Posted on 2007-10-17
Last Modified: 2012-06-22
After remove a lot of viruses I am receiving 2 different BSODs, 7F & 8E. Attached is a minidump file for the 7F BSOD.
The computer has WinXP SP2. I ran a memory test using Memtest86 and it didn't find any problems.

Can someone tell me what is causing the BSOD.

----- 32 bit Kernel Mini Dump Analysis

MajorVersion        0000000f
MinorVersion        00000a28
DirectoryTableBase  00039000
PfnDataBase         81b53000
PsLoadedModuleList  8055a620
PsActiveProcessHead 805606d8
MachineImageType    0000014c
NumberProcessors    00000001
BugCheckCode        0000007f
BugCheckParameter1  00000000
BugCheckParameter2  00000000
BugCheckParameter3  00000000
BugCheckParameter4  00000000
PaeEnabled          00000000
KdDebuggerDataBlock 8054c260
MiniDumpFields      00000dff

ServicePackBuild      00000200
SizeOfDump            00010000
ValidOffset           0000fffc
ContextOffset         00000320
ExceptionOffset       000007d0
MmOffset              00001068
UnloadedDriversOffset 000010a0
PrcbOffset            00001878
ProcessOffset         000024c8
ThreadOffset          00002728
CallStackOffset       00002980
SizeOfCallStack       0000047c
DriverListOffset      00003090
DriverCount           0000009f
StringPoolOffset      00005fc8
StringPoolSize        00001648
BrokenDriverOffset    00000000
TriageOptions         00000041
TopOfStack            ed527b84
DebuggerDataOffset    00002e00
DebuggerDataSize      00000290
DataBlocksOffset      00007610
DataBlocksCount       00000004

Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a620
Debug session time: Sun Oct 14 12:40:16 2007
System Uptime: 0 days 0:31:14
start    end        module name
804d7000 806eb500   nt             Checksum: 0021EF64  Timestamp: Wed Feb 28 01:10:41 2007 (45E54711)

Unloaded modules:
ec0ff000 ec112000   NAVENG.SYS    Timestamp: unavailable (00000000)
ec112000 ec1e4000   NAVEX15.SYS    Timestamp: unavailable (00000000)
ed909000 ed934000   SymIDSCo.sys    Timestamp: unavailable (00000000)
f7a11000 f7a1b000   SRTSPX.SYS    Timestamp: unavailable (00000000)
edb0c000 edb55000   SRTSP.SYS    Timestamp: unavailable (00000000)
eda27000 eda3a000   NAVENG.SYS    Timestamp: unavailable (00000000)
eda3a000 edb0c000   NAVEX15.SYS    Timestamp: unavailable (00000000)
ec4d0000 ec4fb000   kmixer.sys    Timestamp: unavailable (00000000)
ed8b9000 ed8c0000   DDMI2.sys    Timestamp: unavailable (00000000)
ed8e1000 ed8e8000   DDMI2.sys    Timestamp: unavailable (00000000)
ed8c1000 ed8c8000   DDMI2.sys    Timestamp: unavailable (00000000)
f7b91000 f7b98000   DDMI2.sys    Timestamp: unavailable (00000000)
f7b19000 f7b20000   DDMI2.sys    Timestamp: unavailable (00000000)
ed8f9000 ed900000   DDMI2.sys    Timestamp: unavailable (00000000)
ec4d0000 ec4fb000   kmixer.sys    Timestamp: unavailable (00000000)
ecf1b000 ecf46000   kmixer.sys    Timestamp: unavailable (00000000)
f7de2000 f7de3000   drmkaud.sys    Timestamp: unavailable (00000000)
ed0e6000 ed0f3000   DMusic.sys    Timestamp: unavailable (00000000)
ecf96000 ecfb9000   aec.sys     Timestamp: unavailable (00000000)
ed0f6000 ed104000   swmidi.sys    Timestamp: unavailable (00000000)
f7da7000 f7da9000   splitter.sys    Timestamp: unavailable (00000000)
f7891000 f789b000   asc3550p.SYS    Timestamp: unavailable (00000000)
f7a81000 f7a8a000   processr.sys    Timestamp: unavailable (00000000)
f7a71000 f7a7c000   p3.sys      Timestamp: unavailable (00000000)
f7cbd000 f7cc1000   kbdhid.sys    Timestamp: unavailable (00000000)
f7c19000 f7c1e000   Cdaudio.SYS    Timestamp: unavailable (00000000)
f7ca5000 f7ca8000   Sfloppy.SYS    Timestamp: unavailable (00000000)

