Getting lots of BSODs

[DKT27]

From about the time I've uninstalled Comodo v4 I'm getting a lot of Blue Screens Of Death. I although I aint sure yet that comodo has caused it. Still on XP SP3.

Here's a BlueScreenView log:

==================================================

Dump File : Mini031310-01.dmp

Crash Time : 3/13/2010 2:38:41 AM

Bug Check String : BAD_POOL_HEADER

Bug Check Code : 0x00000019

Parameter 1 : 0x00000020

Parameter 2 : 0xe17d1cc8

Parameter 3 : 0xe17d1d80

Parameter 4 : 0x0c170201

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+21cc5

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031310-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

==================================================

Dump File : Mini031210-03.dmp

Crash Time : 3/12/2010 10:56:47 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8062e2cc

Parameter 3 : 0xaebbbb9c

Parameter 4 : 0x00000000

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+1572cc

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031210-03.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

==================================================

Dump File : Mini031210-02.dmp

Crash Time : 3/12/2010 5:32:58 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8062dfd5

Parameter 3 : 0xf2b63ae8

Parameter 4 : 0x00000000

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+156fd5

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031210-02.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

==================================================

Dump File : Mini031210-01.dmp

Crash Time : 3/12/2010 4:58:23 AM

Bug Check String : NTFS_FILE_SYSTEM

Bug Check Code : 0x00000024

Parameter 1 : 0x001902fe

Parameter 2 : 0xf7a8e7ac

Parameter 3 : 0xf7a8e4a8

Parameter 4 : 0xf73c7e3d

Caused By Driver : Ntfs.sys

Caused By Address : Ntfs.sys+2ae3d

File Description : NT File System Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5512 (xpsp.080413-2111)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031210-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

Now, there's one thing that's not mentioned in this log made by this software is, a Comodo v4's sandbox driver that should be mentioned in the ablot log Mini031210-03.dmp(the second one):

cmdguard.sys

cmdguard.sys+1ae00

0xb279f000

0xb27bda80

0x0001ea80

0x4b0b98a6

11/24/2009 1:56:14 PM

The above given time is somewhere wrong as I've deleted all of my previous minidumps and kept only these current ones.

I can see this mentioned in the software but it doesn't mention it in it's log that I just made.

I've deleted it (cmdguard.sys). But I don't know if it has to do anything with the BSODs. If it does, it seems to me that Comodo v4 has broken my windows xp's kernel. :angry:

[HX1]

Driver based/issue... possibly.. is v4 still installed on your system?

[mara-]

Did you try System Restore?

Cheers ;)

[DKT27]

I have system restore disabled. I don't have space enough.

BTW, that comodo file I've mentioned is not related to v4. It's related to Comodo v3.13 that is not the latest I have. I've uninstalled Comodo v3.13 and gonna install v3.14.

For kernel. In order to recover it. I've have to repair my OS. And my CD or drive seems corrupted.

[HX1]

Scan the Disk? :) with option selected?shoudl fix any errors.. form I386 if it needs to.. ( if that still exists )

Truthfully though when it says something like that it is usually something that is interacting with it that will cause it crash.. not the ntoskrnl.exe itself.. drivers in some cases, DLL files... anything buggy and poorly written.. could have something to do with it...

Honestly I think you should take it offline.. remove and uninstall all of the COMODO.. kill all of the files related to it.. clean the registry.. reboot.. re-install and try again... What I would try first..

[DKT27]

You mean SFC /scannow? I don't think it will work. As far as I know kernel is always running. I don't it can be fixed that way.

Installing v3.14 now.

Oh well. I wish to get my pc soon. This is getting on my nerves. -_-

[HX1]

You might want to try.. Seen this quite a bit from NT - Vista ( not 7 Yet ) from Alpha trials - Stable versions..

Hopefully you'll be busy installing tomorrow...

[DKT27]

Well I'll try but not now. And I'm sure there's some problem in the kernel, I should had come to know about it when my all the browsers were crashing when I tried them, and guess what IE worked. :blink:

Another problem is I have a command in which I just have to run the repair in OS installation and type the command somewhere I read on google, but my cd drive is corrupted and no matter how much time I try, it doesn't load the XP files (checked it with 2 CDs). Also waited half hour for Safe mode cmd promp to start, but it doesn't. :unsure:

And yea with luck, somehow I think CD drive will read the cd in windows.

[HX1]

Safe Mode will not boot... and your CD drive isn't working.. I dunno I would try the Right Click Properties on the Local Drive and set it to scan and fix errors when it restarts.. and see from there... sounds like it could be a bad driver or missing corrupt files.. What was the last line on the Safe Mode boot? or did you even get the driver load screen? Anyway only two things I know besides OS installation/so on..

[LeetPirate]

Try forcing a reinstall of service pack 3 for XP. It might save you. Or you could boot from an XP SP3 cd and do a repair install is all else fails.

