BSoD after clearing out Virus

Team:

Here is the dignostics from the minidump after a BSoD. Can anyone interpret?

Opened log file 'c:\debug.txt'

Microsoft (R) Windows Debugger Version 6.5.0003.7
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [a:\mini093005-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: srv*c:\windows\symbols*http://msdl.microsoft.com/whdc/devto...lt.mspx?gssnb=1
Executable search path is:
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Kernel base = 0x804d4000 PsLoadedModuleList = 0x8054a130
Debug session time: Fri Sep 30 22:09:22.778 2005 (GMT-4)
System Uptime: 0 days 0:13:35.250
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
.......................................................................................................
Loading unloaded module list
..........
Loading User Symbols
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {ff98e000, 2, 0, 8052ac34}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.


Followup: MachineOwner
---------

1: kd> !analyze -v;r;kv;lmtn; .logclose;q
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ff98e000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 8052ac34, address which referenced memory

Debugging Details:
------------------

***** Kernel symbols are WRONG. Please fix symbols to do analysis.


MODULE_NAME: nt

FAULTING_MODULE: 804d4000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 3d6dd59c

READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
ff98e000

CURRENT_IRQL: 2

FAULTING_IP:
nt+56c34
8052ac34 f2ae repne scasb

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

LAST_CONTROL_TRANSFER: from 805331a1 to 804f52af

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
f968b904 805331a1 0000000a ff98e000 00000002 nt+0x212af
f968b920 00e988b8 f968b93c 804fcc16 80e988ec nt+0x5f1a1
f968b924 f968b93c 804fcc16 80e988ec 00000000 0xe988b8
f968b928 804fcc16 80e988ec 00000000 00000100 0xf968b93c
f968b93c 804f9cd1 00000002 00000000 ff3ea838 nt+0x28c16
f968b960 00000000 ff3ea838 ffffffff 00000030 nt+0x25cd1


