Administrator DKT27 Posted March 12, 2010 Administrator Share Posted March 12, 2010 From about the time I've uninstalled Comodo v4 I'm getting a lot of Blue Screens Of Death. I although I aint sure yet that comodo has caused it. Still on XP SP3.Here's a BlueScreenView log:==================================================Dump File : Mini031310-01.dmpCrash Time : 3/13/2010 2:38:41 AMBug Check String : BAD_POOL_HEADERBug Check Code : 0x00000019Parameter 1 : 0x00000020Parameter 2 : 0xe17d1cc8Parameter 3 : 0xe17d1d80Parameter 4 : 0x0c170201Caused By Driver : ntoskrnl.exeCaused By Address : ntoskrnl.exe+21cc5File Description : NT Kernel & SystemProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031310-01.dmpProcessors Count : 1Major Version : 15Minor Version : 2600====================================================================================================Dump File : Mini031210-03.dmpCrash Time : 3/12/2010 10:56:47 PMBug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLEDBug Check Code : 0x1000008eParameter 1 : 0xc0000005Parameter 2 : 0x8062e2ccParameter 3 : 0xaebbbb9cParameter 4 : 0x00000000Caused By Driver : ntoskrnl.exeCaused By Address : ntoskrnl.exe+1572ccFile Description : NT Kernel & SystemProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031210-03.dmpProcessors Count : 1Major Version : 15Minor Version : 2600====================================================================================================Dump File : Mini031210-02.dmpCrash Time : 3/12/2010 5:32:58 PMBug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLEDBug Check Code : 0x1000008eParameter 1 : 0xc0000005Parameter 2 : 0x8062dfd5Parameter 3 : 0xf2b63ae8Parameter 4 : 0x00000000Caused By Driver : ntoskrnl.exeCaused By Address : ntoskrnl.exe+156fd5File Description : NT Kernel & SystemProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031210-02.dmpProcessors Count : 1Major Version : 15Minor Version : 2600====================================================================================================Dump File : Mini031210-01.dmpCrash Time : 3/12/2010 4:58:23 AMBug Check String : NTFS_FILE_SYSTEMBug Check Code : 0x00000024Parameter 1 : 0x001902feParameter 2 : 0xf7a8e7acParameter 3 : 0xf7a8e4a8Parameter 4 : 0xf73c7e3dCaused By Driver : Ntfs.sysCaused By Address : Ntfs.sys+2ae3dFile Description : NT File System DriverProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5512 (xpsp.080413-2111)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031210-01.dmpProcessors Count : 1Major Version : 15Minor Version : 2600==================================================Now, there's one thing that's not mentioned in this log made by this software is, a Comodo v4's sandbox driver that should be mentioned in the ablot log Mini031210-03.dmp(the second one):cmdguard.sys cmdguard.sys+1ae00 0xb279f000 0xb27bda80 0x0001ea80 0x4b0b98a6 11/24/2009 1:56:14 PMThe above given time is somewhere wrong as I've deleted all of my previous minidumps and kept only these current ones.I can see this mentioned in the software but it doesn't mention it in it's log that I just made.I've deleted it (cmdguard.sys). But I don't know if it has to do anything with the BSODs. If it does, it seems to me that Comodo v4 has broken my windows xp's kernel. :angry: Link to comment Share on other sites More sharing options...
HX1 Posted March 12, 2010 Share Posted March 12, 2010 Driver based/issue... possibly.. is v4 still installed on your system? Link to comment Share on other sites More sharing options...
mara- Posted March 13, 2010 Share Posted March 13, 2010 Did you try System Restore?Cheers ;) Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 13, 2010 Author Administrator Share Posted March 13, 2010 I have system restore disabled. I don't have space enough. BTW, that comodo file I've mentioned is not related to v4. It's related to Comodo v3.13 that is not the latest I have. I've uninstalled Comodo v3.13 and gonna install v3.14.For kernel. In order to recover it. I've have to repair my OS. And my CD or drive seems corrupted. Link to comment Share on other sites More sharing options...
HX1 Posted March 13, 2010 Share Posted March 13, 2010 Scan the Disk? :) with option selected?shoudl fix any errors.. form I386 if it needs to.. ( if that still exists )Truthfully though when it says something like that it is usually something that is interacting with it that will cause it crash.. not the ntoskrnl.exe itself.. drivers in some cases, DLL files... anything buggy and poorly written.. could have something to do with it...Honestly I think you should take it offline.. remove and uninstall all of the COMODO.. kill all of the files related to it.. clean the registry.. reboot.. re-install and try again... What I would try first.. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 13, 2010 Author Administrator Share Posted March 13, 2010 You mean SFC /scannow? I don't think it will work. As far as I know kernel is always running. I don't it can be fixed that way.Installing v3.14 now.Oh well. I wish to get my pc soon. This is getting on my nerves. -_- Link to comment Share on other sites More sharing options...