[Atasas]

From about the time I've uninstalled Comodo v4 I'm getting a lot of Blue Screens Of Death. I although I aint sure yet that comodo has caused it. Still on XP SP3.

Here's a BlueScreenView log:

==================================================

Dump File : Mini031310-01.dmp

Crash Time : 3/13/2010 2:38:41 AM

Bug Check String : BAD_POOL_HEADER

Bug Check Code : 0x00000019

Parameter 1 : 0x00000020

Parameter 2 : 0xe17d1cc8

Parameter 3 : 0xe17d1d80

Parameter 4 : 0x0c170201

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+21cc5

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031310-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

==================================================

Dump File : Mini031210-03.dmp

Crash Time : 3/12/2010 10:56:47 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8062e2cc

Parameter 3 : 0xaebbbb9c

Parameter 4 : 0x00000000

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+1572cc

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031210-03.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

==================================================

Dump File : Mini031210-02.dmp

Crash Time : 3/12/2010 5:32:58 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8062dfd5

Parameter 3 : 0xf2b63ae8

Parameter 4 : 0x00000000

Caused By Driver : ntoskrnl.exe

Caused By Address : ntoskrnl.exe+156fd5

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031210-02.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

==================================================

Dump File : Mini031210-01.dmp

Crash Time : 3/12/2010 4:58:23 AM

Bug Check String : NTFS_FILE_SYSTEM

Bug Check Code : 0x00000024

Parameter 1 : 0x001902fe

Parameter 2 : 0xf7a8e7ac

Parameter 3 : 0xf7a8e4a8

Parameter 4 : 0xf73c7e3d

Caused By Driver : Ntfs.sys

Caused By Address : Ntfs.sys+2ae3d

File Description : NT File System Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5512 (xpsp.080413-2111)

Processor : 32-bit

Computer Name :

Full Path : C:\WINDOWS\minidump\Mini031210-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 2600

==================================================

Now, there's one thing that's not mentioned in this log made by this software is, a Comodo v4's sandbox driver that should be mentioned in the ablot log Mini031210-03.dmp(the second one):

cmdguard.sys

cmdguard.sys+1ae00

0xb279f000

0xb27bda80

0x0001ea80

0x4b0b98a6

11/24/2009 1:56:14 PM

The above given time is somewhere wrong as I've deleted all of my previous minidumps and kept only these current ones.

I can see this mentioned in the software but it doesn't mention it in it's log that I just made.

I've deleted it (cmdguard.sys). But I don't know if it has to do anything with the BSODs. If it does, it seems to me that Comodo v4 has broken my windows xp's kernel. :angry:

yeh... my penny- just get yourself decent build XP; format fully; reinstall drivers;update etc... she'll be running like there is no tomorrow!

[*dcs18]

@ DKT27,

Can you backup your NOD32 configuration settings to an .xml file and do a complete uninstall of your NOD32. You'll need to check for BSODs (without your NOD32) for one entire day. ;)

[DKT27]

Today morning. I got another BSOD. It wasn't during windows was running. Don't remember properly though. So there's no minidump for that.

After that, I was having a lot of booting and hardware problems. I don't know where this is going. First I tried a lot. But the Windows XP loading screen wasn't coming at all. If it came it was talking 15-20mins. It did a auto checkdisk of C drive after that. Odd hardware problem was, that either one of my IDE HDD(my xp is installed in it), or my Sata HDD, or my Sata DVD Drive don't get detected properly.

Then my old but not soo old IDE DVD Combo came as a savior. I was knowing that I'd need SP3 integrated XP CD. And I only had SP2. So yesterday I downloaded full MSDN XP SP3. Today I was able to boot it with my IDE. I chose repair. Then I entered this command:

expand f:\i386\ntoskrnl.ex_ c:\windows\system32

And it replaced my kernel file. And so far I didn't had that much slow boot, it was slow but normally. I'm running my XP from about 3.30 hours with no BSOD.

Taking new pc is delayed 3 further more days. :(

Wish that my few last days on this PC are good. :)

[HX1]

LOL.. good you thought of replacing your file.. I thought of it.. from I386 or whatever but I didn't know how well it would go... My disk scan always used to replace that kind of thing for me..

ANYWAYS.. I hope you have a good last few days on the P.O.S... :lmao: I will envy you once you have your new system.. must be nice.. Hope all goes well.. :thumbsup:

[DKT27]

Well I don't know if the problem is solved yet. But I can see I'm not having any Firefox crashes. That's a positive sign.

I'm not using any firewall. Windows firewall sucks. But I think I'll enable it for now.

I got that command from google. Wrote it down.

BTW if the problem is solved. Thanks guys for the help. Always nice to share the problem. It increases the chances of fixing it fast cause of all the help. :)

[DKT27]

Few hours ago. Well and firefox wasn't able to open again. My ESET was 100% even when nothing much was running. I tried opening it. But esetgui crashed. Then when I started playing with eset's scanning service(the main eset service). I got an error from it saying some problem related to the kernel. So here we have it seems. dcs18 and heath28m, you are right. The kernel was repaired a bit. But the software causing problem may well be ESET or it's drivers. Still I'm no ESET hater. So when I get the new PC. I may well use ESET.