STACK_COMMAND: .bugcheck ; kb

FOLLOWUP_NAME: MachineOwner

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------

eax=f94f813c ebx=0000000a ecx=00000000 edx=40000000 esi=8052ac34 edi=ff98e000
eip=804f52af esp=f968b8ec ebp=f968b904 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
nt+0x212af:
804f52af 5d pop ebp
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
f968b904 805331a1 0000000a ff98e000 00000002 nt+0x212af
f968b920 00e988b8 f968b93c 804fcc16 80e988ec nt+0x5f1a1
f968b924 f968b93c 804fcc16 80e988ec 00000000 0xe988b8
f968b928 804fcc16 80e988ec 00000000 00000100 0xf968b93c
f968b93c 804f9cd1 00000002 00000000 ff3ea838 nt+0x28c16
f968b960 00000000 ff3ea838 ffffffff 00000030 nt+0x25cd1
start end module name
804d4000 806b9000 nt ntoskrnl.exe Thu Aug 29 04:04:44 2002 (3D6DD59C)
806b9000 806d8b80 hal hal.dll Thu Aug 29 04:05:02 2002 (3D6DD5AE)
bf800000 bf9bac80 win32k win32k.sys Thu Aug 29 05:14:13 2002 (3D6DE5E5)
bf9bb000 bfcb4920 nv4_disp nv4_disp.dll Thu Apr 24 20:35:22 2003 (3EA882CA)
bff80000 bff90d80 dxg dxg.sys Thu Aug 29 06:40:42 2002 (3D6DFA2A)
ee5d4000 ee624a80 srv srv.sys Fri Aug 17 21:32:06 2001 (3B7DC596)
ee995000 ee9bf280 mrxdav mrxdav.sys Fri Aug 17 16:50:20 2001 (3B7D838C)
ef080000 ef092e80 wdmaud wdmaud.sys Thu Aug 29 05:00:46 2002 (3D6DE2BE)
ef185000 ef192e00 sysaudio sysaudio.sys Thu Aug 29 05:01:17 2002 (3D6DE2DD)
ef3ad000 ef3cd380 afd afd.sys Thu Aug 29 05:01:13 2002 (3D6DE2D9)
ef432000 ef435080 ndisuio ndisuio.sys Thu Mar 06 13:30:57 2003 (3E6793E1)
ef7d7000 ef7ec380 dump_atapi dump_atapi.sys Thu Aug 29 04:27:48 2002 (3D6DDB04)
ef7ed000 ef850800 mrxsmb mrxsmb.sys Thu Aug 29 04:59:51 2002 (3D6DE287)
ef879000 ef8a0e00 rdbss rdbss.sys Thu Aug 29 04:58:48 2002 (3D6DE248)
ef8a1000 ef8c7580 netbt netbt.sys Thu Aug 29 05:01:56 2002 (3D6DE304)
ef8c8000 ef919480 tcpip tcpip.sys Thu Aug 29 04:58:10 2002 (3D6DE222)
f8cf3000 f8d14780 update update.sys Fri Aug 17 23:53:56 2001 (3B7DE6D4)
f8d29000 f8d2b900 Dxapi Dxapi.sys Fri Aug 17 16:53:19 2001 (3B7D843F)
f8d2d000 f8d31000 watchdog watchdog.sys Thu Aug 29 04:32:20 2002 (3D6DDC14)
f8d3d000 f8d4d200 psched psched.sys Thu Aug 29 04:35:54 2002 (3D6DDCEA)
f8d4e000 f8d63600 ndiswan ndiswan.sys Thu Aug 29 04:58:38 2002 (3D6DE23E)
f8d64000 f8d84c80 portcls portcls.sys Thu Aug 29 05:00:58 2002 (3D6DE2CA)
f8d85000 f8e0a100 smwdm smwdm.sys Fri Feb 28 09:17:15 2003 (3E5F6F6B)
f8e0b000 f8e1d900 parport parport.sys Thu Aug 29 04:27:29 2002 (3D6DDAF1)
f8e1e000 f8e41800 e100b325 e100b325.sys Tue Mar 04 14:56:25 2003 (3E6504E9)
f8e42000 f8e62280 ks ks.sys Thu Aug 29 05:13:40 2002 (3D6DE5C4)
f8e63000 f8f37bc0 BCMDM BCMDM.sys Tue Jul 17 17:21:29 2001 (3B54AC59)
f8f38000 f8f59180 USBPORT USBPORT.SYS Thu Aug 29 04:32:49 2002 (3D6DDC31)
f8f5a000 f8f6b500 VIDEOPRT VIDEOPRT.SYS Thu Aug 29 04:32:03 2002 (3D6DDC03)
f8f6c000 f9093620 nv4_mini nv4_mini.sys Thu Apr 24 20:31:49 2003 (3EA881F5)
f90ac000 f90aff80 TDI TDI.SYS Fri Aug 17 16:57:25 2001 (3B7D8535)
f90b0000 f90b2580 ndistapi ndistapi.sys Fri Aug 17 16:55:29 2001 (3B7D84C1)
f90ed000 f9106680 Mup Mup.sys Thu Aug 29 05:12:53 2002 (3D6DE595)
f9107000 f912ea80 NDIS NDIS.sys Thu Mar 06 13:30:56 2003 (3E6793E0)
f912f000 f91b8300 Ntfs Ntfs.sys Thu Aug 29 05:13:37 2002 (3D6DE5C1)
f91b9000 f91cc780 KSecDD KSecDD.sys Fri Aug 17 16:50:01 2001 (3B7D8379)
f91cd000 f91dde80 sr sr.sys Thu Aug 29 04:17:56 2002 (3D6DD8B4)
f91de000 f91f3380 atapi atapi.sys Thu Aug 29 04:27:48 2002 (3D6DDB04)
f91f4000 f9212880 ftdisk ftdisk.sys Fri Aug 17 16:52:41 2001 (3B7D8419)
f9213000 f923ec80 ACPI ACPI.sys Thu Aug 29 04:09:03 2002 (3D6DD69F)
f9260000 f926f600 pci pci.sys Thu Aug 29 04:09:10 2002 (3D6DD6A6)
f9270000 f9278c00 isapnp isapnp.sys Fri Aug 17 16:58:01 2001 (3B7D8559)
f9280000 f9289280 MountMgr MountMgr.sys Fri Aug 17 16:47:36 2001 (3B7D82E8)
f9290000 f929c000 VolSnap VolSnap.sys Fri Aug 17 16:53:19 2001 (3B7D843F)
f92a0000 f92a8400 disk disk.sys Thu Aug 29 04:27:56 2002 (3D6DDB0C)
f92b0000 f92bb500 CLASSPNP CLASSPNP.SYS Thu Aug 29 05:08:42 2002 (3D6DE49A)
f92e0000 f92ee900 Cdfs Cdfs.SYS Thu Aug 29 04:58:50 2002 (3D6DE24A)
