Overnight BSOD caused by cmderd.sys [308 - F]

  1. What you did:
    main screen turn on
  2. What actually happened or you actually saw:
    BSOD when I woke up
  3. What you expected to happen or see:
    running windows session
  4. How you tried to fix it & what happened:
  5. If its an application compatibility problem have you tried the application fixes?:
  6. Details (exact version) of any application involved with download link:
    CIS 5.x.1135
  7. Whether you can make the problem happen again, and if so exact steps to make it happen:
  8. Any other information (eg your guess regarding the cause, with reasons):
    I notice CMDERD has to do with “eradication”, my guess is, removing viruses. While browsing a webpage on the same windows session earlier that day, I DID get some AV popups from both Avira and Comodo relating to some temp files. It is the first time I’ve seen BOTH of them act on the same file, usually Comodo gets priority.

Files appended. (Please zip unless screenshots).

  1. Screenshots illustrating the bug:
  2. Screenshots of related event logs and the active processes list:
  3. A CIS config report or file.
  4. Crash or freeze dump file:
    Enclosed with post.

Your set-up

  1. CIS version, AV database version & configuration used:
    CIS 5.x.1135 AV database 6493
  2. a) Have you updated (without uninstall) from CIS 3 or 4, if so b) have you tried reinstalling?:
  3. a) Have you imported a config from a previous version of CIS, if so b) have U tried a preset config?:
  4. Other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here. )
  5. Defense+ and Sandbox OR Firewall security level:
    Firewall - Custom Policy D+ - Permanently Disabled(from another bug)
  6. OS version, service pack, no of bits, UAC setting, & account type:
    Win7 x64 UAC disabled all updates, admin account
  7. Other security and utility software running:
    Avira AntiVir
  8. Virtual machine used (Please do NOT use Virtual box):

[attachment deleted by admin]

Thank you for the bug report. Much appreciated.

Moving to format verified.


I’ve noticed NBZ and WBZ tags on reports. What do these mean?

Please read here.

Thanks. However that doesn’t explain it all. LBZ - might track, NBZ - will not track, but WBZ is not explain.

W = Waiting. Mouse1 is away at the moment, and I do not intend to double post in BZ and end up confusing everyone.
W = Can also mean waiting for further posts or info.

BZ does not effect how bugs are treated as soon as we moved them here they are looked at and if any more info is needed you will be asked.

Quote from Mouse1 post
it’s just that mods don’t track them

Edit I would hope that all BSOD posts that once the dump has been analysed and if CIS is not the problem the poster would be informed.

Sorry typo! Should be WBZ not LBZ, have modified.

Thanks for your report. Our engineers are dealing with the problem.


hi, Searinox,

I want to confirm with you if you install antivirus of Avira and Comodo and enable them at the same time?

Best Regards,

VERY old response, but I didn’t see your post at the time: I don’t understand your post, both of them are installed AND both realtime protections enabled. The install and running by itself, aswell as occasional malware detection, does not cause BSODs. This was a very rare and isolated conflict in months of running them together.

This issue should have been fixed in 5.3.