My Windows XP started to have BSOD crashes from yesterday. Before that, it was working fine on XP. I'm using the Kaspersky Anti Virus 6 (Business Space). I've gone into safe mode and disabled it for the time-being.
Attached is the dump file.
Recently I installed logmein & Sun VirtualBox softwares. Not sure if this is the cause.
Any ideas.???
Thanks in advance.
Full Version: BSOD on Windows XP
Hello,
1) which version of KAV for Win Workstation are you working with?
2) Does BSOD display error on a particular driver?
3) Does it help to disable KAV? Again, what did you do exactly from safe mode in order to "disable" KAV?
4) Could you pls post a sysinfo log?
M
PS: Logmein should not be involved with this problem....while i do not know Sun VirtualBox...
1) which version of KAV for Win Workstation are you working with?
2) Does BSOD display error on a particular driver?
3) Does it help to disable KAV? Again, what did you do exactly from safe mode in order to "disable" KAV?
4) Could you pls post a sysinfo log?
M
PS: Logmein should not be involved with this problem....while i do not know Sun VirtualBox...
Got a similar problem after installation of KAV 6 (new install). Stack dump is:
b726a9dc f7377ef2 870d18c0 872d35b0 8687dc2c 0x0
b726aa44 f606765f c000009a b726aa6c 00000001 NDIS!ethFilterDprIndicateReceivePacket+0x1ff
b726aa7c f606cebd 870c6330 87047e98 87047e30 ndiswan!NdisWanIndicateLoopbackPacket+0x148
b726aaa4 f6068af8 870c6330 00000000 00000103 ndiswan!NdisWanQueueSend+0xe0
b726aab8 f7357f87 870c6330 b726aaec 00000001 ndiswan!MPSendPackets+0x20
b726aae0 f736d995 870d13b8 87047e98 b726ab18 NDIS!ndisMSendX+0x1bd
b726aaf0 f648865b b726ab10 870d13b8 87047e98 NDIS!NdisSend+0xf
b726ab18 f7355985 870d18c0 87143d20 00000000 cv2k2+0x65b
b726ab40 f78f46ab 870de0b8 87143d20 867cb3b8 NDIS!ndisMSendX+0x1d6
b726ac0c f7320177 86f6ea88 86fa5f68 8645def8 klim5+0x36ab
b726ac34 804e37f7 86f6ea88 86fa5f68 806ef070 kl1+0x2177
b726ac44 80567f81 86fa5fd8 8645def8 86fa5f68 nt!IopfCallDriver+0x31
b726ac58 8057aa9f 86f6ea88 86fa5f68 8645def8 nt!IopSynchronousServiceTail+0x70
b726ad00 8058efe3 0000046c 00000000 00000000 nt!IopXxxControlFile+0x611
b726ad34 804de7ec 0000046c 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
b726ad34 7c90e514 0000046c 00000000 00000000 nt!KiFastCallEntry+0xf8
007cf6e0 00000000 00000000 00000000 00000000 0x7c90e514
I compared to the stack dump from the original posting (the minidump) which is:
a665db40 f77ba6ab 8a8585d0 8a79bc10 899a1450 0x0
a665dc34 804e37f7 8a80c4d8 8969ed48 806ef070 klim5+0x36ab
a665dc44 80567f81 8969edb8 894984e8 8969ed48 nt!IopfCallDriver+0x31
a665dc58 8057aa9f 8a80c4d8 8969ed48 894984e8 nt!IopSynchronousServiceTail+0x70
a665dd00 8058efe3 00000470 00000000 00000000 nt!IopXxxControlFile+0x611
a665dd34 804de7ec 00000470 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
a665dd34 7c90e514 00000470 00000000 00000000 nt!KiFastCallEntry+0xf8
0012f4d4 00000000 00000000 00000000 00000000 0x7c90e514
I notice that klim5 at address 0x36ab is involved here too. I have posted my finding to Kaspersky this morning, but no answer yet.
For the time being Kaspersky AV is removed.
b726a9dc f7377ef2 870d18c0 872d35b0 8687dc2c 0x0
b726aa44 f606765f c000009a b726aa6c 00000001 NDIS!ethFilterDprIndicateReceivePacket+0x1ff
b726aa7c f606cebd 870c6330 87047e98 87047e30 ndiswan!NdisWanIndicateLoopbackPacket+0x148
b726aaa4 f6068af8 870c6330 00000000 00000103 ndiswan!NdisWanQueueSend+0xe0
b726aab8 f7357f87 870c6330 b726aaec 00000001 ndiswan!MPSendPackets+0x20
b726aae0 f736d995 870d13b8 87047e98 b726ab18 NDIS!ndisMSendX+0x1bd
b726aaf0 f648865b b726ab10 870d13b8 87047e98 NDIS!NdisSend+0xf
b726ab18 f7355985 870d18c0 87143d20 00000000 cv2k2+0x65b
b726ab40 f78f46ab 870de0b8 87143d20 867cb3b8 NDIS!ndisMSendX+0x1d6
b726ac0c f7320177 86f6ea88 86fa5f68 8645def8 klim5+0x36ab
b726ac34 804e37f7 86f6ea88 86fa5f68 806ef070 kl1+0x2177
b726ac44 80567f81 86fa5fd8 8645def8 86fa5f68 nt!IopfCallDriver+0x31
b726ac58 8057aa9f 86f6ea88 86fa5f68 8645def8 nt!IopSynchronousServiceTail+0x70
b726ad00 8058efe3 0000046c 00000000 00000000 nt!IopXxxControlFile+0x611
b726ad34 804de7ec 0000046c 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
b726ad34 7c90e514 0000046c 00000000 00000000 nt!KiFastCallEntry+0xf8
007cf6e0 00000000 00000000 00000000 00000000 0x7c90e514
I compared to the stack dump from the original posting (the minidump) which is:
a665db40 f77ba6ab 8a8585d0 8a79bc10 899a1450 0x0
a665dc34 804e37f7 8a80c4d8 8969ed48 806ef070 klim5+0x36ab
a665dc44 80567f81 8969edb8 894984e8 8969ed48 nt!IopfCallDriver+0x31
a665dc58 8057aa9f 8a80c4d8 8969ed48 894984e8 nt!IopSynchronousServiceTail+0x70
a665dd00 8058efe3 00000470 00000000 00000000 nt!IopXxxControlFile+0x611
a665dd34 804de7ec 00000470 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
a665dd34 7c90e514 00000470 00000000 00000000 nt!KiFastCallEntry+0xf8
0012f4d4 00000000 00000000 00000000 00000000 0x7c90e514
I notice that klim5 at address 0x36ab is involved here too. I have posted my finding to Kaspersky this morning, but no answer yet.
For the time being Kaspersky AV is removed.
Which OS are you working with? If it's not XP64 or Vista you can uninstall NDIS filter. If you're not able anymore to boot up in normal mode, boot is safe mode and rename klim5.sys driver. Reboot in normal mode and check if everything is fine.
M
M
QUOTE(Helmut @ 26.08.2009 20:38) 
I've renamed klim5.sys to something like klim5_old.sys driver. And now the system doesn't crash anymore. Am I losing any protection by renaming klim5.sys ???
My System is Windows XP Professional 32 bit. My suspicion is with the VirtualBox.
Thanks for the advise. It has worked for me so far.
Hello,
as said before, you won't lose any protection by disabling NDIS filter: please read this article and you will understand.
M
as said before, you won't lose any protection by disabling NDIS filter: please read this article and you will understand.
M
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.