f9330000 f933c780 i8042prt i8042prt.sys Thu Aug 29 05:06:37 2002 (3D6DE41D)
f9340000 f934f400 serial serial.sys Thu Aug 29 05:08:27 2002 (3D6DE48B)
f9350000 f935b980 cdrom cdrom.sys Thu Aug 29 04:27:55 2002 (3D6DDB0B)
f9360000 f936dd00 redbook redbook.sys Thu Aug 29 04:27:45 2002 (3D6DDB01)
f9370000 f9379b80 imapi imapi.sys Thu Aug 29 04:28:05 2002 (3D6DDB15)
f9380000 f938e200 drmk drmk.sys Thu Aug 29 04:32:30 2002 (3D6DDC1E)
f9390000 f939bd00 rasl2tp rasl2tp.sys Thu Aug 29 05:06:36 2002 (3D6DE41C)
f93a0000 f93a9800 raspppoe raspppoe.sys Fri Aug 17 16:55:33 2001 (3B7D84C5)
f93b0000 f93bb500 raspptp raspptp.sys Thu Aug 29 05:12:46 2002 (3D6DE58E)
f93c0000 f93c8400 msgpc msgpc.sys Fri Aug 17 16:54:19 2001 (3B7D847B)
f93d0000 f93d9400 termdd termdd.sys Thu Aug 29 04:40:32 2002 (3D6DDE00)
f93f0000 f93f9480 NDProxy NDProxy.SYS Fri Aug 17 16:55:30 2001 (3B7D84C2)
f9410000 f941cb00 usbhub usbhub.sys Thu Aug 29 04:32:49 2002 (3D6DDC31)
f9460000 f946e280 ipsec ipsec.sys Thu Aug 29 05:07:19 2002 (3D6DE447)
f9470000 f9478200 wanarp wanarp.sys Fri Aug 17 16:55:23 2001 (3B7D84BB)
f9480000 f9488180 netbios netbios.sys Thu Aug 29 04:35:45 2002 (3D6DDCE1)
f94a0000 f94a8880 Fips Fips.SYS Fri Aug 17 21:31:49 2001 (3B7DC585)
f94e0000 f94e5c80 PCIIDEX PCIIDEX.SYS Thu Aug 29 04:27:47 2002 (3D6DDB03)
f94e8000 f94ec900 PartMgr PartMgr.sys Fri Aug 17 21:32:23 2001 (3B7DC5A7)
f94f0000 f94f6380 agp440 agp440.sys Fri Aug 17 16:57:59 2001 (3B7D8557)
f9580000 f9587780 processr processr.sys Thu Aug 29 04:05:03 2002 (3D6DD5AF)
f9588000 f958cb80 usbuhci usbuhci.sys Thu Aug 29 04:32:48 2002 (3D6DDC30)
f9590000 f9594b80 usbehci usbehci.sys Thu Aug 29 04:32:47 2002 (3D6DDC2F)
f9598000 f959f080 Modem Modem.SYS Fri Aug 17 16:57:35 2001 (3B7D853F)
f95a0000 f95a1000 fdc fdc.sys unavailable (00000000)
f95a8000 f95adb80 kbdclass kbdclass.sys Thu Aug 29 04:26:59 2002 (3D6DDAD3)
f95b0000 f95b5600 mouclass mouclass.sys Thu Aug 29 04:27:00 2002 (3D6DDAD4)
f95b8000 f95bc580 ptilink ptilink.sys Fri Aug 17 16:49:53 2001 (3B7D8371)
f95c0000 f95c4080 raspti raspti.sys Fri Aug 17 16:55:32 2001 (3B7D84C4)
f95e0000 f95e4d00 flpydisk flpydisk.sys Thu Aug 29 04:27:43 2002 (3D6DDAFF)
f95f0000 f95f4d00 vga vga.sys Thu Aug 29 04:32:03 2002 (3D6DDC03)
f95f8000 f95fc680 Msfs Msfs.SYS Fri Aug 17 16:50:02 2001 (3B7D837A)
f9600000 f9607380 Npfs Npfs.SYS Fri Aug 17 16:50:03 2001 (3B7D837B)
f9670000 f9673000 BOOTVID BOOTVID.dll Fri Aug 17 16:49:09 2001 (3B7D8345)
f9708000 f970bf00 MODEMCSA MODEMCSA.sys Fri Aug 17 16:57:37 2001 (3B7D8541)
f9718000 f971a280 rasacd rasacd.sys Fri Aug 17 16:55:39 2001 (3B7D84CB)
f9734000 f9737240 OMCI OMCI.SYS Wed Aug 22 12:42:57 2001 (3B83E111)
f9758000 f975ba80 serenum serenum.sys Fri Aug 17 16:50:13 2001 (3B7D8385)
f975c000 f975e680 pfc pfc.sys Fri Sep 27 18:53:07 2002 (3D94E153)
f9760000 f9761b80 kdcom kdcom.dll Fri Aug 17 16:49:10 2001 (3B7D8346)
f9762000 f9763100 WMILIB WMILIB.SYS Fri Aug 17 17:07:23 2001 (3B7D878B)
f976a000 f976b5e0 kxahyyw kxahyyw Mon Apr 18 10:31:48 2005 (4263C4D4)
f976e000 f976f000 ParVdm ParVdm.SYS unavailable (00000000)
f97a6000 f97a7120 aeaudio aeaudio.sys Mon Apr 01 09:39:14 2002 (3CA87112)
f97ae000 f97af280 USBD USBD.SYS Fri Aug 17 17:02:58 2001 (3B7D8682)
f97b0000 f97b1000 Fs_Rec Fs_Rec.SYS unavailable (00000000)
f97b2000 f97b3080 Beep Beep.SYS Fri Aug 17 16:47:33 2001 (3B7D82E5)
f97b4000 f97b5080 mnmdd mnmdd.SYS Fri Aug 17 16:57:28 2001 (3B7D8538)
f97b6000 f97b7080 RDPCDD RDPCDD.sys Fri Aug 17 16:46:56 2001 (3B7D82C0)
f97ba000 f97bb100 dump_WMILIB dump_WMILIB.SYS Fri Aug 17 17:07:23 2001 (3B7D878B)
f97ce000 f97cf660 hyiulrr hyiulrr.sys Wed Sep 21 09:44:05 2005 (433163A5)
f9828000 f9828d00 pciide pciide.sys Fri Aug 17 16:51:49 2001 (3B7D83E5)
f989a000 f989b000 Null Null.SYS unavailable (00000000)
f9906000 f9906a00 mc210 mc210.tmp Sun Apr 25 06:31:33 2004 (408B9385)
f996b000 f996bd00 dxgthk dxgthk.sys Fri Aug 17 16:53:12 2001 (3B7D8438)
f998b000 f998bc00 audstub audstub.sys Fri Aug 17 16:59:40 2001 (3B7D85BC)
f998e000 f998ef00 swenum swenum.sys Fri Aug 17 16:48:47 2001 (3B7D832F)

