Random BSOD bad pool caller, help! (minidump included)

Status
Not open for further replies.
A

alexandros1313

Posts: 6   +0
Hi, I've recently upgraded to Windows Vista Home Premium and I'm having a problem with a random BSOD. It happens randomly, during gaming, web surfing, Word processing etc. I have the minidump file but I don't know how to use it, so I'd like to ask for your help. Please tell me if the minidump mentions what is causing the crash, I have had no luck troubleshooting the crash on my own. Thank you in advance!
 
You say "upgraded". That means to me that you had XP and slipped in the Vista disk started the install and chose Upgrade. Or booted from Vista CD and done basically the same.

In that case I would update the Major drivers. Mainly the Video and Audio drivers. Also when you upgrade in this way it leaves a large amount of registry entries that only applied to the former OS.

But to rule out other issues do the below in order given.

First do deep clean of Temps and Registry....

CCleaner http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean.

Run ATF-Cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.

KCleaner ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner. (When installing uncheck Relevant Knowledge do not install)
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below

Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "Cleanup at TechSpot".

Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.

As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.

It clears what is known as Shadow copies which are used by specialized back up programs.

This is if you have the Volume Shadow Copy running which is the default.

Download the Comodo System Cleaner which also has Comodo's excellent Registry cleaner.
http://download.comodo.com/csc/download/setups/CSC_Setup_1.1.64941.33_2k_xp_vista_server2003_x32.exe

Run its disk and Registry cleaners.

When the above is finished...

Rule out Malware do the below, even if you have no Malware the logs will give us a view of your system.

Do the TechSpot 8 steps: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall). Of course you have CCleaner from above.

Most importantly update MalwareBytes (MBAM) and SuperAntiSpyware (SAS)!

Before you scan with either MalwareBytes or SuperAntiSpyWare do the Extra Configs below these have become most important lately

SuperAntispyware extra config

After installed double-click the icon on your desktop to run it.

Update the program definitions.

Click the Preferences button.

Then Scanning Control.

In Scanner Options make sure all boxes are checked except #3 Ignore System Restore.. are checked:

MalwareBytes extra config

After update but before running
Click settings and confirm all are Checked.

I repeat Update these 2 programs.

Run them and attach their logs.

Mike
 
Thank you for the reply Mike. Sorry, I actually misphrased the part about upgrading. I installed Vista normally, on a formatted drive, I didn't upgrade from XP in that sense. I just meant that I switched to Vista. System restore is turned off, I already have CCleaner. I uploaded the Superantispyware log, I will post the mbam log later. So, was there anything inside the minidump that could point out the source of the problem?

Ok, a a few minutes I had another crash but with a different message: IRQL EQUAL OR LESS. MInidump included. Please, someone help, I have no idea what could be causing the problem.
 
I do not even look at Dumps (someone else can) until, Temps and Registry are cleaned and Malware checked and removed.

One of these is the fix 98% of the time. But even if not, you need a clean slate to properly diag a mini dump!

So run Post # 2 from top to bottom.

Get me the logs!

Mike
 
Mike, the error code is 0xD1 and the faulting driver is inspect.sys which belongs to COMODO firewall. Don't know how much of a help this is, but I didn't think it could hurt.
 
Thanks Jim! But I still want to see the Malware scans because the Malware may be trying to close or tamper with Comodo.

So Alex before doing the full Post #2, as in my last post turn off Comodo Firewall long enough to do the scans then back on!

Mike
 
Thanks for the help guys, I appreciate it. Ok, I ran the Malware Bytes program and it found nothing. I have uploaded the log. I also did all the cleaning you mentioned Mike, if there is anything else I should do, let me know.
 
OK do this and I will be satisfied you have no Malware.

Download ComboFix

Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Then do the below..