HX1 Posted March 13, 2010 Share Posted March 13, 2010 You might want to try.. Seen this quite a bit from NT - Vista ( not 7 Yet ) from Alpha trials - Stable versions..Hopefully you'll be busy installing tomorrow... Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 13, 2010 Author Administrator Share Posted March 13, 2010 Well I'll try but not now. And I'm sure there's some problem in the kernel, I should had come to know about it when my all the browsers were crashing when I tried them, and guess what IE worked. :blink:Another problem is I have a command in which I just have to run the repair in OS installation and type the command somewhere I read on google, but my cd drive is corrupted and no matter how much time I try, it doesn't load the XP files (checked it with 2 CDs). Also waited half hour for Safe mode cmd promp to start, but it doesn't. :unsure:And yea with luck, somehow I think CD drive will read the cd in windows. Link to comment Share on other sites More sharing options...
HX1 Posted March 13, 2010 Share Posted March 13, 2010 Safe Mode will not boot... and your CD drive isn't working.. I dunno I would try the Right Click Properties on the Local Drive and set it to scan and fix errors when it restarts.. and see from there... sounds like it could be a bad driver or missing corrupt files.. What was the last line on the Safe Mode boot? or did you even get the driver load screen? Anyway only two things I know besides OS installation/so on.. Link to comment Share on other sites More sharing options...
LeetPirate Posted March 13, 2010 Share Posted March 13, 2010 Try forcing a reinstall of service pack 3 for XP. It might save you. Or you could boot from an XP SP3 cd and do a repair install is all else fails. Link to comment Share on other sites More sharing options...
Atasas Posted March 13, 2010 Share Posted March 13, 2010 From about the time I've uninstalled Comodo v4 I'm getting a lot of Blue Screens Of Death. I although I aint sure yet that comodo has caused it. Still on XP SP3.Here's a BlueScreenView log:==================================================Dump File : Mini031310-01.dmpCrash Time : 3/13/2010 2:38:41 AMBug Check String : BAD_POOL_HEADERBug Check Code : 0x00000019Parameter 1 : 0x00000020Parameter 2 : 0xe17d1cc8Parameter 3 : 0xe17d1d80Parameter 4 : 0x0c170201Caused By Driver : ntoskrnl.exeCaused By Address : ntoskrnl.exe+21cc5File Description : NT Kernel & SystemProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031310-01.dmpProcessors Count : 1Major Version : 15Minor Version : 2600====================================================================================================Dump File : Mini031210-03.dmpCrash Time : 3/12/2010 10:56:47 PMBug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLEDBug Check Code : 0x1000008eParameter 1 : 0xc0000005Parameter 2 : 0x8062e2ccParameter 3 : 0xaebbbb9cParameter 4 : 0x00000000Caused By Driver : ntoskrnl.exeCaused By Address : ntoskrnl.exe+1572ccFile Description : NT Kernel & SystemProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031210-03.dmpProcessors Count : 1Major Version : 15Minor Version : 2600====================================================================================================Dump File : Mini031210-02.dmpCrash Time : 3/12/2010 5:32:58 PMBug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLEDBug Check Code : 0x1000008eParameter 1 : 0xc0000005Parameter 2 : 0x8062dfd5Parameter 3 : 0xf2b63ae8Parameter 4 : 0x00000000Caused By Driver : ntoskrnl.exeCaused By Address : ntoskrnl.exe+156fd5File Description : NT Kernel & SystemProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5913 (xpsp_sp3_gdr.091208-2036)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031210-02.dmpProcessors Count : 1Major Version : 15Minor Version : 2600====================================================================================================Dump File : Mini031210-01.dmpCrash Time : 3/12/2010 4:58:23 AMBug Check String : NTFS_FILE_SYSTEMBug Check Code : 0x00000024Parameter 1 : 0x001902feParameter 2 : 0xf7a8e7acParameter 3 : 0xf7a8e4a8Parameter 4 : 0xf73c7e3dCaused By Driver : Ntfs.sysCaused By Address : Ntfs.sys+2ae3dFile Description : NT File System DriverProduct Name : Microsoft® Windows® Operating SystemCompany : Microsoft CorporationFile Version : 5.1.2600.5512 (xpsp.080413-2111)Processor : 32-bitComputer Name : Full Path : C:\WINDOWS\minidump\Mini031210-01.dmpProcessors Count : 1Major Version : 15Minor Version : 2600==================================================Now, there's one thing that's not mentioned in this log made by this software is, a Comodo v4's sandbox driver that should be mentioned in the ablot log Mini031210-03.dmp(the second one):cmdguard.sys cmdguard.sys+1ae00 0xb279f000 0xb27bda80 0x0001ea80 0x4b0b98a6 11/24/2009 1:56:14 PMThe above given time is somewhere wrong as I've deleted all of my previous minidumps and kept only these current ones.I can see this mentioned in the software but it doesn't mention it in it's log that I just made.I've deleted it (cmdguard.sys). But I don't know if it has to do anything with the BSODs. If it does, it seems to me that Comodo v4 has broken my windows xp's kernel. :angry:yeh... my penny- just get yourself decent build XP; format fully; reinstall drivers;update etc... she'll be running like there is no tomorrow! Link to comment Share on other sites More sharing options...
