EDIT: Problem has already been solved. As much as I hate to admit it, it seems to have been caused by Comodo Internet Security. Hello everyone, I've been googling a lot about this and sadly couldn't find any help, so I'll try asking. I don't ask much, as you can see from my post count.. It started happening maybe a few months ago. The first thing I noticed was when I closed Foobar2000, my music player, it sometimes couldn't write the playlists and/or configuration files to disk. This would occur randomly, throw an access denied error message, and would go away, and successfully write the files, when I hit the retry button. I didn't think much about it, thought it was probably a Foobar2000 bug. Actually googled about it, and found someone else posting it in the Foobar2000 error tracker. The answer by the devs was, that it wasn't the program causing it. But I didn't go any deeper, thinking it wasn't much of a problem, as it only occured rarely. Now lately it's gotten worse. Foobar fails to write these files almost every time now. And it fails again, and again, and again, when hitting the retry button, but it WILL eventually succeed. Sometimes after 2 tries, sometimes after 200... (I just keep the enter key pressed until it works) And now I've been noticing problems with other programs, which don't throw an error message, but fail writing stuff nonetheless. Firefox will do it for example, like not saving settings I changed. Especially of addons, where a lot of stuff is changing very often. Even installing or removing addons only works sometimes. Origin (EA gaming platform) is now downloading an update at every startup, because it obviously fails to install it, or rather fails saving the update somewhere, to execute it. Now all those write accesses are failing a lot, but they still have a chance to succeed. All these programs are trying to write to my appdata folders, so that shouldn't be an issue. I've tried the usual stuff. File permissions look fine, and I tried resetting them anyway, to no avail. I tried the system file check (sfc /scannow). I tried programs like "Windows Repair (All In One)", which has given me good results with other problems in the past (I didn't use it on this particular Windows installation before though). I've tried programs to identify possible file locking processes. There aren't any. I checked the Event Viewer. Can't see anything related to the problem. And now for the weirdest part. Of course I've also tried Process Monitor, to try and identify the problem. And whenever it's running and monitoring the system, everything works just fine! All programs succeed on writing their files, on first try. This works so reliable, that I'm running Process Monitor to change my addon configuration in Firefox for example. But running it all the time is obviously not an option, and no solution to the problem anyway. It just remedies the symptoms. After literally googling my ass off, I don't actually expect a solution from you guys. But why not give it a try? Maybe someone actually had a similar problem, or gets me on the right track to identify the cause. I still have the option of trying a Windows in-place update, and of course a complete reinstall, but I'd rather not...
i remember something like that when running task manger the problem stops search for running viruses startup /services
Oh, of course I also tried finding Malware of any kind. I'm quite positive my system is clean. I'm running comodo, in a pretty paranoid configuration. Which actually would be another option, although an unlikely one. I could try uninstalling it, though then I'd have to recreate a ton of rules for all my programs. Another thing I want to try is disabling UAC.
I've been running Comodo for quite a few years. To me it's still the best compromise of high security and keeping the user in control. The Antivirus part of it isn't the best, but the firewall and HIPS are pretty awesome. If you know a similar solution, which you think is better, please, shoot. I've tried a lot, and always went back to Comodo. Sure, I've had my problems with it, sometimes. But nothing I couldn't fix, and nothing that was random like this. I highly doubt it's Comodo, but I'll give it a try and remove it.
Best solution is, repeatedly BRAIN, human sense, nothing else. This was discussed here so many times that I'm tired to repeat myself and other posters here on MDL. Do you really believe that any of that AV crap helps you with surfing securely, do you? Build in firewall and AV thingy which comes with windoze is good or bad enough to stay on quite a nice side. Hard stuff never will be detected by either Comodos et cetera or build in stuff
Of course it's not 100% secure. But it helps! Especially a rather exotic program like Comodo. Use what everybody uses, and you're in danger. The built in stuff in Windows? Well if about 60% detection rate is good enough for you... Brain doesn't help against drive-by attacks on a hacked website. Or if you don't quite trust a program you just downloaded. Especially if the source might have been hacked, and the download replaced, which is always a possibility. And then it really helps to have a security program which tells me exactly what the program is trying to do, and let's me decide if I want it to carry on or not. Anyway, can we please stay on topic?
guess we are on topic most but you can run a sfc /scannow in elevated mode to see if your system is "infected" by a 0-day exploit which no AV can detect ever edit: saw you already did
Alright, update: Just removed Comodo and... screw me.. I hate to admit that the problem is apparently gone. Really didn't expect that. I don't wanna ditch Comodo, I love the damn thing... Guess I'll try reinstalling and see if it returns. But anyway, guess it's solved. Still wonder how the Process Monitor managed to fix it though... And thanks for pointing me to it. It's not that I didn't think of it, but I guess I needed a little push.
Just keep that Comode HIPS and Sandbox sh*t disabled. Never have any problems with the firewall alone.
Well, I've tried to disable it in the process of seeking the source of my problem. Didn't help. Also, the HIPS is one of the main reasons I was using Comodo. It's a bit cumbersome, to say the least, but I like to have full control over what my PC does. Of course I was looking for an alternative after today, and I think I found one. I'm trying "Privacyware Personal Firewall" right now. It's quite ugly to look at, to be honest, but very powerful and especially light weight. Not scoring quite as high as Comodo, but still doing very well on matousec. I'm sorry to say I cannot post links to the software or the review, because my post count isn't high enough. Btw, for the "non-believers", behaviour based security does work against zero day exploits, unless that exploit is related to the security software, which is in use. I agree that signature based antivirus is mostly worthless. EDIT: Problem was caused by a new feature called Viruscope. Has been fixed by now, and I've got comodo up and running again.