Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BSOD after virus?

23 Feb 2011   #11
usasma
Microsoft MVP

 
 

Don't go buying anything yet, but here's some PSU suggestions:
- get a PSU tester ($10-15 US) - not 100% effective
- remove all power sapping devices (disconnect unneeded devices (such as CD/DVD ROM, spare hard drives, and case fans) - use a house fan to take the place of the case fans (with the case open).
- buy a new power supply from a place that will allow you to return it. Then try the new one out.

We'll have to see some more BSOD memory dumps to draw further conclusions.


My System SpecsSystem Spec
.
23 Feb 2011   #12
harpagornis

Windows 7
 
 
shut down external video card

Shut down external video card in bios. Now using onboard video. BSOD's seem to be gone. Will run Windows for another day and shall then continue.

Shall I focus on Video card diagnosing or shall I disconnect some unneeded devices and focus on PSU?
My System SpecsSystem Spec
24 Feb 2011   #13
usasma
Microsoft MVP

 
 

Only change one thing at a time - that way any changes in the systems behavior can be attributed to the one thing that you changed.

For example, if switching to the onboard video stops the BSOD's - then it's obvious that the discreet video card is the problem BUT only if the BSOD's are truly stopped.

So, try video stress tests now and see if the onboard video can ride them out. Then put the discrete video card back in and try the same stress tests - does that throw BSOD's?
My System SpecsSystem Spec
.

24 Feb 2011   #14
harpagornis

Windows 7
 
 

BSOD's have stopped for sure now. I was thinking how to tackle the problem.

I will carry out the video stress tests. Thank you for your advice!
My System SpecsSystem Spec
26 Feb 2011   #15
harpagornis

Windows 7
 
 

BSOD's came back after I tried to run on onboard video. And I realised that I never actually turned off the onboard video. I saw both video adapters in device manager.

Eventually I did manage to turn it off 785GM-E51 vga problem
Though I still have the BSOD's occasionally.

Maybe you can have a look at the BSOD's
I guess they are still random Attachment 140628
My System SpecsSystem Spec
26 Feb 2011   #16
usasma
Microsoft MVP

 
 

So, this set of dumps looks to be hardware related. Looking at your links to the MSI forum, it appears that they also have some question about the motherboard or PSU.

Test with onboard video - and uninstall discrete video software/drivers and remove the card from the machine.
Then test with discrete video software/drivers and card - and ensure that onboard video is disabled in the BIOS and doesn't show in Device Manager.

Test with video stress test such as Furmark.

14 memory dumps over a 2 day period
8 different BSOD error codes
5 different causes are blamed
That says hardware to me.

Please run Driver Verifier according to these directions. I don't suspect that it'll tell us much, but it will help to confirm that this is a hardware error:
Quote:
Using Driver Verifier is an iffy proposition. Most times it'll crash and it'll tell you what the driver is. But sometimes it'll crash and won't tell you the driver. Other times it'll crash before you can log in to Windows. If you can't get to Safe Mode, then you'll have to resort to offline editing of the registry to disable Driver Verifier.

So, I'd suggest that you first backup your stuff and then make sure you've got access to another computer so you can contact us if problems arise. Then make a System Restore point (so you can restore the system using the Vista/Win7 Startup Repair feature).

Then, here's the procedure:
- Go to Start and type in "verifier" (without the quotes) and press Enter
- Select "Create custom settings (for code developers)" and click "Next"
- Select "Select individual settings from a full list" and click "Next"
- Select everything EXCEPT FOR "Low Resource Simulation" and click "Next"
NOTE: You can use Low Resource Simulation if you'd like. From my limited experimentation it makes the BSOD's come faster.
- Select "Select driver names from a list" and click "Next"
Then select all drivers NOT provided by Microsoft and click "Next"
- Select "Finish" on the next page.

Reboot the system and wait for it to crash to the Blue Screen. Continue to use your system normally, and if you know what causes the crash, do that repeatedly. The objective here is to get the system to crash because Driver Verifier is stressing the drivers out. If it doesn't crash for you, then let it run for at least 36 hours of continuous operation (an estimate on my part).

