BSODs Please add your minidump files here

Help for v2
61

(Sorry- just noted my previous post and that it’s been moved- I quite thought that had failed as I got an error message after submitting it).

Anyway- I did try installing it again after uninstalling Zonealarm as I noted was suggested, and that just changed the point at which I got a BSOD. So if the first was a firewall conflict (and I remember I did - years ago- have Sygate + Zonealarm briefly both installed in transition to Zonealarm with no problems)- this must be a different conflict.

Attached two BSOD crash dumps - the earlier after logging on, the later after the warning about the firewall not running after a restart.

I’d really like to run a firewall demanding fewer resources, so ideas welcome!

Thanks, David L.

[attachment deleted by admin]

62

I am having pretty much the same issue as the last poster. More and more frequently I am getting the blue screen of death. I am noticing that this happens more often than not when I am attempting to do a search.

63

Sad to say, the only solution I found was uninstalling Comodo. (:SAD)

No BSOD since I’ve done that.

64

I’ve been using CPF for quiet a while now on this machine, had no problems but recently (can’t remember exactly when, probably when the latest update came out) - I currently have 2.4.18.184

I’ve been getting totally random BSOD with:

Error code 1000000a, parameter1 00000016, parameter2 00000002, parameter3 00000000, parameter4 804f8e2a.

They appear to come at any time, there seems to be no relation with any application or any particular thing I’m doing.

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {16, 2, 0, 804f8e2a}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** WARNING: Unable to verify timestamp for cmdmon.sys
*** ERROR: Module load completed but symbols could not be loaded for cmdmon.sys
Probably caused by : cmdmon.sys ( cmdmon+7299 )

Followup: MachineOwner

kd> !analyze -v
ERROR: FindPlugIns 8007007b

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000016, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 804f8e2a, address which referenced memory

Debugging Details:

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

MODULE_NAME: cmdmon

FAULTING_MODULE: 804d7000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 45bc9111

READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
00000016

CURRENT_IRQL: 2

FAULTING_IP:
nt+21e2a
804f8e2a 66394616 cmp word ptr [esi+16h],ax

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WRONG_SYMBOLS

BUGCHECK_STR: 0xA

LAST_CONTROL_TRANSFER: from baf76f89 to 804f8e2a

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
f8246ca4 baf76f89 82b2d33c 00000000 00000000 nt+0x21e2a
f8246cc8 baf770bd fd6bd008 c000023a 00000000 tcpip+0x29f89
f8246cf8 baf5323d fd6bd008 82b2d354 fd6bd0b8 tcpip+0x2a0bd
f8246d14 804edfe3 82d35318 fd6bd008 fd6bd0dc tcpip+0x623d
f8246d38 baf41299 82d35318 fd6bd008 00000000 nt+0x16fe3
f8246dac 805c4cce 00000000 00000000 00000000 cmdmon+0x7299
f8246ddc 805411c2 baf40c80 00000000 00000000 nt+0xedcce
00000000 00000000 00000000 00000000 00000000 nt+0x6a1c2

STACK_COMMAND: kb

FOLLOWUP_IP:
cmdmon+7299
baf41299 ?? ???

SYMBOL_STACK_INDEX: 5

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: cmdmon.sys

SYMBOL_NAME: cmdmon+7299

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner

I’m running Windows XP Home SP2
with NOD32 2.51.30 for AV
Windows Defender
Trojan Remover
SpywareGuard
Spyware Blaster
Spybot S&D
A-Sqaured Free

512MB Ram
Sempron 2800+
Asus K8N nForce 3 250
Radeon 9600XT Bravo

Latest drivers for everything, was working fine before with older version of CPF.

65

I do not know English, which is a literal translation of the report, please understanding! I is the Chinese version users, downloaded into a blue screens, detailed Please see Annex!

[attachment deleted by admin]

66

CPF 2.4.18.184
XP Pro, Intel T2050 Core DUo 1.6GHz, 1.5 GB RAM, Dell Wireless 1500 Draft 802.11n

[attachment deleted by admin]

67

AMD 5200+
Gigabyte M55S-S3
onboard LAN
4GB RAM
XP SP2

Any previous version that dont give BSODs available?

[attachment deleted by admin]

68

Hi, have been using Comodo for a while now. It used to give frequent BSODs last time when uTorrent was running. Then the problem was fixed when updating to the latest version. No BSODs. However, recently had to reformat the PC and now the BSOD problem is cropping up again even more frequently, about 2-4 hours of uTorrent usage.

