The Dark Is Rising
Thursday November 8, 2007
One diversion too many gives Charles Wright an introduction to his computer's nether world.OH WHAT fun we have in the Bleeding Edge cave dealing with the chain of consequences radiating from those self-inflicted computer crashes that generate so much material for this column.Take our most recent entertainment involving Network Magic, which we wrote about last week. The fact that it magically converted two Windows XP PCs to mindless wrecks relieved us of the problem of deciding what to do with several hours of spare time.The average person would have been content with that upheaval, but not Bleeding Edge. We'd scarcely stopped that particular string of crashes by uninstalling all traces of Network Magic before we plunged into yet another diversion.We'd begun tinkering with a software firewall called Comodo, from tinyurl.com/la95f.Comodo had proved simple to install and operate, required fewer resources than our previous recommendation, ZoneAlarm Pro, and it provided a substantial degree of protection from internet intruders. Even better, unlike ZoneAlarm, it didn't fall over every time we used our BitTorrent client, uTorrent, to download video programs. Best of all, it's entirely free for home users.We were on the verge of suggesting readers investigate it as a potential free replacement for ZoneAlarm Pro when the PC started spontaneously rebooting.The average person might be depressed by this sort of behaviour, but here at Bleeding Edge we regard these interludes as a source of fun and intellectual profit. What better opportunity could one have to learn about minidumps and debugging?The average person could well overlook these sources of concentrated activity without a gentle prod from the Windows Stop Error - a phenomenon that replaces all meaningful computing activity with an arresting blue screen - or a series of random reboots. You can gain insight into some of the messages generated during these events at tinyurl.com/98mt - after which we recommend a couple of analgesics and a good lie down.We're not going to suggest that debugging errant computer processes is simple. But it is more approachable than you might expect and could save you considerable time and frustration.All but the most experienced users tend to be blissfully unaware of the fact that whenever Windows enters this sort of coma, it leaves behind certain cryptic clues called minidumps. The files have a .dmp extension and by default are deposited in the c:\windows\minidump directory. They appear to have been assembled from a mixture of Assyrian hieroglyphs and Martian, but while they are many times smaller than the dump files employed by the Dr Watson debugging tool that experienced Windows users are likely to have employed at some time, they contain the telltale fingerprints of rogue system or driver processes.Interpreting them could save you repeated attempts at restoring your PC, removing software and replacing drivers.You need a specialised debugging tool to make sense of the contents and fortunately Microsoft provides one, called WinDbg, as part of its Microsoft Debugging Tools download at tinyurl.com/2zost. There's an explanation of the process at tinyurl.com/3axrj, and WinDbg comes with a useful help file that explains what you're looking for and how to find it.In our case, WinDbg examined our minidumps and concluded that the cause of the crash was "probably" a file called cmdmon.sys. When we Googled it, we quickly discovered that it was a Comodo file.Given that information, you can either choose to uninstall the program or seek help from an online support forum. Comodo runs a very helpful one at forums.comodo.com. It includes an area where you can upload your minidump and seek a potential solution from the experts.Other online forums, such as the Whirlpool Windows forum at tinyurl.com/c9u7 and our own Bleeding Edge forum at tinyurl.com/2r4qgu, also provide assistance in analysing minidumps. They can provide fascinating insights into your computer's secret life.We're still working through our particular issues with Comodo - a somewhat more complex procedure than the average user is likely to confront due to the amount of messing around we tend to do with our systems but we were impressed with the level of support Comodo provides through its forum to the extent that we're prepared to suggest it's worth having a look at as a potential firewall candidate.And if something does go wrong, it could be your opportunity to join Bleeding Edge and start playing with your minidumps.