Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Crashes Randomly


  • Please log in to reply
12 replies to this topic

#1 JosephW1993

JosephW1993

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:52 PM

Posted 22 August 2007 - 09:02 PM

So every so often this is happening daily to every other day and can happen up to three times a day. I did not have this problem until after I reformatted. I cleaned out my computer system and it seemed to stop for a week or two. After it restarted it tells me Windows has recovered from a serious error and I send a report. It tells me I should be getting a blue screen but I don't.

Here is what the error report to Microsoft says:

***********************************************
Problem caused by Device Driver

You received this message because a device driver installed on your computer caused the Windows operating system to stop unexpectedly. This type of error is referred to as a "stop error." A stop error requires you to restart your computer.

More information


Problem report summary

Problem type

Windows stop error (a message appears on a blue screen with error code information)

Solution available?

No

What does this problem mean?

Windows has encountered a problem it cannot recover from and it needs to be restarted

Cause

Unknown

Computer symptoms

A message appears on a blue screen with error code information (for example: 0x0000001E, KMODE_EXCEPTION_NOT_HANDLED)

Additional steps for you to take

Please continue to send problem reports so analysts at Microsoft can study and try to correct the problem as quickly as possible

***********************************************

Please help!

Thank you,
Alendar

Edited by Alendar, 22 August 2007 - 09:03 PM.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:52 PM

Posted 22 August 2007 - 10:11 PM

One of the possible causes of this error message is an infection, specifically a trojan, have you run and scans for infections?

If you run you scan do this in the safe mode as it is the most effective way to find the infection and remove it. After you have done this and you still have a problem try doing a Last Known Good Configuration. If you need help doing this you can read the instructions for this here.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 JosephW1993

JosephW1993
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:52 PM

Posted 23 August 2007 - 08:23 AM

I am kinda doubting I am infected. I have a had HJT Team member look over my logs and help me and he found nothing and I don't if that will help since this started right after I reformatted.

Sidenote: I forgot to mention I am using some apps off of my USB drive from http://portableapps.com I didn't know if that could br a problem.

#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:08:52 PM

Posted 23 August 2007 - 09:22 AM

Check your System in Event Viewer and Device Manager for any yellow exclamation points
Mark
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 JosephW1993

JosephW1993
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:52 PM

Posted 23 August 2007 - 09:31 AM

I see a lot of Red X Errors and a few Yellow ! Warnings in the Event Viewer but not around the time my computer crashed.

Edited by Alendar, 23 August 2007 - 09:32 AM.


#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:52 PM

Posted 23 August 2007 - 10:37 AM

If you look at the event viewer at the top of the columns they are titled, in the event column if you right click on the event that has the red circle with the white X and then click on properties it will give you a description of what has occurred.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:52 PM

Posted 24 August 2007 - 06:55 AM

Attempt to locate the error closest to the time that the crash occurred (before you sent the report) - that will most likely hold the information from the crash dump. Here's some notes about locating error messages:

http://www.bleepingcomputer.com/forums/t/40108/how-to-use-event-viewer/
http://www.bleepingcomputer.com/forums/top...tml#entry409491
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#8 JosephW1993

JosephW1993
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:52 PM

Posted 22 September 2007 - 09:20 PM

Sorry this took so long:

Here is a crash dump:


Microsoft (R) Windows Debugger  Version 6.7.0005.1
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS\Minidump\Mini092207-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.		   *
* Use .symfix to have the debugger choose a symbol path.				   *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is: 
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*																   *
* The Symbol Path can be set by:									*
*   using the _NT_SYMBOL_PATH environment variable.				 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+									*
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a620
Debug session time: Sat Sep 22 20:42:42.923 2007 (GMT-4)
System Uptime: 0 days 8:03:01.501
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*																   *
* The Symbol Path can be set by:									*
*   using the _NT_SYMBOL_PATH environment variable.				 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+									*
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
.............................................................................................................................................
Loading User Symbols
Loading unloaded module list
..............
Unable to load image tcpip.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for tcpip.sys
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*******************************************************************************
*																			 *
*						Bugcheck Analysis									*
*																			 *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {16, 2, 0, 804e469a}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** WARNING: Unable to verify timestamp for cmdmon.sys
*** ERROR: Module load completed but symbols could not be loaded for cmdmon.sys
*************************************************************************
***																   ***
***																   ***
***	Your debugger is not using the correct symbols				 ***
***																   ***
***	In order for this command to work properly, your symbol path   ***
***	must point to .pdb files that have full type information.	  ***
***																   ***
***	Certain .pdb files (such as the public OS symbols) do not	  ***
***	contain the required information.  Contact the group that	  ***
***	provided you with these symbols if you need this command to	***
***	work.														  ***
***																   ***
***	Type referenced: nt!_KPRCB									 ***
***																   ***
*************************************************************************
*************************************************************************
***																   ***
***																   ***
***	Your debugger is not using the correct symbols				 ***
***																   ***
***	In order for this command to work properly, your symbol path   ***
***	must point to .pdb files that have full type information.	  ***
***																   ***
***	Certain .pdb files (such as the public OS symbols) do not	  ***
***	contain the required information.  Contact the group that	  ***
***	provided you with these symbols if you need this command to	***
***	work.														  ***
***																   ***
***	Type referenced: nt!KPRCB									  ***
***																   ***
*************************************************************************
*************************************************************************
***																   ***
***																   ***
***	Your debugger is not using the correct symbols				 ***
***																   ***
***	In order for this command to work properly, your symbol path   ***
***	must point to .pdb files that have full type information.	  ***
***																   ***
***	Certain .pdb files (such as the public OS symbols) do not	  ***
***	contain the required information.  Contact the group that	  ***
***	provided you with these symbols if you need this command to	***
***	work.														  ***
***																   ***
***	Type referenced: nt!_KPRCB									 ***
***																   ***
*************************************************************************
*************************************************************************
***																   ***
***																   ***
***	Your debugger is not using the correct symbols				 ***
***																   ***
***	In order for this command to work properly, your symbol path   ***
***	must point to .pdb files that have full type information.	  ***
***																   ***
***	Certain .pdb files (such as the public OS symbols) do not	  ***
***	contain the required information.  Contact the group that	  ***
***	provided you with these symbols if you need this command to	***
***	work.														  ***
***																   ***
***	Type referenced: nt!KPRCB									  ***
***																   ***
*************************************************************************
*************************************************************************
***																   ***
***																   ***
***	Your debugger is not using the correct symbols				 ***
***																   ***
***	In order for this command to work properly, your symbol path   ***
***	must point to .pdb files that have full type information.	  ***
***																   ***
***	Certain .pdb files (such as the public OS symbols) do not	  ***
***	contain the required information.  Contact the group that	  ***
***	provided you with these symbols if you need this command to	***
***	work.														  ***
***																   ***
***	Type referenced: nt!_KPRCB									 ***
***																   ***
*************************************************************************
Probably caused by : cmdmon.sys ( cmdmon+7299 )

Followup: MachineOwner
---------

#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:52 PM

Posted 23 September 2007 - 07:55 AM

I cannot tell if this is an error with your Comodo firewall ( the cmdmon.sys file referred to at the very end), or it's an exploit of the vulnerabilities in the Comodo firewall. Please redo the analysis and, in particular, pay extra attention to the section on loading the symbols.

Otherwise, I'd suggest 2 things:
1) Uninstall your Comodo firewall and install a freshly downloaded copy.
2) Perform a couple of free, online scans to ensure that you're not infected due to the vulnerability. I reccomend these 2:
http://safety.live.com
http://housecall.trendmicro.com
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#10 hamluis

hamluis

    Moderator


  • Moderator
  • 56,287 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:52 PM

Posted 23 September 2007 - 11:43 AM

Well...in addition to hardware drivers, your firewall, antivirus, music edit, and photo/video edit programs all employ drivers.

If you go to Device Manager and elect to view devices by connection and show hidden devices, you will see all of your drivers.

My point: When you see the error message you received, it's not necessarily a hardware driver which may be troublesome.

I used Comodo AV and Firewall for some time...I think I would uninstall each for a trial period.

Louis

#11 JosephW1993

JosephW1993
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:52 PM

Posted 23 September 2007 - 12:42 PM

What should I use for a firewall then?

#12 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:08:52 PM

Posted 23 September 2007 - 02:43 PM

I prefer the last freeware edition of the Sygate firewall (available here: http://www.321download.com/LastFreeware/pa...onal%20Firewall ) although the Windows firewall will do temporarily.

That being said, the Comodo firewall is normally a very stable piece of software - so I'd opt for a freshly downloaded copy of that first.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#13 hamluis

hamluis

    Moderator


  • Moderator
  • 56,287 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:52 PM

Posted 23 September 2007 - 04:43 PM

I have a bias for Sunbelt/Kerio Personal Firewall...but the important thing is to realize that there are several reliable defense programs that are available to anyone who wants to use them.

This year I have used Symantec, Sunbelt/Kerio, Comodo, AVG, and Panda products...they all did the job.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users