[Solved] I have the weirdest, random, access denied errors

Discussion in 'Windows 8' started by drei941, Jul 29, 2014.

  1. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    #1 drei941, Jul 29, 2014
    Last edited: Jul 29, 2014
    EDIT: Problem has already been solved. As much as I hate to admit it, it seems to have been caused by Comodo Internet Security.

    Hello everyone,

    I've been googling a lot about this and sadly couldn't find any help, so I'll try asking. I don't ask much, as you can see from my post count..

    It started happening maybe a few months ago. The first thing I noticed was when I closed Foobar2000, my music player, it sometimes couldn't write the playlists and/or configuration files to disk. This would occur randomly, throw an access denied error message, and would go away, and successfully write the files, when I hit the retry button.

    I didn't think much about it, thought it was probably a Foobar2000 bug. Actually googled about it, and found someone else posting it in the Foobar2000 error tracker. The answer by the devs was, that it wasn't the program causing it. But I didn't go any deeper, thinking it wasn't much of a problem, as it only occured rarely.

    Now lately it's gotten worse. Foobar fails to write these files almost every time now. And it fails again, and again, and again, when hitting the retry button, but it WILL eventually succeed. Sometimes after 2 tries, sometimes after 200... (I just keep the enter key pressed until it works)

    And now I've been noticing problems with other programs, which don't throw an error message, but fail writing stuff nonetheless. Firefox will do it for example, like not saving settings I changed. Especially of addons, where a lot of stuff is changing very often. Even installing or removing addons only works sometimes. Origin (EA gaming platform) is now downloading an update at every startup, because it obviously fails to install it, or rather fails saving the update somewhere, to execute it. Now all those write accesses are failing a lot, but they still have a chance to succeed. All these programs are trying to write to my appdata folders, so that shouldn't be an issue.

    I've tried the usual stuff. File permissions look fine, and I tried resetting them anyway, to no avail.
    I tried the system file check (sfc /scannow).
    I tried programs like "Windows Repair (All In One)", which has given me good results with other problems in the past (I didn't use it on this particular Windows installation before though).
    I've tried programs to identify possible file locking processes. There aren't any.
    I checked the Event Viewer. Can't see anything related to the problem.

    And now for the weirdest part. Of course I've also tried Process Monitor, to try and identify the problem.
    And whenever it's running and monitoring the system, everything works just fine!
    All programs succeed on writing their files, on first try.
    This works so reliable, that I'm running Process Monitor to change my addon configuration in Firefox for example.
    But running it all the time is obviously not an option, and no solution to the problem anyway. It just remedies the symptoms.

    After literally googling my ass off, I don't actually expect a solution from you guys.
    But why not give it a try? Maybe someone actually had a similar problem, or gets me on the right track to identify the cause.

    I still have the option of trying a Windows in-place update, and of course a complete reinstall, but I'd rather not...
     
  2. LiteOS

    LiteOS MDL Expert

    Mar 7, 2014
    1,509
    641
    60
    i remember something like that when running task manger the problem stops
    search for running viruses startup /services
     
  3. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    Oh, of course I also tried finding Malware of any kind.
    I'm quite positive my system is clean. I'm running comodo, in a pretty paranoid configuration.
    Which actually would be another option, although an unlikely one. I could try uninstalling it, though then I'd have to recreate a ton of rules for all my programs.
    Another thing I want to try is disabling UAC.
     
  4. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,993
    7,143
    240
    bet it is Comodo crap :rolleyes:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    I've been running Comodo for quite a few years. To me it's still the best compromise of high security and keeping the user in control. The Antivirus part of it isn't the best, but the firewall and HIPS are pretty awesome.
    If you know a similar solution, which you think is better, please, shoot. I've tried a lot, and always went back to Comodo.

    Sure, I've had my problems with it, sometimes. But nothing I couldn't fix, and nothing that was random like this. I highly doubt it's Comodo, but I'll give it a try and remove it.
     
  6. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,993
    7,143
    240
    Best solution is, repeatedly BRAIN, human sense, nothing else. This was discussed here so many times that I'm tired to repeat myself and other posters here on MDL.
    Do you really believe that any of that AV crap helps you with surfing securely, do you?
    Build in firewall and AV thingy which comes with windoze is good or bad enough to stay on quite a nice side. Hard stuff never will be detected by either Comodos et cetera or build in stuff
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. endbase

    endbase MDL Guru

    Aug 12, 2012
    3,896
    1,182
    120
    I agree Paul there is not a 100% security proof program here on earth :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    Of course it's not 100% secure. But it helps! Especially a rather exotic program like Comodo. Use what everybody uses, and you're in danger. The built in stuff in Windows? Well if about 60% detection rate is good enough for you...
    Brain doesn't help against drive-by attacks on a hacked website. Or if you don't quite trust a program you just downloaded. Especially if the source might have been hacked, and the download replaced, which is always a possibility.
    And then it really helps to have a security program which tells me exactly what the program is trying to do, and let's me decide if I want it to carry on or not.

    Anyway, can we please stay on topic?
     
  9. endbase

    endbase MDL Guru

    Aug 12, 2012
    3,896
    1,182
    120
    On topic :p Check your logs for disk write errors it might give you insight what is going on :tea:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,993
    7,143
    240
    #10 PaulDesmond, Jul 29, 2014
    Last edited: Jul 29, 2014
    guess we are on topic most but you can run a sfc /scannow in elevated mode to see if your system is "infected" by a 0-day exploit which no AV can detect ever :p

    edit: saw you already did
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    no disk write errors. "disk" was tested and is fine. it's a samsung 830 ssd.
     
  12. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    #12 drei941, Jul 29, 2014
    Last edited: Jul 29, 2014
    (OP)
    Alright, update:
    Just removed Comodo and... screw me.. I hate to admit that the problem is apparently gone. Really didn't expect that.
    I don't wanna ditch Comodo, I love the damn thing... Guess I'll try reinstalling and see if it returns. But anyway, guess it's solved.
    Still wonder how the Process Monitor managed to fix it though...

    And thanks for pointing me to it. It's not that I didn't think of it, but I guess I needed a little push.
     
  13. PaulDesmond

    PaulDesmond MDL Magnet

    Aug 6, 2009
    6,993
    7,143
    240
    #13 PaulDesmond, Jul 29, 2014
    Last edited: Jul 29, 2014
    I never bet when I do not know the result ... lol :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    2,475
    2,105
    90
    Just keep that Comode HIPS and Sandbox sh*t disabled. Never have any problems with the firewall alone.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. drei941

    drei941 MDL Novice

    Aug 24, 2012
    15
    2
    0
    #15 drei941, Jul 29, 2014
    Last edited: Jun 3, 2015
    (OP)
    Well, I've tried to disable it in the process of seeking the source of my problem. Didn't help.
    Also, the HIPS is one of the main reasons I was using Comodo. It's a bit cumbersome, to say the least, but I like to have full control over what my PC does.

    Of course I was looking for an alternative after today, and I think I found one. I'm trying "Privacyware Personal Firewall" right now.
    It's quite ugly to look at, to be honest, but very powerful and especially light weight.

    Not scoring quite as high as Comodo, but still doing very well on matousec.
    I'm sorry to say I cannot post links to the software or the review, because my post count isn't high enough.

    Btw, for the "non-believers", behaviour based security does work against zero day exploits, unless that exploit is related to the security software, which is in use.
    I agree that signature based antivirus is mostly worthless.

    EDIT: Problem was caused by a new feature called Viruscope. Has been fixed by now, and I've got comodo up and running again.