*dcs18 Posted March 13, 2010 Share Posted March 13, 2010 @ DKT27,Can you backup your NOD32 configuration settings to an .xml file and do a complete uninstall of your NOD32. You'll need to check for BSODs (without your NOD32) for one entire day. ;) Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 13, 2010 Author Administrator Share Posted March 13, 2010 Today morning. I got another BSOD. It wasn't during windows was running. Don't remember properly though. So there's no minidump for that.After that, I was having a lot of booting and hardware problems. I don't know where this is going. First I tried a lot. But the Windows XP loading screen wasn't coming at all. If it came it was talking 15-20mins. It did a auto checkdisk of C drive after that. Odd hardware problem was, that either one of my IDE HDD(my xp is installed in it), or my Sata HDD, or my Sata DVD Drive don't get detected properly.Then my old but not soo old IDE DVD Combo came as a savior. I was knowing that I'd need SP3 integrated XP CD. And I only had SP2. So yesterday I downloaded full MSDN XP SP3. Today I was able to boot it with my IDE. I chose repair. Then I entered this command:expand f:\i386\ntoskrnl.ex_ c:\windows\system32And it replaced my kernel file. And so far I didn't had that much slow boot, it was slow but normally. I'm running my XP from about 3.30 hours with no BSOD. Taking new pc is delayed 3 further more days. :(Wish that my few last days on this PC are good. :) Link to comment Share on other sites More sharing options...
HX1 Posted March 13, 2010 Share Posted March 13, 2010 LOL.. good you thought of replacing your file.. I thought of it.. from I386 or whatever but I didn't know how well it would go... My disk scan always used to replace that kind of thing for me.. ANYWAYS.. I hope you have a good last few days on the P.O.S... :lmao: I will envy you once you have your new system.. must be nice.. Hope all goes well.. :thumbsup: Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 13, 2010 Author Administrator Share Posted March 13, 2010 Well I don't know if the problem is solved yet. But I can see I'm not having any Firefox crashes. That's a positive sign. I'm not using any firewall. Windows firewall sucks. But I think I'll enable it for now.I got that command from google. Wrote it down.BTW if the problem is solved. Thanks guys for the help. Always nice to share the problem. It increases the chances of fixing it fast cause of all the help. :) Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 14, 2010 Author Administrator Share Posted March 14, 2010 Few hours ago. Well and firefox wasn't able to open again. My ESET was 100% even when nothing much was running. I tried opening it. But esetgui crashed. Then when I started playing with eset's scanning service(the main eset service). I got an error from it saying some problem related to the kernel. So here we have it seems. dcs18 and heath28m, you are right. The kernel was repaired a bit. But the software causing problem may well be ESET or it's drivers. Still I'm no ESET hater. So when I get the new PC. I may well use ESET.Now I've switched to Avast Free. And I must say. The interface and gui is simply the best I've seen for a AV. Makes me feel that is ESET worth? :unsure: Link to comment Share on other sites More sharing options...
Bizarre™ Posted March 14, 2010 Share Posted March 14, 2010 @DKT27:I think I might know your problem.Try uninstalling, then reinstalling NOD32.Once done, open NOD32 and select Advanced Mode.Now go to Tools > Scheduler, then delete all except Regular Automatic Update. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 14, 2010 Author Administrator Share Posted March 14, 2010 Hmm. Thanks for the info Biz. :)But I've already uninstalled ESET. Guess paying price for not upgrading to the latest 4.2. But will keep in mind. :) Link to comment Share on other sites More sharing options...
