Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Freezing then blue screening


  • Please log in to reply
2 replies to this topic

#1 zenabi

zenabi

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 September 2011 - 03:43 AM

Hey my freinds computer keeps freezing then blue screening.. Heres a report from bsod viewer if that helps diagnose the problem? I dont really know whats wrong but he did have adware that i removed with mbam (it was adware.hotbar).

Heres the bsod reports
==================================================
Dump File : Mini091111-06.dmp
Crash Time : 11/09/2011 3:39:53 PM
Bug Check String : ATTEMPTED_WRITE_TO_READONLY_MEMORY
Bug Check Code : 0x000000be
Parameter 1 : 0x91ac3000
Parameter 2 : 0x8f130121
Parameter 3 : 0x99de29b0
Parameter 4 : 0x0000000b
Caused By Driver : msiscsi.sys
Caused By Address : msiscsi.sys+23121
File Description : Microsoft iSCSI Initiator Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+a5125
Stack Address 1 : ntkrnlpa.exe+5ab84
Stack Address 2 : ntkrnlpa.exe+b5713
Stack Address 3 : ntkrnlpa.exe+177abb
Computer Name :
Full Path : C:\Windows\Minidump\Mini091111-06.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 155,696
==================================================

==================================================
Dump File : Mini091111-05.dmp
Crash Time : 11/09/2011 3:37:58 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 0x00000204
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x82034414
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2e414
File Description : TCP/IP Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18493 (vistasp1_gdr.100616-0352)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5ad54
Stack Address 1 : tcpip.sys+2e414
Stack Address 2 : tcpip.sys+500c8
Stack Address 3 : tcpip.sys+51aed
Computer Name :
Full Path : C:\Windows\Minidump\Mini091111-05.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 154,224
==================================================

==================================================
Dump File : Mini091111-04.dmp
Crash Time : 11/09/2011 3:31:29 PM
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041287
Parameter 2 : 0x00040107
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+8e28e
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+a5125
Stack Address 1 : ntkrnlpa.exe+5ab84
Stack Address 2 : ntkrnlpa.exe+442a7
Stack Address 3 : ntkrnlpa.exe+7c2da
Computer Name :
Full Path : C:\Windows\Minidump\Mini091111-04.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 146,128
==================================================

==================================================
Dump File : Mini091111-02.dmp
Crash Time : 11/09/2011 2:44:18 PM
Bug Check String : UNEXPECTED_KERNEL_MODE_TRAP
Bug Check Code : 0x0000007f
Parameter 1 : 0x0000000d
Parameter 2 : 0x00000000
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : hal.dll
Caused By Address : hal.dll+76dc
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5b4c7
Stack Address 1 : ntkrnlpa.exe+b4b3f
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini091111-02.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 155,664
==================================================

==================================================
Dump File : Mini091111-01.dmp
Crash Time : 11/09/2011 2:26:40 PM
Bug Check String : UNEXPECTED_KERNEL_MODE_TRAP
Bug Check Code : 0x1000007f
Parameter 1 : 0x00000008
Parameter 2 : 0x8ad16130
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+5aaa8
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18538 (vistasp1_gdr.101014-0432)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5aaa8
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini091111-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 155,656
==================================================

==================================================
Dump File : Mini091011-02.dmp
Crash Time : 10/09/2011 1:46:27 PM
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 0x001904aa
Parameter 2 : 0x8b370a9c
Parameter 3 : 0x8b370798
Parameter 4 : 0x8a2984f6
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+168a1
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+cd1cb
Stack Address 1 : Ntfs.sys+1a316
Stack Address 2 : Ntfs.sys+152c6
Stack Address 3 : ntkrnlpa.exe+b92e8
Computer Name :
Full Path : C:\Windows\Minidump\Mini091011-02.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 146,128
==================================================

==================================================
Dump File : Mini090911-04.dmp
Crash Time : 9/09/2011 9:50:29 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x81e7ea02
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+5ad54
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18538 (vistasp1_gdr.101014-0432)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5ad54
Stack Address 1 : ntkrnlpa.exe+3ea02
Stack Address 2 : ntkrnlpa.exe+225d1f
Stack Address 3 : Ntfs.sys+a308a
Computer Name :
Full Path : C:\Windows\Minidump\Mini090911-04.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 155,704
==================================================

==================================================
Dump File : Mini090911-03.dmp
Crash Time : 9/09/2011 9:04:16 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0xa337c497
Parameter 2 : 0x00000000
Parameter 3 : 0x00000000
Parameter 4 : 0x81eaf002
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+5ad54
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18538 (vistasp1_gdr.101014-0432)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5ad54
Stack Address 1 : ntkrnlpa.exe+90002
Stack Address 2 : ntkrnlpa.exe+8f97f
Stack Address 3 : ntkrnlpa.exe+8f3b4
Computer Name :
Full Path : C:\Windows\Minidump\Mini090911-03.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 149,080
==================================================

==================================================
Dump File : Mini090911-02.dmp
Crash Time : 9/09/2011 9:01:15 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 0x00000008
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x89fb1012
Caused By Driver : NETIO.SYS
Caused By Address : NETIO.SYS+3012
File Description : Network I/O Subsystem
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5ad54
Stack Address 1 : NETIO.SYS+3012
Stack Address 2 : tcpip.sys+6a44b
Stack Address 3 : tcpip.sys+6ab44
Computer Name :
Full Path : C:\Windows\Minidump\Mini090911-02.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 155,696
==================================================

==================================================
Dump File : Mini090911-01.dmp
Crash Time : 9/09/2011 8:54:43 PM
Bug Check String : REFERENCE_BY_POINTER
Bug Check Code : 0x00000018
Parameter 1 : 0x00000000
Parameter 2 : 0x849d6900
Parameter 3 : 0x00000002
Parameter 4 : 0xffffffff
Caused By Driver : afd.sys
Caused By Address : afd.sys+32081
File Description : Ancillary Function Driver for WinSock
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+51862
Stack Address 1 : afd.sys+32081
Stack Address 2 : afd.sys+20d8e
Stack Address 3 : afd.sys+1e040
Computer Name :
Full Path : C:\Windows\Minidump\Mini090911-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 154,192
==================================================

==================================================
Dump File : Mini090811-01.dmp
Crash Time : 8/09/2011 7:59:35 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 0x0000000c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x807aa601
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+7601
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+5ad54
Stack Address 1 : ataport.SYS+7601
Stack Address 2 : ntkrnlpa.exe+b6cc0
Stack Address 3 : ntkrnlpa.exe+b68f6
Computer Name :
Full Path : C:\Windows\Minidump\Mini090811-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 155,608
==================================================

==================================================
Dump File : Mini051111-01.dmp
Crash Time : 11/05/2011 1:44:12 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x00000000
Parameter 3 : 0xa9f616c4
Parameter 4 : 0x00000000
Caused By Driver : hal.dll
Caused By Address : hal.dll+72f7
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address :
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini051111-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 6001
Dump File Size : 139,296
==================================================

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:48 PM

Posted 11 September 2011 - 12:28 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 zenabi

zenabi
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 15 September 2011 - 07:00 AM

Results of screen317's Security Check version 0.99.7
Windows Vista Service Pack 1 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 25
Out of date Java installed!
Adobe Flash Player 10.3.183.5
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSASCui.exe
Windows Defender MSASCui.exe
``````````End of Log````````````
Still doing other ones




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users