BleepingComputer.com: Malware or sudden bad Driver?

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Malware or sudden bad Driver? blue-screening computer

#1 User is offline   ProblematicHP 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 30-December 10

Posted 30 December 2010 - 06:20 PM

I am running Windows 7 x64 on a HP G60 Laptop.
Yesterday night (or early this morning) I opened an '.exe' that I really shouldn't have. My computer immediately got BSOD (Blue screen of death) and rebooted. There was no damage done to the computer, however, whenever i would turn on my Wireless (via HP SmartButton next to the Power Button) it would get BSOD and restart. I have uninstalled and reinstalled chrome, uninstalled and updated my wireless card driver, run just about every malware/virus scan you can imagine. But to no avail.

The BSOD never stays up long enough for me to really read it. My most recent Malwarebytes' scan had something about

HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace)

which it removed and quarantined. Upon requested restart, the machine went into BSOD after log-in. I had about 10 minidump files from today, but ran a system restore to a week ago and now only have 3 or 4.

If a Hijack or Malwarebytes report, or the dump files or blue screen logs would be of help I would be glad to provide them.

I am running Windows 7 x64 on a HP G60 Laptop.

This post has been edited by Orange Blossom: 30 December 2010 - 07:14 PM
Reason for edit: Move to AII for initial assistance. ~ OB

#2 User is offline   ProblematicHP 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 30-December 10

Posted 31 December 2010 - 12:53 AM

Hi all,

New member here.

I opened an infected executable yesterday, which immideately gave me BSOD. After it rebooted, it seemed to only be when I turned the wireless card on. It has since spread to other things such as opening programs, browsers, etc.

Here are the 5 dump files. I had about 10 earlier but ran a system restore (from a week ago) and these are the only 4 dumps I have since then.

==================================================
Dump File : 123110-25272-01.dmp
Crash Time : 12/31/2010 1:13:46 AM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffff880`08d25748
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff880`01348074
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+13074
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123110-25272-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,952
==================================================

==================================================
Dump File : 123110-27924-01.dmp
Crash Time : 12/31/2010 12:35:10 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000090
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`022d6995
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123110-27924-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 270,696
==================================================

==================================================
Dump File : 123010-27019-01.dmp
Crash Time : 12/30/2010 6:02:27 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`02eaf2b3
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123010-27019-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,888
==================================================

==================================================
Dump File : 123010-25209-01.dmp
Crash Time : 12/30/2010 5:39:46 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff800`02ecfcd8
Parameter 3 : 00000000`00000000
Parameter 4 : ffffffff`ffffffff
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123010-25209-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,952
==================================================

==================================================
Dump File : 123010-37128-01.dmp
Crash Time : 12/30/2010 5:16:48 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000090
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`02eda995
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123010-37128-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,944
==================================================

==================================================
Dump File : 011610-26988-01.dmp
Crash Time : 1/16/2010 2:30:12 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`fffffb01
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`04445187
Caused By Driver : IDSvia64.sys
Caused By Address : IDSvia64.sys+45187
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\011610-26988-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,904
==================================================


Any help would be great. I'm a student and have to go back to the dorms in a few days, where I won't have time to figure this all out. I've scanned with Malware, Spybot Search and Destroy, Kasperky, and Avast. Some found things but I've still gotten BSOD.

Thanks

This post has been edited by Orange Blossom: 31 December 2010 - 12:47 PM
Reason for edit: Merged topics. ~ OB

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users