BSOD after installing beta


I’m pretty impressed with CPF, and today I installed the new beta. A lot of my wishes are implemented!
But there’s one small present I don’t really like: a big fat ugly darkblue BSOD with lots of topsecret codes, that make me feel like I’m a spy. And I hate spyware.

I could replicate the error, so I’m pretty sure I know exactly when it’s happening.
If I enable “Secure the host while booting” everything looks normal, also shutting down the system. But instead of a normal boot that blue BSOD is gazing at me, right after the screen with “Welcome”.

Accidentally I was doing some testing and the only program starting up was CPF. When I disabled (in safe mode) “Secure the host while booting” everything went as it should. So I’m pretty sure CPF caused this error.

I don’t have a screenshot, not much to see, except the codes, here they are:


STOP 0x00000050 (0xFFFFFFE8, 0x00000001, 0x804D9079, 0x00000000)

If you need more information, please let me know.
I’m running XP SP 2, everything updated etc. On a Dell.

Peter Zwitser

To my knowledge, it’s not a required setting. In the version (my first CPF install), I was having issues with that setting. My issues were smaller however, no BSOD, as I was unable to browse my LAN.

You can check this message in my post where I had discussed this and decide for yourself if you feel you need this option that is causing you greif. [url],639.msg4072.html#msg4072[/url]

Hi Peter,

Can you please try to send us( the memory dump so that we can see what is going on? And do you get this error with or with previous beta? And does the BSOD screen show the guilty driver name? That option blocks all outgoing connections and there is a probability that some other driver may not like this feature and BSODs. What other security software are you using?


Hi Mongod,

Thanks for the reply. I’d like to have that option on, because I am what’s called in the other thread a highly suspectible computer, because of the work I do. Anyway, the option shouldn’t give a BSOD.

Hi Egemen,
That’s a fast reply!
I’l send you the memorydump and there’s a log-file with it too, I’ll send that too. But it’s partially in Dutch, I’m afraid…
I’l name the subject Goeroeboeroe BSOD.
I didn’t have the issue with the last regular version, and it was enabled then.
I don’t have a screenshot, because it’s a bit difficult to print a BSOD ;D, but there was nothing more on it than what I wrote, no name.

If you have suggestions how to get you more useful info, please let me now.
The other security software I use (which was all disabled on the moment I installed and tried the CPF beta, but of course the drivers etc. were installed, and some may have been started, even though disabled…):

System Safety Monitor
Ewido Anti-spyware (with real-time-protection, paid version)
Process Explorer (not really security software, but it installs a driver and I use it for security)
All-Seeing Eye (not everything enabled)
Lot of scanners, but I have to start them manually
Lot of ActiveX etc. from on-line-scanners, but also not active
Lots of prevention like SpywareBlaster.
Some small things like Spoofstick, SiteAdvisor, etc., and some things for Firefox and Internet Explorer, but I can’t imagine they have any influence since they only run when a browser is started.

Before you start to say I have much too much: I know, but it’s pretty balanced, and I am doing some things for which I really need a lot of protection.

Peter Zwitser

Hi Peter,

According to the BSOD parameters, CPF secure boot seems to be triggering a bug in one of the drivers, most probably netbios.sys or tcpip.sys.

Until we solve the problem, please open your computer in safe mode and delete the “Tag” value under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdMon. This should stop BSOD.

In the mean time, if you have a crash dump, please do send it so that we can analyze the issue faster.



EDIT : We have fixed the issue. It was another driver which was crashing and CPF was triggering the bug. The BETA setup will be updated today.

Hi Egemen,
Maybe I wasn’t clear, but BSOD stopped after I disabled “Secure the host while booting” in safe mode. So I just leave Tag under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdMonjust like it is now.


Please update your CPF copies. fixed this problem


I’ll try it out in half an hour or so and let you know.


You’ve fixed it! (V) It seems to work okay now.
In another topic I wrote about warning-events, they still exist. But this seems to work now!
I have one small suggestion. The installer/uninstaller workst great now. But.
I had to agree to uninstall, and then it rebooted. Since I was updating I thought all rules would be preserved. Not so. Maybe it’s an idea to give a warning on one of the screens, before the actual un-installation happens.

Thanks for the fix!


You can backup the rules with a registry export though… you can check this post in a thread where I asked about this for more details… [url],1019.msg6358.html#msg6358[/url]

Wow… update last night & tonight (R)

Yes, I know, but I thought rules would be kept because I was updating. After 20 years with computers I should have known you shouldn’t think when working with such a stupid machine :smiley:

Going to bed. In this part of the world it’s bedtime!