OS: Windows XP Professional
CPU: Intel Core 2 Duo E6300
RAM: 2GB
MOBO: Gigabyte 965P-S3
Network Card: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller

Other programs running: PeerGuardian, AVG Anti-Spyware, AntiVir Free, Comodo Firewall 2.4.18.84

[attachment deleted by admin]

69

System:

  • Intel D975XBX2
  • Q6600
  • 4 GB ECC DDR2 RAM (Qimonda aka Infineon)
  • NVIDIA 8600GT
  • ESI MAYA44 Soundcard

Software:

  • Windows XP Professional SP2 (32 bit, en) (all “critical” updates currently available installed except WGATray & IE7, tcpip.sys patched to allow more than 10 half-open outgoing connections)
  • Comodo Firewall Pro 2.4.18.184
  • VMware Player 2.0.0 build-45731 (with “VMware Virtual Ethernet Adapter” for “VMnet1” and “VMnet8” installed)
  • SpeedFan installed but not running
  • ATITool installed but not running
  • Dozen of apps (Visual Studio 2003 .NET, 2005, SQL Server Express, Nero 6, TortoiseSVN, Azureus, …)

VMware Player WAS running, I was just installing some ubuntu packages in a VM when it crashed.
Visual Studio 2005, Azureus & IE6 were also running at the time but i doubt that has anything to do with anything.

Since this very likely is CFP’s fault I’m going to have to uninstall it - I don’t like bugchecks on my system. BTW: this is the first (and hopefully only) bugcheck I ever got on that system. BTW: That system ran for about 2 months without a problem WITH CFP installed. Yesterday I started playing around with VMware Player, today it crashes while running VMware Player. Could be a coincidence though.

(…)

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 00000020, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: a8822520, address which referenced memory

Debugging Details:

Unable to load image cmdmon.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for cmdmon.sys
*** ERROR: Module load completed but symbols could not be loaded for cmdmon.sys
Unable to load image inspect.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for inspect.sys
*** ERROR: Module load completed but symbols could not be loaded for inspect.sys

READ_ADDRESS: 00000020

CURRENT_IRQL: 2

FAULTING_IP:
afd!AfdCheckAndReferenceEndpoint+c
a8822520 8b0a mov ecx,dword ptr [edx]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: Idle

LAST_CONTROL_TRANSFER: from a882d8b5 to a8822520

STACK_TEXT:
8054fe4c a882d8b5 00000000 8054ff84 883a5b2c afd!AfdCheckAndReferenceEndpoint+0xc
8054fe80 a886ea0e 00000000 00000016 8054ff34 afd!AfdReceiveDatagramEventHandler+0x25
WARNING: Stack unwind information not available. Following frames may be wrong.
8054feb4 a888186c 883a5b2c 00000016 8054ff34 cmdmon+0x2a0e
8054ff50 a888d2f4 8815f328 0101010a 00003500 tcpip!UDPDeliver+0x1be
8054ffa8 a8880ef5 8974b308 1701010a 0101010a tcpip!UDPRcv+0x164
80550008 a889ee4d 00000020 8974b308 a8881592 tcpip!DeliverToUser+0x18e
805500bc a887f922 8974b308 89b3b052 000000d7 tcpip!IPRcvPacket+0x670
805500fc a88844ad 00000000 8801c088 89b3b030 tcpip!ARPRcvIndicationNew+0x149
8055012c ba91c85d 8844b4b0 8801c088 89b3b030 tcpip!ARPRcv+0x42
805501e8 a887f3d6 ba534ff2 8844b4b0 885b8278 inspect+0x485d
8055021c 804ff12f 00000000 805502b8 885b82c0 tcpip!IPRcvComplete+0x21
805502d0 8050242f 880d0388 00000000 805502e0 nt!KiIpiSend+0x27

bye

[attachment deleted by admin]

70

hi
new here
i’ve been using comodo for a while now but keep getting BSOD, it usually works ok but sometimes when i open up a program eg, utorrent or windows live messenger or mozillz firefox
i get the BSOD

windows xp pro version 2002 sp2 with latest security updates
AMD athlon 64 processor 2800+
512mb ram
network card is on the motherboard abit kv8-pro

using comodo firewall pro 2.4.18.184

i’ve attached the minidump file

Please help (V)

[attachment deleted by admin]

71

I’ve actually had Comodo for quite some time, and these BSODs are new. I never had a problem with BT, but now that I have BitComet, that seems to be what’s doing it. Well, that and searching around the forums and such about this.

