Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Vista Blue Screen of Death


  • Please log in to reply
7 replies to this topic

#1 Zombie Superman

Zombie Superman

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 20 January 2012 - 09:06 PM

We've had a lot of spyware, malware, and a few viruses over the last few weeks. Earlier this week, we got the dreaded BSOD. I'm able to access my computer in Safe Mode, but I can't access the Internet on the computer.

Here are the codes I've been getting from the BSOD:

0x0000000A, 0x00000000, 0x00000002, 0x00000001, 0x82E4883C.

Thanks in advance for the assist.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:35 AM

Posted 20 January 2012 - 09:39 PM

From safe mode...let's try this.

Download/install BlueScreenView, http://www.nirsoft.net/utils/blue_screen_view.html .

Double-click BlueScreenView.exe file.

When autoscan is done (screen comes up), click Edit/Select All...then File/Save Selected Items.

Save the report as BSOD.txt.

Open BSOD.txt, copy all content and paste it into your next reply.

System manufacturer and model?

What error message do you get...when trying to access the Internet?

Louis

#3 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 January 2012 - 10:30 AM

Thank you, hamluis! My toolbar Internet connection icon isn't showing that there's a connection, and when I try to open Firefox or IE, I get "unable to connect to the Internet."

Manufacturer/model: Dell Inspiron 531S, unsure of the year, somewhere around 2007 or 2008.

Here's the BSOD report:

Mini012012-29.dmp 1/20/2012 11:46:21 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e6583c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-29.dmp 1 15 6002 147,784
Mini012012-28.dmp 1/20/2012 9:44:24 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7a83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-28.dmp 1 15 6002 147,784
Mini012012-27.dmp 1/20/2012 9:41:48 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3a83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-27.dmp 1 15 6002 147,784
Mini012012-26.dmp 1/20/2012 9:39:07 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-26.dmp 1 15 6002 147,784
Mini012012-25.dmp 1/20/2012 9:36:30 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e6483c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-25.dmp 1 15 6002 147,784
Mini012012-24.dmp 1/20/2012 9:33:52 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e6883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-24.dmp 1 15 6002 147,784
Mini012012-23.dmp 1/20/2012 9:31:12 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-23.dmp 1 15 6002 147,784
Mini012012-22.dmp 1/20/2012 9:28:33 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3d83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-22.dmp 1 15 6002 147,784
Mini012012-21.dmp 1/20/2012 9:25:55 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-21.dmp 1 15 6002 147,784
Mini012012-20.dmp 1/20/2012 9:23:16 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3783c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-20.dmp 1 15 6002 147,784
Mini012012-19.dmp 1/20/2012 9:20:38 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e2f83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-19.dmp 1 15 6002 147,784
Mini012012-18.dmp 1/20/2012 9:18:02 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e6383c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-18.dmp 1 15 6002 147,784
Mini012012-17.dmp 1/20/2012 9:15:25 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e5e83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-17.dmp 1 15 6002 147,784
Mini012012-16.dmp 1/20/2012 9:12:49 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4683c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-16.dmp 1 15 6002 147,784
Mini012012-15.dmp 1/20/2012 9:10:07 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3683c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-15.dmp 1 15 6002 147,784
Mini012012-14.dmp 1/20/2012 9:07:30 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e2b83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-14.dmp 1 15 6002 147,784
Mini012012-13.dmp 1/20/2012 9:04:52 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7483c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-13.dmp 1 15 6002 147,784
Mini012012-12.dmp 1/20/2012 9:02:15 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7a83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-12.dmp 1 15 6002 147,784
Mini012012-11.dmp 1/20/2012 8:59:34 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3e83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-11.dmp 1 15 6002 147,784
Mini012012-10.dmp 1/20/2012 8:56:57 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7483c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-10.dmp 1 15 6002 147,784
Mini012012-09.dmp 1/20/2012 8:54:19 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7183c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-09.dmp 1 15 6002 147,784
Mini012012-08.dmp 1/20/2012 8:52:05 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7283c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-08.dmp 1 15 6002 147,784
Mini012012-07.dmp 1/20/2012 8:49:28 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3a83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-07.dmp 1 15 6002 147,784
Mini012012-06.dmp 1/20/2012 8:46:49 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e2e83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-06.dmp 1 15 6002 147,784
Mini012012-05.dmp 1/20/2012 8:44:10 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4083c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-05.dmp 1 15 6002 147,784
Mini012012-04.dmp 1/20/2012 4:55:11 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e7083c mrxsmb20.sys mrxsmb20.sys+de51 Longhorn SMB 2.0 Redirector Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18462 (vistasp2_gdr.110429-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-04.dmp 1 15 6002 148,112
Mini012012-03.dmp 1/20/2012 4:39:10 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-03.dmp 1 15 6002 148,112
Mini012012-02.dmp 1/20/2012 4:21:21 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3a83c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 C:\Windows\Minidump\Mini012012-02.dmp 1 15 6002 131,072
Mini012012-01.dmp 1/20/2012 6:37:35 AM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3283c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini012012-01.dmp 1 15 6002 148,112
Mini011912-08.dmp 1/19/2012 9:21:22 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4083c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-08.dmp 1 15 6002 148,192
Mini011912-07.dmp 1/19/2012 9:02:21 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e6883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-07.dmp 1 15 6002 148,112
Mini011912-06.dmp 1/19/2012 8:45:04 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4883c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-06.dmp 1 15 6002 148,112
Mini011912-05.dmp 1/19/2012 8:39:45 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4483c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-05.dmp 1 15 6002 148,192
Mini011912-04.dmp 1/19/2012 8:33:08 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3483c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 C:\Windows\Minidump\Mini011912-04.dmp 1 15 6002 131,072
Mini011912-03.dmp 1/19/2012 8:25:37 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e4083c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-03.dmp 1 15 6002 148,112
Mini011912-02.dmp 1/19/2012 8:23:24 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3283c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-02.dmp 1 15 6002 148,192
Mini011912-01.dmp 1/19/2012 8:20:40 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a 0x00000000 0x00000002 0x00000001 0x82e3183c ntkrnlpa.exe ntkrnlpa.exe+4dfd9 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.0.6002.18533 (vistasp2_gdr.111025-0338) 32-bit ntkrnlpa.exe+4dfd9 ntkrnlpa.exe+2b83c ntkrnlpa.exe+1a5e8 raspptp.sys+cc84 C:\Windows\Minidump\Mini011912-01.dmp 1 15 6002 148,192