Unloaded modules:
baab1000 baad8000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ed73e000 ed765000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ef093000 ef0ba000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f9872000 f9873000 drmkaud.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ef0ba000 ef0dd000 aec.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ef165000 ef172000 DMusic.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ef175000 ef183000 swmidi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f9826000 f9828000 splitter.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f95e8000 f95ed000 Cdaudio.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
f9714000 f9717000 Sfloppy.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
Closing open log file c:\debug.txt

 

Welcome to Windows BBS, dspatz.

I can't help you with your BSoD minidump analysis but I can offer the following assistance.

Although your BSoD problem may seem to be directly related to the thread topic and problem description posted by davyh1, your problem probably is not directly related. The error that caused your BSoD is probably different than the error that produced davyh1's BSoD. There are many different reasons a BSoD can be produced.

The helpers, forum readers, and the people with the problems tend to get confused when the same thread contains information about unrelated problems.

The people with the problems (and forum readers) find it sometimes becomes difficult to determine whether a helper's suggested trial solution applies to one person or the other.

The helpers have a harder time helping because they have to expend extra effort in sorting out which problems have been addressed and which problems have not been addressed. The confusion increases significantly if the thread contains a lot of replies including multiple logs generated by different errors encountered by different people.

Suggestion: Please start a new thread with your specific BSoD problem description and minidump log. I would do this for you if I could but I don't have the necessary forum access privileges to do so. Perhaps one of the moderators will move your post to a new thread before you read this post.

I hope this helps.

 

I doubt if anyone can do you much good until the item in red is taken care of.