Hi everybody, I have an issue here can't get a handle on the culprit. Its xp pro, Blue screen view says the error was attempted from a DPC routine.
STOP: 0x000000B8 which happens as the desktop loads every time. I have no trouble running in safe mode, I have booted to diagnostic mode and it doesn't blue screen but hangs on desktop with just wallpaper displaying. I've tried disabling startups one by one and tweaking the services, can't find it! any ideas, I'm doubting hardware, I did find a few infections, should I do a repair install?, I tried chkdsk /f already.

I am not sure if you have tested the memory or any other hardware. I actually googled and found many reasons and fixes (there are actually many for that code) but I don't know how much trouleshooting you done aside from what you mentioned

So, did you run a test on the memory, power supply, etc?
Did the BSOD start after a program was installed? If so what is the program and did you remove it?
Any software updates prior to the BSOD?
Any hardware additions prior to the BSOD?

Check out this link and see if it helps.

http://www.experts-exchange.com/Hardware/Misc/Q_21221498.html

I am not sure if you have tested the memory or any other hardware. I actually googled and found many reasons and fixes (there are actually many for that code) but I don't know how much trouleshooting you done aside from what you mentioned

So, did you run a test on the memory, power supply, etc?
Did the BSOD start after a program was installed? If so what is the program and did you remove it?
Any software updates prior to the BSOD?
Any hardware additions prior to the BSOD?

Check out this link and see if it helps.

http://www.experts-exchange.com/Hardware/Misc/Q_21221498.html

yes, I did alot of googling too, no help, the minidumps don't point to one specific driver either, too many, agh. Customer has a business they use vmware and gotomypc to send invoices all over and he auto backs up online too. He didn't say he had changed anything recently. I'm running memtest over night, but even with all the random minidumps looking like memory, it seems odd it crashes at the same spot on the desktop, like a program is causing it when it loads, I tried disabling AVG from the services too cuz it appeared like that might be one of the culprits. Its runs just fine off boot cd or in safe mode. He thought he had a virus cuz it started when he was on a bike web site he like to go to, maybe I should be looking for a rootkit???

Most likely a driver issue: http://www.aumha.org/a/stop.php#0xb8

Try this: http://www.technibble.com/troublehooting-a-blue-screen-of-death/

And perhaps post the details. I know you said you already checked the minidump but I suspect you missed something.

Its runs just fine off boot cd or in safe mode
It has to be driver related or else it wouldn't start in safe mode and from a live cd, but to clarify it works everytime you do that right?

My suggestion would be to do a full scan with MBAM and whatever other AV/Malware progs you like and go through the drivers (non MS first), also another thought is to check windows updates for the day that it happened, if he was on the web win updates could have dl's and installed without him knowing, i have had cases like that before and it's as simple as taking those updates out.

It has to be driver related or else it wouldn't start in safe mode and from a live cd, but to clarify it works everytime you do that right?

My suggestion would be to do a full scan with MBAM and whatever other AV/Malware progs you like and go through the drivers (non MS first), also another thought is to check windows updates for the day that it happened, if he was on the web win updates could have dl's and installed without him knowing, i have had cases like that before and it's as simple as taking those updates out.

Nothing showed in malwarebytes in safe mode, avg shows in the event viewer, but I cannot locate how to copy his registration number to uninstall/reinstall it in safe mode, anybody know how to find it?

If AVG is showing in the event viewer, try disabling AVG's driver using Autoruns (check out the second part of this article (http://www.technibble.com/troublehooting-a-blue-screen-of-death/) to see what I am talking about).
As Psychoticus said, it really sounds like a driver issue otherwise Safemode wouldn't boot. Additionally, even if it was a rootkit, most rootkits dump a driver into the system so be on the lookout for a driver that shouldnt be there.

If AVG is showing in the event viewer, try disabling AVG's driver using Autoruns (check out the second part of this article (http://www.technibble.com/troublehooting-a-blue-screen-of-death/) to see what I am talking about).
As Psychoticus said, it really sounds like a driver issue otherwise Safemode wouldn't boot. Additionally, even if it was a rootkit, most rootkits dump a driver into the system so be on the lookout for a driver that shouldnt be there.

yes I agree, I did use blue screen view (I've used that alot!) classpnp.sys Stop 0x000000b8 was the error in every instance, but it listed just so many drivers, the only unverified drivers I found was a avg8 and 07hu524H drivers, I disabled the avg8 (he has avg9 installed) that didn't make any difference, and the other (don't know what that is) was enabled in safe mode so I assume its ok. Now I've uninstalled AVG9, but now its hung on the wallpaper, no icons, but no BSOD,I'm on the edge of doing a repair install.

If AVG is showing in the event viewer, try disabling AVG's driver using Autoruns (check out the second part of this article (http://www.technibble.com/troublehooting-a-blue-screen-of-death/) to see what I am talking about).
As Psychoticus said, it really sounds like a driver issue otherwise Safemode wouldn't boot. Additionally, even if it was a rootkit, most rootkits dump a driver into the system so be on the lookout for a driver that shouldnt be there.

I did check out the links, I really like bluescreen view, however I'm not clear on how to use it, do you got through and disable eachdriver listed under the most recent crash and disable it? or just the first or second? I ended up doing a nuke & pave, I ran out of time, I have to get better at these BSOD fixes!

Nothing showed in malwarebytes in safe mode, avg shows in the event viewer, but I cannot locate how to copy his registration number to uninstall/reinstall it in safe mode, anybody know how to find it?

Just a lil' fyi; i read on the Malwarebytes forum ages ago that it is not as effective in safe mode as it is running it in normal mode. I had a google for the post; but couldn't find it. I trusted the info because it came from one of the developers.

Just a lil' fyi; i read on the Malwarebytes forum ages ago that it is not as effective in safe mode as it is running it in normal mode. I had a google for the post; but couldn't find it. I trusted the info because it came from one of the developers.

yes, I read that too, makes sense I guess, but I didn't have a choice. I performed a repair install and then I was locked out of safe mode too because I got the "you must activate windows in normal mode before you can login in " message, and of course it still froze up on his wallpaper in normal mode (at least no blue screen) so I threw in the towel, used a boot cd and copied his data then did a format. I need to get educated more on blue screen repair, I haven't had much sucess lately.

I booted to debugging mode and vga mode, disabled all startups, ran chkdsk /r, fixboot, and a repair install, got rid of the blue screen but it still hung on wallpaper with no icons. I don't think it was a virus because I was able to do everything in safe mode. Perhaps my virus removal took something with it.