#4 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:05:35 PM

Posted 21 January 2012 - 11:18 AM

Please do the following to create a boot log of normal startup.

:step1: Re-name your existing ntbtlog.txt file (so that you don't include all the old logs in what you will upload):
  • Navigate to C:\WINDOWS\ntbtlog.txt
  • Re-name the file ntbtlog.txt to ntbtlogOLD.txt
    (A new ntbtlog.txt file will be created on the next startup.)

:step2: Create a new boot log of a normal startup.
  • Re-start the computer, tapping F8 to get to the Advanced Boot Options menu.
  • Choose Enable Boot Logging and press <ENTER>
    Allow your computer to attempt to start normally, and it is expected that your system will crash.
  • After the crash and re-start, load Windows in Safe Mode.
  • Navigate to C:\WINDOWS\ntbtlog.txt
  • Right-click on the ntbtlog.txt file > Send to ... > Compressed (zipped) Folder.
    The zip file will be located in the same place (the Windows folder).

:step3: Tranfer the zip file using a flashdrive to a working computer with internet connection:
  • Attach the zip file to your next reply.
    When you click on Add Reply, you will see the facility to attach a file just below the box where you type your message.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#5 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 21 January 2012 - 10:12 PM

Boot log attached.

Attached Files



#6 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:05:35 PM

Posted 23 January 2012 - 03:34 AM

I suspect the system is infected and that this is causing your problems. Please do the following in an attempt to confirm the presence of an infection ...

You will of course need to transfer the tools from, and the scan results to, a computer with internet connection.
:step1: Download SystemLook.exe and save it to your Desktop.
  • alternate download link
    For users of Windows 64 bit systems: SystemLook (64-bit)
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following code box and paste into the main text field:
    :filefind
    AFD.sys
    
  • Click the Look button to start the scan.
    Please be patient, as it may take a little time.
  • When finished, a Notepad window will open with the results of the scan.
  • Please copy & paste the entire content of this log in your next reply.
Note: The log, SystemLook.txt, is saved on your Desktop.


:step2: Download aswMBR to your desktop. (4.5 MB download)
  • Double-click aswMBR.exe to launch it.
  • When you see the pop-up question "Would you like to download latest Avast! virus definitions?" click Yes. (48 MB download)
  • Click the Scan button to start scan.
    "Scanning: ... " will be showing on the last line: The scan may take a considerable length of time to complete.
    When complete you will see "Scanning finished successfully".
  • On completion of the scan click Save log and choose to save it to your Desktop as aswMBR.txt.
  • Open aswMBR.txt and copy the entire contents and then paste in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


:step3: Download Farbar Service Scanner and run it:
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Click Scan.
    A log (FSS.txt) will be created in the same directory as the tool.
  • Copy the entire content of the log and paste in your reply.