Reboot into Windows (after the crash) and turn off Driver Verifier by going back in and selecting "Delete existing settings" on the first page, then locate and zip up the memory dump file and upload it with your next post.

If you can't get into Windows because it crashes too soon, try it in Safe Mode.
If you can't get into Safe Mode, try using System Restore from your installation DVD to set the system back to the previous restore point that you created.

If that doesn't work, post back and we'll have to see about fixing the registry entry off-line:
Code:
Delete these registry keys (works in XP, Vista, Win7):
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\VerifyDrivers
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\VerifyDriverLevel
More info on this at this link: Using Driver Verifier to identify issues with Windows drivers for advanced users
OLDER DRIVERS PRESENT IN THE DUMP FILES
- Please update these drivers from the device manufacturer's website - or uninstall/remove them from your system.
Reference links are included below.
- DO NOT use Windows Update or the Update Drivers function of Device Manager.
- Windows Update exceptions may be noted below for Windows drivers:
Code:

amdxata.sys    Tue May 19 13:56:59 2009 (4A12F2EB)
AtiPcie.sys    Tue May 05 11:00:22 2009 (4A005486)
vpcvmm.sys     Wed Jul 22 18:20:22 2009 (4A6790A6)
SASKUTIL64.SYS Tue Feb 09 17:27:34 2010 (4B71E156)
SASDIFSV64.SYS Mon Feb 08 19:11:52 2010 (4B70A848)
vpcnfltr.sys   Wed Jul 22 18:20:17 2009 (4A6790A1)
mcdbus.sys     Tue Feb 24 05:34:07 2009 (49A3CD1F)
amdiox64.sys   Thu Feb 18 10:17:53 2010 (4B7D5A21)
vpcusb.sys     Wed Jul 22 18:20:23 2009 (4A6790A7)
usbrpm.sys     Mon Jul 13 20:35:14 2009 (4A5BD2C2)
vpchbus.sys    Wed Jul 22 18:20:23 2009 (4A6790A7)
Rt64win7.sys   Thu Mar 04 08:42:52 2010 (4B8FB8DC)
usbfilter.sys  Tue Dec 22 03:26:22 2009 (4B3082AE)
RTKVHD64.sys   Tue Jul 06 06:05:16 2010 (4C32FFDC)
000.fcl        Fri Sep 26 09:11:22 2008 (48DCDF7A)
msibios64.sys  Tue Dec 09 22:35:05 2008 (493F38E9)
pbfilter.sys   Mon Sep 28 02:02:08 2009 (4AC05160)
FLASHSYS64.sys Fri Feb 15 03:00:23 2008 (47B54697)
AtiHdmi.sys    Wed Nov 18 18:25:33 2009 (4B04826D)
AODDriver2.sys Thu Apr 22 06:28:05 2010 (4BD024B5)
http://www.carrona.org/dvrref.html#amdxata.sys
http://www.carrona.org/dvrref.html#AtiPcie.sys
http://www.carrona.org/dvrref.html#vpcvmm.sys
http://www.carrona.org/dvrref.html#SASKUTIL64.SYS
http://www.carrona.org/dvrref.html#SASDIFSV64.SYS
http://www.carrona.org/dvrref.html#vpcnfltr.sys
http://www.carrona.org/dvrref.html#mcdbus.sys
http://www.carrona.org/dvrref.html#amdiox64.sys
http://www.carrona.org/dvrref.html#vpcusb.sys
http://www.carrona.org/dvrref.html#usbrpm.sys
http://www.carrona.org/dvrref.html#vpchbus.sys
http://www.carrona.org/dvrref.html#Rt64win7.sys
http://www.carrona.org/dvrref.html#usbfilter.sys
http://www.carrona.org/dvrref.html#RTKVHD64.sys
http://www.carrona.org/dvrref.html#000.fcl
http://www.carrona.org/dvrref.html#msibios64.sys
http://www.carrona.org/dvrref.html#pbfilter.sys
http://www.carrona.org/dvrref.html#FLASHSYS64.sys
http://www.carrona.org/dvrref.html#AtiHdmi.sys
http://www.carrona.org/dvrref.html#AODDriver2.sys

