Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant BSOD... Help?


  • Please log in to reply
14 replies to this topic

#1 Kit-chan

Kit-chan

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 08 November 2012 - 12:08 AM

Hey there,

So lately my comp has been constantly hitting BSOD, and I can't really figure out why.

Some stats:
Windows 7 SP1 64-bit
HP Pavilion dv6 laptop
8 Intel Core i7-2630QM 2.00GHz processors

And the technical details:

Spoiler


I don't really know what any of this means or how to fix it, when it checks online for a solution it causes another BSOD or whatever. I virus scanned with updated MalwareBytes and Spybot S&D and it can't find anything.

Also, the service for Windows Update is missing.

Any help, advice, etc would be appreciated!

Edited by Kit-chan, 08 November 2012 - 10:17 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:12:11 PM

Posted 08 November 2012 - 01:24 AM

Let's collect some more information: I'll have a look at it and help you try to resolve the problem.

:step1: Please follow the instructions: Blue Screen of Death (BSOD) Posting Instructions - Windows 8, 7 & Vista

(Note: When you run BSOD_Windows7_Vista_v2.64_jcgriff2_.exe, it will also run autoruns.exe ... and both need to be in the Documents folder!)
... with one exception to the following line under Step 4:
  • "Create a new thread HERE and attach the file(s)."
The BC forums will allow a total attachment size of only 512 kb (and what you need to attach will exceed this limit).
  • Please upload the zip file to a file sharing website of your choice and and post a link to it in this thread so that we can access your uploaded zip file.
See the suggestions in the following links for recommendations on file sharing websites:
  • http://lifehacker.com/388284/best-online-file-sharing-services
  • http://www.hongkiat.com/blog/15-great-free-online-file-sharing-alternatives/
  • http://www.smashingapps.com/2008/08/28/5-best-free-file-hosting-services-to-store-your-files.html

    I can recommend Posted Image: Also suitable is Posted Image

:step2: Please Publish a Snapshot using Speccy, and post a link to it in this thread.
  • It is a convenient and accurate way of providing us with details of your computer specifications.

:step3: Please download MiniToolBox, save it to your Desktop and run it.
  • Checkmark the following checkboxes:
    • List Installed Programs
  • Click Go.
    When the scan is finished, a text file will open in a Notepad window.
  • Copy the entire contents of the Notepad window, and paste in your reply.
    (Result.txt will be saved in the same directory the tool is run.)

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#3 Kit-chan

Kit-chan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 08 November 2012 - 03:26 PM

Thank you so much for the help!

Here's the first bsod to-do thing you wanted: http://www.mediafire.com/?vh3m13p9d3oi54p

Here's my speccy snapshot: http://speccy.piriform.com/results/LApThwfW7MW62r2x1oCxuwp

And the mini-box tool clipboard you wanted:
Spoiler

Edited by Kit-chan, 08 November 2012 - 10:15 PM.


#4 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:12:11 PM

Posted 08 November 2012 - 04:30 PM

From the msinfo32 report (loaded modules):

"\\.\globalroot\systemroot\svchost.exe"

The system is likely infected with malware, namely a rootkit.

I will request that a Moderator move this topic to the Am I infected? What do I do? forum and I will request assistance for you.
AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 08 November 2012 - 04:37 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#6 Kit-chan

Kit-chan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 08 November 2012 - 09:56 PM

Here's the first log from TDSSKiller:
Spoiler


And the second log from aswMBR:
Spoiler


And the third thing, the list of threats from ESET:
Spoiler

Edited by Kit-chan, 08 November 2012 - 10:16 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 09 November 2012 - 05:42 AM

Run ESET again and make sure to checkmark REMOVE THREATS option,post the new log

Run TDSSkiller again and post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 Kit-chan

Kit-chan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 10 November 2012 - 01:44 PM

Ran ESET, forgot how to get the log from that (and couldn't figure it out).

Ran TDSS, here's the log:
Spoiler


And the Malwarebytes log:
Spoiler


And the minibox tool log:
Spoiler


And the Farbar Service log:
Spoiler


And then the Adware cleaner log:
Spoiler


And lastly, Junkware removal log:
Spoiler


#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 10 November 2012 - 01:46 PM

Please run malwarebytes again and post the log


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 Kit-chan

Kit-chan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 11 November 2012 - 01:24 PM

Malwarebytes log:
Spoiler


Ran that service fixer thingy

Ran farbar, here's the log:
Spoiler


Ran RKill, here's the log:
Spoiler


And the autoruns log:
Spoiler


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 11 November 2012 - 01:42 PM

RKILL given in previous instructions and post the new log

Edited by narenxp, 11 November 2012 - 03:18 PM.


#12 Kit-chan

Kit-chan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 11 November 2012 - 02:51 PM

Log from RKill:
Spoiler


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 11 November 2012 - 03:18 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#14 Kit-chan

Kit-chan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:11 PM

Posted 11 November 2012 - 06:46 PM

Thank you so much!! Everything seems to be working well. Much appreciated!

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 PM

Posted 11 November 2012 - 08:12 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users