Edited by AustrAlien, 23 January 2012 - 03:48 AM.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#7 Zombie Superman

Zombie Superman
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:02:35 AM

Posted 23 January 2012 - 06:57 PM

System Look log:

SystemLook 30.07.11 by jpshortstuff
Log created at 17:23 on 23/01/2012 by Captain
Administrator - Elevation successful

========== filefind ==========

Searching for "AFD.sys"
C:\Windows\System32\drivers\afd.sys --a---- 0 bytes [11:49 16/06/2011] [05:32 19/01/2012] D41D8CD98F00B204E9800998ECF8427E
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys --a---- 273920 bytes [02:33 21/01/2008] [02:33 21/01/2008] 763E172A55177E478CB419F88FD0BA03
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys --a---- 273408 bytes [11:49 16/06/2011] [13:16 21/04/2011] 48EB99503533C27AC6135648E5474457
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys --a---- 273920 bytes [11:49 16/06/2011] [13:12 21/04/2011] C8AF25017CECB75906A571AC70D2D306
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys --a---- 273920 bytes [18:58 20/10/2009] [04:47 11/04/2009] A201207363AA900ABF1A388468688570
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys --a---- 273920 bytes [11:49 16/06/2011] [13:28 21/04/2011] 70EE0FC7A0F384DBD929A01384AEEB4B

-= EOF =-

aswMBR log:

aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-23 17:49:09
-----------------------------
17:49:09.775 OS Version: Windows 6.0.6002 Service Pack 2
17:49:09.775 Number of processors: 1 586 0x7F02
17:49:09.775 ComputerName: MEAUX-PC UserName: Captain
17:49:10.305 Initialize success
17:49:22.707 AVAST engine download error: 0
17:49:46.076 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
17:49:46.076 Disk 0 Vendor: ST325031 4.AD Size: 238418MB BusType: 6
17:49:46.092 Disk 0 MBR read successfully
17:49:46.092 Disk 0 MBR scan
17:49:46.107 Disk 0 Windows VISTA default MBR code
17:49:46.107 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
17:49:46.123 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640
17:49:46.138 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228122 MB offset 21084160
17:49:46.154 Disk 0 scanning sectors +488281234
17:49:47.558 Disk 0 scanning C:\Windows\system32\drivers
17:49:54.235 Service scanning
17:49:55.576 Modules scanning
17:49:59.367 Disk 0 trace - called modules:
17:49:59.898 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x86d45fa9]<<
17:49:59.898 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d29030]
17:49:59.913 3 CLASSPNP.SYS[8072c8b3] -> nt!IofCallDriver -> [0x86837d18]
17:49:59.913 5 acpi.sys[806096bc] -> nt!IofCallDriver -> \Device\0000005d[0x8683db88]
17:49:59.929 \Driver\nvstor32[0x8684f840] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x86d45fa9
17:49:59.929 Scan finished successfully
17:51:01.377 Disk 0 MBR has been saved successfully to "F:\New Folder\MBR.dat"
17:51:01.377 The log file has been saved successfully to "F:\New Folder\aswMBR.txt"


Farbar scan log:

Farbar Service Scanner Version: 18-01-2012 01
Ran by Captain (administrator) on 23-01-2012 at 17:51:59
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Minimal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.
Checking LEGACY_Nsi: Attention! Unable to open LEGACY_Nsi\0000 registry key. The key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.


Connection Status:
==============
Localhost is blocked.
LAN connected.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors
IE proxy is enabled.
ProxyServer: http=127.0.0.1:56626


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: Attention! Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: Attention! Unable to open LEGACY_bfe\0000 registry key. The key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: Attention! Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Checking LEGACY_BITS: Attention! Unable to open LEGACY_BITS\0000 registry key. The key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-16 05:49] - [2012-01-18 23:32] - 0000000 ____A ()

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-10-20 12:59] - [2009-04-11 00:28] - 0758784 ____A (Microsoft Corporation) 93952506C6D67330367F7E7934B6A02F

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2009-10-20 12:59] - [2009-04-11 00:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Thanks, AustrAlien!

#8 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:05:35 PM

Posted 23 January 2012 - 07:42 PM

You will need some expert assistance to deal with the issue, so please follow the instructions in the
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

When you have done that, post your log in the "Virus, Trojan, Spyware, and Malware Removal Logs forum", NOT here, for assistance by the Malware Response Team experts.
  • Please include a link to this topic in your new topic in the MRL forum.

Please let us know, here, if you have been able to successfully start your new topic.
AustrAlien
Google is my friend. Make Google your friend too.

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users