Finished dump check
Question by:LeonGarfield
    LVL 6

    Expert Comment

    At what point are you getting the BSOD?

    Author Comment

    when I am using the computer. No specific program is being used.
    LVL 32

    Accepted Solution

    Most likely a memory issue:
    Test with Memtest+ ( to rule out memory hardware trouble.


    If you have been hit by viral attacks - I would suggest a complete reformat and reinstall.
    If this is a heavily hit operating system - then you may never get rid of all the issues without formatting the disk.
    Personally - I would use DBAN to wipe the drive before reinstalling:

    Run a full online scan here (if possible in Safe Mode with Networking)

    and run a full scan with SuperAntiSpyware with updated definitions:

    Also - posting a unfixed HijackThis log may be helpful:
    LVL 27

    Expert Comment


    <Quote>  One of three types of problems occurred in kernel-mode: (1) Hardware failures. (2) Software problems. (3) A bound trap (i.e., a condition that the kernel is not allowed to have or intercept). Hardware failures are the most common cause (many dozen KB articles exist for this error referencing specific hardware failures) and, of these, memory hardware failures are the most common <Unquote>
    This is the present recommended RAM Tester, but no tester can guarantee confirming a RAM issue.  Maybe you could consider exchanging (swopout) the RAM(s) >>
    memtest86+  v1.70 :

    Or follow the advice in the "aumha" link.
    LVL 27

    Expert Comment

    Oops  .. some late post duplication ..
    LVL 32

    Expert Comment

    Actually - the best idea is to check with MemTest+ (as I stated) - then verify with the Windows Memory Diagnostic:
    LVL 6

    Assisted Solution

    I'd say before wiping to try a repair of XP. Run the install disk and do a repair. chkdsk /r

    Author Comment

    I already ran memtest86 and it didn't report any errors. Supposedly before I removed the viruses there were not BSOD. Only after I cleaned up the computer did the BDOS start to appear. So I don't think it is a physical memory issue. But I will try running another memory test and I will try chkdsk.

    I also already ran System File Checker to replace any corrupted system files..
    LVL 32

    Expert Comment

    If there is still malware on the computer - running a repair install is not recommended - and ultimately will not fix the problem.
    LVL 27

    Expert Comment

    If there IS still a virus problem, in addition you could try these two free virus scanners.  No one scanner can guarantee finding & fixing everything ...

    AVG Antivirus Free 7.5.488 >>
    and ...

    If you have a Trojan, please be aware that a number of scanners will detect a rootkit(a type of Trojan) but few will cleanly remove them.  
    The Sophos scanner comes with an excellent recommendation, you simply have to register (for a Home version) and it's free.  
    Certainly worth trying, it could neatly resolve your problem  >

    Sophos Anti-Rootkit Version 1.3.1
    LVL 27

    Expert Comment

    Another option if you are not comfortable registering the Sophos scanner above is ...
    RootkitRevealer v1.71                           

    Author Comment

    The solution was to reinstall Windows. It seems that the viruses messed up Windows enough to require a fresh install.
    LVL 32

    Expert Comment

    Apologies that the solution wasn't ideal.
    Thanks in any case.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    There are 2 things you must have in order to connect to the internet behind a router, The "Gateway IP" of the router, which is usually something like, I've seen routers with default values of:,,, …
    Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now