Left Drag mouse and Copy for Pasting all text in the box below. Make sure the slider bar goes to bottom from the @ to the end of the second exit.
Then paste to the black screen of an open command prompt. All may not apply so ignore errors.
Code: 
@echo off
sc config Alerter start= disabled
sc stop Alerter

sc config AeLookupSvc start= disabled
sc stop AeLookupSvc

sc config ClipBook start= disabled
sc stop ClipBook

sc config Dfs start= disabled
sc stop Dfs

sc config FastUserSwitchingCompatability start= disabled
sc stop FastUserSwitchingCompatability

sc config TrkWks start= disabled
sc stop TrkWks

sc config TrkSvr start= disabled
sc stop TrkSvr

sc config DNSCache start= disabled
sc stop DNSCache

sc config ERSvc start= disabled
sc stop ERSvc

sc config HidServ start= disabled
sc stop HidServ

sc config PolicyAgent start= disabled
sc stop PolicyAgent

sc config CiSvc start= disabled
sc stop CiSvc

sc config IsmServe start= disabled
sc stop IsmServ

sc config kdc start= disabled
sc stop kdc

sc config LicenseService start= disabled
sc stop LicenseService

sc config Messenger start= disabled
sc stop Messenger

sc config Netlogon start= disabled
sc stop Netlogon

sc config NetTcpPortSharing start= disabled
sc stop NetTcpPortSharing

sc config mnmsrvc start= disabled
sc stop mnmsrvc

sc config NetDDE start= disabled
sc stop NetDDE

sc config NetDDEdsdm start= disabled
sc stop NetDDEdsdm

sc config NtLmSsp start= disabled
sc stop NtLmSsp

sc config SysmonLog start= disabled
sc stop SysmonLog

sc config RSVP start= disabled
sc stop RSVP

sc config SSDPSRV start= disabled
sc stop SSDPSRV

sc config upnphost start= disabled
sc stop upnphost

sc config WMPNetworkSvc start= disabled
sc stop WMPNetworkSvc

sc config WmiApSrv start= disabled
sc stop WmiApSrv

sc config WmdmPmSN start= disabled
sc stop WmdmPmSN

sc config RemoteRegistry start= disabled
sc stop RemoteRegistry

sc config RemoteAccess start= disabled
sc stop RemoteAccess

sc config SCardSvr start= disabled
sc stop SCardSvr

sc config TlnSvr start= disabled
sc stop TlnSvr

sc config UPS start= disabled
sc stop UPS

sc config WebClient start= disabled
sc stop WebClient

sc config DNSCache start= disabled
sc stop DNSCache

sc config RpcSs start= Automatic
sc start RpcSs

sc config RpLocator start= Automatic
sc start RpcLocator

sc config MSIServer start= Automatic
sc start MSIServer
exit
exit

Reboot and try to Invoke a Dump! If it does do a dump then Uninstall Comodo Firewall as Jim mentioned this to be a possible problem.

After uninstalling the Comodo Firewall then turn on the Windows Firewall. Run long enough to tell if this fixed it.

If it does you may can reinstall the Comodo Firewall later and it will correct the problem.

The Comodo Firewall is an excellent choice!

But properly configured an used behind a Router the Vista FW is way better than the XP FW!

Better control of vista FW http://majorgeeks.com/download5578.html

Activate outgiong (2 way) for Vista FW http://www.lockergnome.com/blade/2009/03/09/vista-firewall-allows-inbound-outbound-blocking/

Mike
 
Ok, I did all the stuff you said and I uploaded the logs. Could you tell me what the problem was for the first minidump? That dump was created after the bad_pool_caller error that I keep getting. I don't know how to analyze logs, so I'm at a loss. Thank you.
 
Ok does it look like it is fixed? Would it have done it by now usually? How often does it occur?

And did you turn on the windows firewall and look at the links i provided?

Mike
 
F.Y.I. it was the same COMODO driver in your first attached minidump. it appears it couldn't be loaded and was preventing other drivers from doing the same.
 
Thanks for the info, Route44 and mflynn, I hope that Comodo was indeed the source of the problem. The problem was totally random, so it may take a couple of days until I'm sure it won't appear again. I'll let you know what happens guys, thanks!

EDIT: Update on the situation. It's been 5 days since I uninstalled Comodo and there have been no crashes. I installed Vista Firewall COntrol, the program that Mike suggested, and it works great. Thank you both for your help!
 
Status
Not open for further replies.

Similar threads

A
PC turns on, but no display. No power to mouse and keyboard.
Replies
5
Views
13K
Kshipper
Kshipper
Chan Martin
BSOD. any help appreciated.
Replies
0
Views
1K
Chan Martin
Chan Martin
S
BSOD on startup - minidump included
Replies
3
Views
1K
Tmagic650
Tmagic650

Latest posts

Back