HX1 Posted March 14, 2010 Share Posted March 14, 2010 Driver issue caused my mix of COMODO installation and ESET.. is my guess.. Mix that with BSOD and crashing.. files and data which is being read is going to be corrupted... screws with the magnetization of the disc.. but only concerns files which are being physically read.. so like Biz stated or scanning.repairing and fixing sectors.. then even at that you may still have to do what he mentioned .. the point being is that the magnetization on the disk has to be repaired or you will still have issues randomly.. with files being corrupted almost like an infection or even letting you think that the system has been compromised..Just my ideas at this point.. Scenario.. bad driver or small incompatibility between protection as they are trying to run together and not alongside... driver fails on one BSOD... files in use and not in memory corrupted sectors where files are ... repeated BSOD.. ( even after uninstall some drivers stay behind and are loaded at startup - SOMETIMES deleting them can be okay and will fix the issue, depends ) more corruption... which will just continue to go until sectors are repaired.. on a disk that full I would say I would attempt a repair.. Link to comment Share on other sites More sharing options...
*dcs18 Posted March 14, 2010 Share Posted March 14, 2010 But I've already uninstalled ESET. Guess paying price for not upgrading to the latest 4.2. But will keep in mind. :)Hey DKT27 :smoke:It's got nothing to do with the latest V4.2 (you may try the upgrade if you don't believe me - though, V4.2 is quite likely to behave itself on the new rig that you propose to buy.) Doesn't the following conversation now make sense?:coolwink:Been using many firewalls through the years, on and off including COMODO and Online Armor (not together.) Have never faced a BSOD caused directly by a firewall misbehavior. :nono:Most of my BSODs have been traced directly to NOD32 drivers. :(The reason for the downfall of NOD32 is simple. They attempted to integrate a firewall (even into EAV) :wtf: They should have left the EAV alone as a dedicated antivirus the way the venerable V2 was. V2 never ever conflicted with any kind of security setup and emerged as the undisputed :king: in 2007. No wonder Purists like me :spam: ESET to keep the support for V2 alive and kicking. I wish ESET had limited their experiments to ESS.V3 and V4 can cause BSODs under certain hardware and/or software combination due to incompatibilities arising from driver conflicts. Link to comment Share on other sites More sharing options...
KotaXor Posted March 14, 2010 Share Posted March 14, 2010 Maybe that's the reason I never use ESS, just EAV...<_< Link to comment Share on other sites More sharing options...
HX1 Posted March 14, 2010 Share Posted March 14, 2010 Well I guess neither one of you noticed or remember that DK only uses EAV and Comodo.. :think: and was n the middle of upgrading Comodo...I'M the freak who uses ESS.. I think the only one on the forums.. but I love it anyway.. :thumbsup: Takes more than a just a good firewall I don't care what your using.. But anyway back on the farm....Will DK make till D-day?......Will WIndows XP finally crash after hanging on by one fleshy cuticle?...Will Comodo rewrite their software in time?...Will the new PC arrive undamaged or filled with a fake chip?...Be sure to tune in next time on ...'Windows XP: Drunken Master'... the department store Santa years Link to comment Share on other sites More sharing options...
*dcs18 Posted March 14, 2010 Share Posted March 14, 2010 Hi heath28m,My fix above (post # 12) to DKT27's issue was made in the light of the EAV only. ;) Link to comment Share on other sites More sharing options...
HX1 Posted March 14, 2010 Share Posted March 14, 2010 Oh I see.. I had to read your post #20 again .. in light of that review I thought you were saying that EAV was ruined n spite of the the separate integration of the firewall into ESS..The of course the following in #21 by Kotaxor... So I naturally assumed you were referring to the crashes that followed being a result of something related to the ESS package, not EAV.. but then of course you have the Web Access Protection too.. which I didn't really think about.I do think its possible he may have some bad sectors created by the continuous crashing... I have seen it before with a few systems and with my own experience...but its just an opinion...EDIT: At least he hasn't wound up with an 'Unmovable Boot Volume' BSOD yet.. Those can be a bad sign.. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted March 14, 2010 Author Administrator Share Posted March 14, 2010 I did checkdisk on C drive. Also I did HDD regenerator thingy from hiren's bootcd two weeks ago and it did recover one corrupt sector or similar.Nice way of presenting it heath. :PI know that dcs18 was clearly knowing that I use ESET AV and not ESET SS. heath remember me having page loading error, was later solved by blocking a link, I had some problems in other browsers, now i'm getting a feeling that ESET's web access protection is somewhere related to it. I'm testing some things before I come to a verdict. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.