OS: Windows XP Home SP2
502MB RAM
Intel Pentium 4
My modem is connected by USB…it’s a Motorola SB4200.
Comodo version: 2.4.18.184 (The other day, my mouse started blinking when I opened up Comodo and moved my mouse over it. It blinks fast between the regular mouse and busy mouse. Don’t know if these are even connected.)
And if it helps…BitComet version: 0.91

Attached Minidump. This is the first BSOD in three days, though.

[attachment deleted by admin]

72

Finally i discover that my daily BSOD come from cmdmon.sys as my minidump seems to say.

All BSOD happens randomly but ever after a call to print from any application and not depending from printer driver (it happened with all my installed printer drivers)

Minidump attached

OS Xp Sp2
No others security software working except Clamwin
Comodo 2.4.18.184

Thanks for help
LM

[attachment deleted by admin]

73

Hello lucmonc, I merged your post with this dedicated topic!

Btw, welcome to the forum. :wink:

/LA

74

I get BSOD Not_Less_or_Equal using Comodo Firewall 2.4 and it is caused by the XP screensaver.
If I disable the screensaver, I don’t get BSOD.
Please let me know if this fixes anyones BSOD?

75

Inspect.sys BSOD’s

CPF version 2.4.18.184…also possible conflict with utorrent/peerguardian

OS: Windows XP SP2
CPU: Intel Core2Duo E6600
MOB: Asus P5W DH Deluxe
RAM: G.Skill 2GB DDR2
Network Card: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller

Don’t think my PC is producing a dumpfle, maybe because my page file is on a different drive?

76

I’m new here so this is my second try.

I think Sparky has a good point. I get the same BSOD after my computer has been idle for a couple of hours.

Analysis of minidump with Debug identifies cmdmon.sys as the cause for the crash. My computer has been on for hours now with Windows Screen Saver turned off.

Any ideas about what’s happening?

Update: I jumped in too soon. Computer still crashes with Win Screen Saver off. Will post again if I discover the conflict or cause.

Dell 8300
Pent 4, 2.6
1GB DDR 400
Win XP Pro, SP2
Intel Pro/100

[attachment deleted by admin]

77

I recently tried CFP_Setup_English_German_2.4.18.184.exe in search for a new Firewall. I have a free license to the Symantec Client Security Corporate (AV and PFW) through my company, but i dont really like the firewall. So I tried Comodo, but i get Reboots/BSOD about every 24h with cdmon.sys being the culprit. I cant provide minidump because my swapfile is on a µSSD and there is not enough room on the Sysdrive for the required swapfilesize of memory+1MB.
I also use µtorrent, though it doesn’t run all the time.
I also have a dedicated Router/Firewall (IPCop Linux) on a separate PC.
My NIC is intel PRO/100 PCI, and there is a Realcrap 8139 Onboard NIC which is disabled in Windows.
Sysspecs: Intel P4 Northwood 2,6GHz, 4GB, EIDE HDDs, USB2 8GB µSSD as Swapdisk and Photoshop Scratchdisk. WinXP SP2 with all relevant updates.
System runs without reboots for MONTHS unless i install CFP_Setup_English_German_2.4.18.184.exe which makes it crash every day. Pls fix this, because Comodo is really good, apart from this show stopper.

Does anyone even check the minidumps still? The later ones all have 0 downloads. If it is REALLY of interest i can take out 3GB and move swap to C:\ for a day.

78

Hi,

I have been having the same problem too. It has been driving me crazy coz recently I had re replace a pair of faulty RAM to get my PC stable. So when I started hitting BSOD randomly even after replacing, imagine my despair (:AGY).

I noticed that the BSOD was linked to

  1. laptop sitting idle for more than 30mins and accesing local network

  2. printing to my network printers (connected to another LAN PC)

  3. Norton Ghost (version 12) network backup.

The problem was not there at the beginning, which was about 3-4 months back when I started using Comodo. It started at some point when updates were installed to the OS and WMP11 and IE7 was installed.

I am running WinXP SP2 Pro with complete current update as on Spetember 06, 2007. All drivers are current. Details of the system were collected (complete HW and SW inventory) usng HP Instant support Prof. ed. and attached.

I would be happy to provide more info.

