microsoft Excel Version 1701, the second one was Teamspeak Version

After adding the program (still Teamspeak - I didn’t reboot since my earlier post) to the shellcode injections exclusions, the program starts fine. When I remove the exception the program deadlocks again. To make sure I added the exception again and it was working fine again. So it’s fairly certain that this feature is the culprit.

Thank you very much. This at least provides a workaround without rebooting the system.

Your issue seems different as when I had this issue with mspaint not loading, it wouldn’t work even when I added it the exclusions of detect shellcode injections. Also I have tried opeing ts3 multiple times and it loads normally for me. But provide memory dump of ts3 when it fails to load.

As the OP described this issue is not easily reproducible, because it only happens occasionally. TS3 and the other programs usually work just fine for me. Usually it stays bugged until reboot, but as the OP described can sometimes fix itself without reboot (in a matter of hours in my experience).

Here is the dump while the process is stuck: Dropbox - ts3client_win64.DMP - Simplify your life

Ok thanks I have linked your posts about Excel and TS3 and linked the dumps you have provided. I also let them know that adding TS3 to exclusions helps.

This issue also seems to impart Libre Office.

Provide a CIS diagnostic report, msinfo32 saved report, and create a memory dump of application when it does not load fully. For msinfo go to start type msinfo32.exe then from file menu go to export and save. With task manager after you attempt to run application right-click on hung application process and select create dump.

Unfortunately I no longer have CFW installed.