Now I've switched to Avast Free. And I must say. The interface and gui is simply the best I've seen for a AV. Makes me feel that is ESET worth? :unsure:

[Bizarre™]

@DKT27:

I think I might know your problem.

Try uninstalling, then reinstalling NOD32.

Once done, open NOD32 and select Advanced Mode.

Now go to Tools > Scheduler, then delete all except Regular Automatic Update.

[DKT27]

Hmm. Thanks for the info Biz. :)

But I've already uninstalled ESET. Guess paying price for not upgrading to the latest 4.2. But will keep in mind. :)

[HX1]

Driver issue caused my mix of COMODO installation and ESET.. is my guess.. Mix that with BSOD and crashing.. files and data which is being read is going to be corrupted... screws with the magnetization of the disc.. but only concerns files which are being physically read.. so like Biz stated or scanning.repairing and fixing sectors.. then even at that you may still have to do what he mentioned .. the point being is that the magnetization on the disk has to be repaired or you will still have issues randomly.. with files being corrupted almost like an infection or even letting you think that the system has been compromised..

Just my ideas at this point.. Scenario.. bad driver or small incompatibility between protection as they are trying to run together and not alongside... driver fails on one BSOD... files in use and not in memory corrupted sectors where files are ... repeated BSOD.. ( even after uninstall some drivers stay behind and are loaded at startup - SOMETIMES deleting them can be okay and will fix the issue, depends ) more corruption... which will just continue to go until sectors are repaired.. on a disk that full I would say I would attempt a repair..

[*dcs18]

But I've already uninstalled ESET. Guess paying price for not upgrading to the latest 4.2. But will keep in mind. :)

Hey DKT27 :smoke:

It's got nothing to do with the latest V4.2 (you may try the upgrade if you don't believe me - though, V4.2 is quite likely to behave itself on the new rig that you propose to buy.) Doesn't the following conversation now make sense?:coolwink:

Been using many firewalls through the years, on and off including COMODO and Online Armor (not together.) Have never faced a BSOD caused directly by a firewall misbehavior. :nono:

Most of my BSODs have been traced directly to NOD32 drivers. :(

The reason for the downfall of NOD32 is simple. They attempted to integrate a firewall (even into EAV) :wtf: They should have left the EAV alone as a dedicated antivirus the way the venerable V2 was. V2 never ever conflicted with any kind of security setup and emerged as the undisputed :king: in 2007. No wonder Purists like me :spam: ESET to keep the support for V2 alive and kicking. I wish ESET had limited their experiments to ESS.

V3 and V4 can cause BSODs under certain hardware and/or software combination due to incompatibilities arising from driver conflicts.

[KotaXor]

Maybe that's the reason I never use ESS, just EAV...<_<

[HX1]

Well I guess neither one of you noticed or remember that DK only uses EAV and Comodo.. :think: and was n the middle of upgrading Comodo...

I'M the freak who uses ESS.. I think the only one on the forums.. but I love it anyway.. :thumbsup: Takes more than a just a good firewall I don't care what your using..

But anyway back on the farm....

Will DK make till D-day?......

Will WIndows XP finally crash after hanging on by one fleshy cuticle?...

Will Comodo rewrite their software in time?...

Will the new PC arrive undamaged or filled with a fake chip?...

Be sure to tune in next time on ...

'Windows XP: Drunken Master'

... the department store Santa years

[*dcs18]

Hi heath28m,

My fix above (post # 12) to DKT27's issue was made in the light of the EAV only. ;)

[HX1]

Oh I see.. I had to read your post #20 again .. in light of that review I thought you were saying that EAV was ruined n spite of the the separate integration of the firewall into ESS..

The of course the following in #21 by Kotaxor... So I naturally assumed you were referring to the crashes that followed being a result of something related to the ESS package, not EAV.. but then of course you have the Web Access Protection too.. which I didn't really think about.

I do think its possible he may have some bad sectors created by the continuous crashing... I have seen it before with a few systems and with my own experience...but its just an opinion...

EDIT: At least he hasn't wound up with an 'Unmovable Boot Volume' BSOD yet.. Those can be a bad sign..

[DKT27]

I did checkdisk on C drive. Also I did HDD regenerator thingy from hiren's bootcd two weeks ago and it did recover one corrupt sector or similar.

Nice way of presenting it heath. :P

I know that dcs18 was clearly knowing that I use ESET AV and not ESET SS.

heath remember me having page loading error, was later solved by blocking a link, I had some problems in other browsers, now i'm getting a feeling that ESET's web access protection is somewhere related to it. I'm testing some things before I come to a verdict.