BSOD BUGCHECK SUMMARY
Code:

Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 21:50:54.657 2011 (UTC - 5:00)
System Uptime: 0 days 0:04:11.108
Probably caused by : Ntfs.sys ( Ntfs!NtfsAcquireScbForLazyWrite+21 )
PROCESS_NAME:  System
BUGCHECK_STR:  0x34
DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE
FAILURE_BUCKET_ID:  X64_0x34_Ntfs!NtfsAcquireScbForLazyWrite+21
Bugcheck code 00000034
Arguments 00000000`00050830 fffff880`031468e8 fffff880`03146150 fffff880`012e3f99
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:52:32.434 2011 (UTC - 5:00)
System Uptime: 0 days 0:04:56.870
Probably caused by : ataport.SYS ( ataport!IdeCompleteScsiIrp+62 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xA
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xA_ataport!IdeCompleteScsiIrp+62
Bugcheck code 0000000A
Arguments 00000000`00000008 00000000`00000002 00000000`00000000 fffff800`02e9ed19
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:39:13.131 2011 (UTC - 5:00)
System Uptime: 0 days 0:02:12.832
Probably caused by : ntkrnlmp.exe ( nt!KeStackAttachProcess+1ba )
BUGCHECK_STR:  0x1E_c0000096
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
FAILURE_BUCKET_ID:  X64_0x1E_c0000096_nt!KeStackAttachProcess+1ba
Bugcheck code 0000001E
Arguments ffffffff`c0000096 fffff800`02e570ea 00000000`00000000 00000000`00000000
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:35:51.287 2011 (UTC - 5:00)
System Uptime: 0 days 0:03:49.723
Probably caused by : win32k.sys ( win32k!TraceGreAcquireSemaphoreShared+b )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xA
PROCESS_NAME:  mscorsvw.exe
FAILURE_BUCKET_ID:  X64_0xA_win32k!TraceGreAcquireSemaphoreShared+b
Bugcheck code 0000000A
Arguments 00000000`00000000 00000000`00000002 00000000`00000000 fffff800`02ef72b3
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:25:22.391 2011 (UTC - 5:00)
System Uptime: 0 days 0:01:17.843
BugCheck FC, {fffff8800727ec20, 800000007cb37963, fffff8800727e5c0, 0}
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+40a25 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xFC
PROCESS_NAME:  WerFault.exe
FAILURE_BUCKET_ID:  X64_0xFC_nt!_??_::FNODOBFM::_string_+40a25
Bugcheck code 000000FC
Arguments fffff880`0727ec20 80000000`7cb37963 fffff880`0727e5c0 00000000`00000000
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:23:16.588 2011 (UTC - 5:00)
System Uptime: 0 days 0:00:42.039
Probably caused by : ataport.SYS ( ataport!IdeCompleteScsiIrp+62 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xA
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xA_ataport!IdeCompleteScsiIrp+62
Bugcheck code 0000000A
Arguments 00000000`00000008 00000000`00000002 00000000`00000000 fffff800`02e5dd19
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:18:44.052 2011 (UTC - 5:00)
System Uptime: 0 days 0:03:49.753
Probably caused by : ntkrnlmp.exe ( nt!KiCommitThreadWait+1d5 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xA
PROCESS_NAME:  mscorsvw.exe
FAILURE_BUCKET_ID:  X64_0xA_nt!KiCommitThreadWait+1d5
Bugcheck code 0000000A
Arguments 00000000`00000090 00000000`00000002 00000000`00000000 fffff800`02e81995
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:12:58.643 2011 (UTC - 5:00)
System Uptime: 0 days 0:02:37.017
Probably caused by : ataport.SYS ( ataport!IdeCompleteScsiIrp+62 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xA
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xA_ataport!IdeCompleteScsiIrp+62
Bugcheck code 0000000A
Arguments 00000000`00000008 00000000`00000002 00000000`00000000 fffff800`02eb3d19
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:08:46.782 2011 (UTC - 5:00)
System Uptime: 0 days 0:02:42.389
BugCheck D1, {fffff88006179748, 2, 0, fffff88000e01c50}
