Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware or sudden bad Driver?


  • Please log in to reply
1 reply to this topic

#1 ProblematicHP

ProblematicHP

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:25 PM

Posted 30 December 2010 - 06:20 PM

I am running Windows 7 x64 on a HP G60 Laptop.
Yesterday night (or early this morning) I opened an '.exe' that I really shouldn't have. My computer immediately got BSOD (Blue screen of death) and rebooted. There was no damage done to the computer, however, whenever i would turn on my Wireless (via HP SmartButton next to the Power Button) it would get BSOD and restart. I have uninstalled and reinstalled chrome, uninstalled and updated my wireless card driver, run just about every malware/virus scan you can imagine. But to no avail.

The BSOD never stays up long enough for me to really read it. My most recent Malwarebytes' scan had something about

HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace)

which it removed and quarantined. Upon requested restart, the machine went into BSOD after log-in. I had about 10 minidump files from today, but ran a system restore to a week ago and now only have 3 or 4.

If a Hijack or Malwarebytes report, or the dump files or blue screen logs would be of help I would be glad to provide them.

I am running Windows 7 x64 on a HP G60 Laptop.

Edited by Orange Blossom, 30 December 2010 - 07:14 PM.
Move to AII for initial assistance. ~ OB


BC AdBot (Login to Remove)

 


#2 ProblematicHP

ProblematicHP
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:25 PM

Posted 31 December 2010 - 12:53 AM

Hi all,

New member here.

I opened an infected executable yesterday, which immideately gave me BSOD. After it rebooted, it seemed to only be when I turned the wireless card on. It has since spread to other things such as opening programs, browsers, etc.

Here are the 5 dump files. I had about 10 earlier but ran a system restore (from a week ago) and these are the only 4 dumps I have since then.

==================================================
Dump File : 123110-25272-01.dmp
Crash Time : 12/31/2010 1:13:46 AM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffff880`08d25748
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff880`01348074
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+13074
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123110-25272-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,952
==================================================

==================================================
Dump File : 123110-27924-01.dmp
Crash Time : 12/31/2010 12:35:10 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000090
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`022d6995
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123110-27924-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 270,696
==================================================

==================================================
Dump File : 123010-27019-01.dmp
Crash Time : 12/30/2010 6:02:27 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`02eaf2b3
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123010-27019-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,888
==================================================

==================================================
Dump File : 123010-25209-01.dmp
Crash Time : 12/30/2010 5:39:46 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff800`02ecfcd8
Parameter 3 : 00000000`00000000
Parameter 4 : ffffffff`ffffffff
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123010-25209-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,952
==================================================

==================================================
Dump File : 123010-37128-01.dmp
Crash Time : 12/30/2010 5:16:48 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000000`00000090
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`02eda995
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\123010-37128-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,944
==================================================

==================================================
Dump File : 011610-26988-01.dmp
Crash Time : 1/16/2010 2:30:12 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`fffffb01
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`04445187
Caused By Driver : IDSvia64.sys
Caused By Address : IDSvia64.sys+45187
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\011610-26988-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 276,904
==================================================


Any help would be great. I'm a student and have to go back to the dorms in a few days, where I won't have time to figure this all out. I've scanned with Malware, Spybot Search and Destroy, Kasperky, and Avast. Some found things but I've still gotten BSOD.

Thanks

Edited by Orange Blossom, 31 December 2010 - 12:47 PM.
Merged topics. ~ OB





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users