[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 448
  • Last Modified:

Windows XP boots to BSOD Physical memory dump in normal mode, safe mode okay

HI All,

We are going to be trying to help with a workstation this afternoon.  We haven't seen it yet and will be on limited time as the client is a charity client.  It apparently throws a BSOD physical memory dump when working in normal mode, but can be worked in safe mode just fine.  

The machine has been scanned via AV and I'm guessing it's probably not hardware (ram, HDD, etc) related as the machine runs fine in safe mode.  

Any obvious drivers or other areas you'd recommend looking if this is only coming up in normal mode?  I will post the exact error soon.

Thanks!
0
Jsmply
Asked:
Jsmply
1 Solution
 
Mike ThomasConsultantCommented:
Safe mode runs with limited drivers so it is probably a driver, have they installed any new hardware recently?

0
 
angel_fire2701Commented:
Find out if they installed any new hardware recently like Mojotech suggested, I personally would check video drivers and/or wireless as they seem to do that alot.
0
 
StinkyPeteCommented:

Here is a link the list of stop error codes (The BSOD number)
It might give you a hint as to whats setting of the error

http://pcsupport.about.com/od/findbyerrormessage/tp/stop_error_list.htm

0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
JsmplyAuthor Commented:
Just got the error from the user. It is IRQL_NOT_LESS_OR_EQUAL 0x0000000A. I'm not on a computer right now though (replying via mobile). Will check that list.
0
 
JsmplyAuthor Commented:
Looks like it might be malware related. I'm on the machine now. Combofix deleted C:\windows\system32\drivers\a08055.sys and now it boots!  Anyone have any idea what that driver pertains too?
0
 
StinkyPeteCommented:
Often malware will use randomly generated file names.
0
 
JsmplyAuthor Commented:
Yep, that was it!  Seems to run fine now!  Thanks!
0
 
JsmplyAuthor Commented:
Thx!
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now