Here is the debug info obtained using WinDbg (version 6.7.005.1):

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

Use !analyze -v to get detailed debugging information.

BugCheck A, {16, 2, 0, 804e469a}

*** ERROR: Symbol file could not be found. Defaulted to export symbols for tcpip.sys -
*** ERROR: Module load completed but symbols could not be loaded for cmdmon.sys
Probably caused by : cmdmon.sys ( cmdmon+7e2 )

Followup: MachineOwner

kd> !analyze -v

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000016, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 804e469a, address which referenced memory

Debugging Details:

READ_ADDRESS: 00000016

CURRENT_IRQL: 2

FAULTING_IP:
nt!KeSetEvent+30
804e469a 66394616 cmp word ptr [esi+16h],ax

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

PROCESS_NAME: System

TRAP_FRAME: f7274c24 – (.trap 0xfffffffff7274c24)
ErrCode = 00000000
eax=00000001 ebx=c0000100 ecx=850ba484 edx=f0c40600 esi=00000000 edi=00000000
eip=804e469a esp=f7274c98 ebp=f7274ca4 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!KeSetEvent+0x30:
804e469a 66394616 cmp word ptr [esi+16h],ax ds:0023:00000016=???
Resetting default scope

LAST_CONTROL_TRANSFER: from 804e469a to 804e187f

STACK_TEXT:
f7274c24 804e469a badb0d00 f0c40600 0000003a nt!KiTrap0E+0x233
f7274ca4 f0c2af89 850ba484 00000000 00000000 nt!KeSetEvent+0x30
WARNING: Stack unwind information not available. Following frames may be wrong.
f7274cc8 f0c2b0bd 84d92c18 c000023a 00000000 tcpip!tcpxsum+0xcea1
f7274cf8 f0c0723d 84d92c18 850ba49c 84d92cc8 tcpip!tcpxsum+0xcfd5
f7274d14 804e37f7 84ec8308 84d92c18 84d92cec tcpip!ARPRcv+0xdca
f7274d24 f0bee7e2 f0bfde90 84eacd74 84eacd74 nt!IopfCallDriver+0x31
f7274d38 f0bf5299 84ec8308 84d92c18 00000000 cmdmon+0x7e2
f7274dac 8057cfce 00000000 00000000 00000000 cmdmon+0x7299
f7274ddc 804f88fa f0bf4c80 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16

STACK_COMMAND: kb

FOLLOWUP_IP:
cmdmon+7e2
f0bee7e2 5f pop edi

SYMBOL_STACK_INDEX: 6

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: cmdmon

IMAGE_NAME: cmdmon.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 45bc9111

SYMBOL_NAME: cmdmon+7e2

FAILURE_BUCKET_ID: 0xA_cmdmon+7e2

BUCKET_ID: 0xA_cmdmon+7e2

Followup: MachineOwner

Dear Heroes, Help me! I have already switched to ZoneAlarm (which I dont like at all, but what choice do i have until the issue is resolved?)

Tanveer

[attachment deleted by admin]

79

Hi all,

I’ve been using comodo for about a year without any problems, it’s a great piece of software. BUT… Now I have changed my pc hardware (format + reinstall of windows xp) and I had anything but trouble. I found that comodo was behind that :frowning:

Cause: comodo causes BSOD with some message about inspect.sys and DRIVER_IRQL_NOT_LESS_OR_EQUAL. It shows up only when many outgoing connections are made (about 400 or so - I’ve tested with utorrent and proxyhunter, I have patched tcpip.sys to allow unlimited connections)

My MB is Asus P5B-VM, intel g965 chipset, realtek 8168/8111 gbit NIC

I found another thread here and found someone had similar issue with some other mainboard, but drivers update for the NIC had not solved the problem him, not for me. I have downloaded latest drivers for that NIC and it’s still the same :frowning:

With the last mainboard I had comodo worked fine (original Intel with 915g chipset).

So I have uninstalled comodo and installed sunbelt/kerio, which works fine, at least I have 30 days… So this appears to be a problem of comodo :frowning:

Could you guys please look at that? I’d like to use comodo again, but it’s unuseable for me now.

Y.

80

I’ve got an Intel Celeron 2.66 Mhz w/ 1Gig of memory, running XP w/ SP 2 and latest updates.

Receive very random BSOD. I have unistalled Commodo so can’t give version but it should have been the latest.

[attachment deleted by admin]