Probably caused by : ataport.SYS ( ataport!IdeLogCrbActive+bc )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xD1_ataport!IdeLogCrbActive+bc
Bugcheck code 000000D1
Arguments fffff880`06179748 00000000`00000002 00000000`00000000 fffff880`00e01c50
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Fri Feb 25 20:04:52.622 2011 (UTC - 5:00)
System Uptime: 0 days 21:07:48.548
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+72f8 )
BUGCHECK_STR:  0x19_22
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID:  X64_0x19_22_nt!_??_::FNODOBFM::_string_+72f8
Bugcheck code 00000019
Arguments 00000000`00000022 fffff8a0`05800000 00000000`00000001 00000000`00000000
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Thu Feb 24 22:41:36.114 2011 (UTC - 5:00)
System Uptime: 0 days 0:02:13.722
Probably caused by : ntkrnlmp.exe ( nt!RtlImageNtHeaderEx+3f )
BUGCHECK_STR:  0x1E_c0000005
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  Sf.bin
FAILURE_BUCKET_ID:  X64_0x1E_c0000005_nt!RtlImageNtHeaderEx+3f
Bugcheck code 0000001E
Arguments ffffffff`c0000005 fffff800`02e6d7e7 00000000`00000000 00000000`7efa0000
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Thu Feb 24 22:21:16.904 2011 (UTC - 5:00)
System Uptime: 0 days 0:03:13.605
BugCheck D1, {fffff88008f656f8, 2, 0, fffff88000e24c50}
Probably caused by : ataport.SYS ( ataport!IdeLogCrbActive+bc )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xD1_ataport!IdeLogCrbActive+bc
Bugcheck code 000000D1
Arguments fffff880`08f656f8 00000000`00000002 00000000`00000000 fffff880`00e24c50
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Debug session time: Thu Feb 24 22:17:19.116 2011 (UTC - 5:00)
System Uptime: 0 days 0:57:37.818
Probably caused by : ntkrnlmp.exe ( nt!ExFreePoolWithTag+43 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  System
BUGCHECK_STR:  0x7E
FAILURE_BUCKET_ID:  X64_0x7E_nt!ExFreePoolWithTag+43
Bugcheck code 1000007E
Arguments ffffffff`c0000005 fffff800`02ffb0f3 fffff880`02faf8d8 fffff880`02faf140
SystemManufacturer = MICRO-STAR INTERNATIONAL CO.,LTD
SystemProductName = MS-7596
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
  
  
My System SpecsSystem Spec
Reply

 BSOD after virus?




Thread Tools




Similar help and support threads
Thread Forum
Possible Memory Leak Virus - Anti-virus detects nothing?
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
Performance & Maintenance
how to fix / clean windows from ramnit virus and virut virus?
my windows infected ramnit virus and virut virus,how to clean them?
System Security
I have a virus and unable to run/download anti-virus software
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
System Security
Want ideas for Virus removal if virus shows up in safemode CMD
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
System Security
BSOD 00x50 vipre anti-virus conflicting with new anti-virus
I did a bonehead move of installing PC tools anti-virus before uninstalling vipre on my wife who's out of town. The kids infected it playing flash games. long story short, Her Gateway (win7 home premium) is on a a start-up loop. All I can get to work with a recovery disk is get into the DOS prompt...
BSOD Help and Support
BSOD bsod 0x8e ....suspected due to corrupt drivers or virus?
Hi Windows 7 kinship, My first post here....nothing to feel happy about....as the post is because of a dreaded thing called BSOD. Whats happening: My laptop with windows 7 ultimate edition with crashes with bsod 0x8e This happens only when im connected to the internet , laptop stays...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

й Designer Media Ltd

All times are GMT -5. The time now is 10:45.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App