Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What the hec?? Malware/Virus or something else?


  • Please log in to reply
27 replies to this topic

#1 zeroseven

zeroseven

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 21 January 2011 - 04:34 PM

Hi All,

Please help....I'm a novice!

Laptop is a Dell Inspiron 1564, running Windows 7 x64 bit.

It started two days ago, all of a sudden, half the icons on my desktop disappeared, including Malwarebytes. I ran Avast and after about 20min of a full scan it just hung and I then got a blue screen and the computer shut down.
Error Message was:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 5129

Extra Info:
BCCode: f4
BCP1: 0000000000000003
BCP2: FFFFFA80055BFB30
BCP3: FFFFFA80055BFE10
BCP4: FFFFF80002FD0240
OS Versio: 6_1_7600
Service Pack: 0_0
Product: 768_1
Bucket ID: X64_0xF4_C000041D_IMAGE-csrss.exe
Server info: 2148cf43-baca-444b-bbd4-fa52740e113e

After restarting I tried Malwarebytes and it didn't pick up anything. I then tried a scan with Avast again but this time in safe Mode and it hung again after some time of scanning. Next I installed Kaspersky 2011 to see if that picked up anything, same thing, crashed after some time, I tired it in Safe Mode and this time it ran through but did not pick up anything.

I tried a system restore but for some reason it said that system restore was not activated so no restore point available.

The laptop now takes a VERY long time to start up (around 5 minutes) and I get a black screen with the cursor being able to move, it eventually goes to the login screen. Also, today, all of a sudden the Aero theme I had on since day one has dissapeared and the desktop just have the plain windows theme (like Windows Classic) and you cant turn the Aero theme back on either.

Does this sound like a Virus/Malware problem or rather a Windows issues? Thanks in advance for your help and sorry if my post is a bit all over the place.

Edited by boopme, 21 January 2011 - 10:11 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:43 PM

Posted 21 January 2011 - 10:10 PM

I am leaning towards hard/software issues. Moving this to Win 7 for a look.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:43 PM

Posted 21 January 2011 - 10:42 PM

We need to know more about your BSODs...

Download BlueScreenView (in Zip file)

No installation required.

Unzip downloaded file and double click on BlueScreenView.exe file to run the program and When scanning is done, go to Edit > Select All.

Then go to File > Save Selected Items, and save the report as BSOD.txt.

Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Compliments of Broni

#4 zeroseven

zeroseven
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 22 January 2011 - 01:09 PM

Thank you boopme and cryptodan!

Here is the BSOD results:

==================================================
Dump File : 012311-106751-01.dmp
Crash Time : 23/01/2011 6:32:44 a.m.
Bug Check String : BAD_SYSTEM_CONFIG_INFO
Bug Check Code : 0x00000074
Parameter 1 : 00000000`00000002
Parameter 2 : fffff880`03b46b20
Parameter 3 : 00000000`00000005
Parameter 4 : ffffffff`c0000185
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+b7a3
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012311-106751-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 275,256
==================================================

==================================================
Dump File : 012111-110152-01.dmp
Crash Time : 21/01/2011 5:54:42 p.m.
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`056d8910
Parameter 3 : fffffa80`056d8bf0
Parameter 4 : fffff800`02fca5d0
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012111-110152-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 275,256
==================================================

==================================================
Dump File : 012111-18938-01.dmp
Crash Time : 21/01/2011 9:19:20 a.m.
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`0588cb30
Parameter 3 : fffffa80`0588ce10
Parameter 4 : fffff800`02fd8240
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+71f00
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012111-18938-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 275,312
==================================================

==================================================
Dump File : 012011-18470-01.dmp
Crash Time : 20/01/2011 10:51:43 p.m.
Bug Check String : KERNEL_DATA_INPAGE_ERROR
Bug Check Code : 0x0000007a
Parameter 1 : fffff6fc`40006c28
Parameter 2 : ffffffff`c0000185
Parameter 3 : 00000000`6ae0b860
Parameter 4 : fffff880`00d85340
Caused By Driver : CLFS.SYS
Caused By Address : CLFS.SYS+53340
File Description :
Product Name :
Company :
File Version :
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012011-18470-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 283,024
==================================================

==================================================
Dump File : 012011-18610-01.dmp
Crash Time : 20/01/2011 10:09:47 p.m.
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 00000000`00000003
Parameter 2 : fffffa80`055bfb30
Parameter 3 : fffffa80`055bfe10
Parameter 4 : fffff800`02fd0240
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+71f00
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012011-18610-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 275,312
==================================================

==================================================
Dump File : 082310-17238-01.dmp
Crash Time : 23/08/2010 10:50:28 p.m.
Bug Check String : KERNEL_DATA_INPAGE_ERROR
Bug Check Code : 0x0000007a
Parameter 1 : fffff6fc`50047040
Parameter 2 : ffffffff`c0000185
Parameter 3 : 00000000`1a93f880
Parameter 4 : fffff8a0`08e08e64
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+71f00
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\082310-17238-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 283,024
==================================================


Another weird thing happened. All of a sudden I cant find any trace of Kaspersky on the laptop, not in the program files, uninstall programs or by doing a search. The only thing that comes up is the installation file. However, when I tried a re-install it comes up with an error message saying the files already exists? I have re-installed Avast for now...

Thanks so much for our help!

#5 Allan

Allan

  • BC Advisor
  • 8,674 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:01:43 PM

Posted 22 January 2011 - 01:21 PM

While it certainly could be malware, let's rule out bad ram first. Please download and run memtest: http://www.memtest.org/

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:43 PM

Posted 22 January 2011 - 01:26 PM

FWIW, Memtest86+ Guide-How To's - Overclockers Forums - http://www.overclockers.com/forums/showthread.php?t=409152 .

Louis

#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:43 PM

Posted 22 January 2011 - 03:10 PM

Its either memory issues, CPU is dying or needs to be cooled better, or there is a failing hard drive.

Let us know what you find after the memory tests.

#8 Allan

Allan

  • BC Advisor
  • 8,674 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:01:43 PM

Posted 22 January 2011 - 03:17 PM

Its either memory issues, CPU is dying or needs to be cooled better, or there is a failing hard drive.

Let us know what you find after the memory tests.


Or any of a number of other issues.

#9 zeroseven

zeroseven
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 22 January 2011 - 03:30 PM

Thanks all, I'm busy runnig the memory test now and will let you know the results as soon as it's done...

#10 zeroseven

zeroseven
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 22 January 2011 - 11:51 PM

Ok, after 8.5 hours of running the memory test I have 5 passes and 0 errors. Should I continue to run it, or could one safely assume that the memory is all right?

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:43 PM

Posted 23 January 2011 - 12:16 AM

Memory is all fine, so now that memory is checked out to be fine its either a CPU issue or a hard drive issue. When was the last time you cleaned out your computer and removed the dust?

#12 zeroseven

zeroseven
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 23 January 2011 - 12:21 AM

Hi Cryptodan,

It's a laptop and around 9 months old, so have never attempted to clean it. Should one?

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:43 PM

Posted 23 January 2011 - 12:24 AM

I would go and get a can of canned air and clean all the dust out of it from the vents.

#14 zeroseven

zeroseven
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:43 AM

Posted 23 January 2011 - 12:36 AM

I will do that. That won't solve the current issue though, surely?

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:43 PM

Posted 23 January 2011 - 12:44 AM

Its part of troubleshooting dust build up in the vents can cause over heating which can cause the aforementioned issues.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users