Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help needed


  • Please log in to reply
5 replies to this topic

#1 Arnee

Arnee

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:39 AM

Posted 12 December 2012 - 11:21 PM

I recently got a blue screen that said a problem has been detected and windows has shut down to prevent damage to your computer...Stop 0x0000008E (0xC0000005, 0x831B2487, 0xB00B7754, 0x00000000)
ataport.sys- address 831B2487, base at 831AC000, Datestamp 4ce788e8.

I can only run in safe mode now or it shuts down.

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/12/2012 09:59:29 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:


Any advice would be appreciated. I am new to this forum and hope I have put this in the correct place. Thank you

Edited by hamluis, 15 December 2012 - 10:51 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Allan

Allan

  • BC Advisor
  • 8,572 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:04:39 AM

Posted 13 December 2012 - 07:44 AM

Download BlueScreenView:
http://www.nirsoft.net/utils/blue_screen_view.html
unzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select All
Go to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply

#3 Arnee

Arnee
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:39 AM

Posted 14 December 2012 - 02:22 PM

Dump File : 121212-36254-01.dmp
Crash Time : 12/12/2012 7:35:13 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831c3487
Parameter 3 : 0xaff27754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121212-36254-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121212-30747-01.dmp
Crash Time : 12/12/2012 7:19:31 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831cd487
Parameter 3 : 0xb02eb754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121212-30747-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121212-32058-01.dmp
Crash Time : 12/12/2012 7:14:26 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831bf487
Parameter 3 : 0x92583754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121212-32058-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 121112-30825-01.dmp
Crash Time : 12/11/2012 8:44:27 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831aa487
Parameter 3 : 0xaf12d754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121112-30825-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121012-31044-01.dmp
Crash Time : 12/10/2012 9:50:48 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831a9487
Parameter 3 : 0xae6df754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-31044-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121012-37409-02.dmp
Crash Time : 12/10/2012 9:19:50 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831d8487
Parameter 3 : 0xacbab754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-37409-02.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 121012-36972-01.dmp
Crash Time : 12/10/2012 9:14:09 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x83206487
Parameter 3 : 0xad2d7754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-36972-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 121012-37377-01.dmp
Crash Time : 12/10/2012 9:08:43 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831b4487
Parameter 3 : 0x99741754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-37377-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121012-37190-01.dmp
Crash Time : 12/10/2012 9:03:02 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831e3487
Parameter 3 : 0xb0c9b754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-37190-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 121012-37237-01.dmp
Crash Time : 12/10/2012 8:57:15 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x83206487
Parameter 3 : 0xb2538754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-37237-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 121012-38126-01.dmp
Crash Time : 12/10/2012 8:51:46 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x83206487
Parameter 3 : 0xb07ee754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-38126-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121012-41012-01.dmp
Crash Time : 12/10/2012 8:46:08 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831aa487
Parameter 3 : 0xb41ae754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-41012-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 121012-27159-01.dmp
Crash Time : 12/10/2012 8:40:28 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x83206487
Parameter 3 : 0xb4fe3754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-27159-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 121012-29702-01.dmp
Crash Time : 12/10/2012 8:36:03 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831ce487
Parameter 3 : 0xb1ac3754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\121012-29702-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 120912-27627-01.dmp
Crash Time : 12/9/2012 9:56:58 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831b2487
Parameter 3 : 0xb00b7754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\120912-27627-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,312
==================================================

==================================================
Dump File : 120912-27378-01.dmp
Crash Time : 12/9/2012 5:39:01 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x831b3487
Parameter 3 : 0x8c785754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\120912-27378-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

==================================================
Dump File : 120912-35178-01.dmp
Crash Time : 12/9/2012 2:59:20 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x83206487
Parameter 3 : 0xb1885754
Parameter 4 : 0x00000000
Caused By Driver : ataport.SYS
Caused By Address : ataport.SYS+6487
File Description : ATAPI Driver Extension
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor : 32-bit
Crash Address : ataport.SYS+6487
Stack Address 1 : ntkrnlpa.exe+36c29
Stack Address 2 : MpFilter.sys+ef7
Stack Address 3 : MpFilter.sys+d4a2
Computer Name :
Full Path : C:\Windows\Minidump\120912-35178-01.dmp
Processors Count : 1
Major Version : 15
Minor Version : 7601
Dump File Size : 145,320
==================================================

THANKS!!!!!!!!!!!!

#4 Allan

Allan

  • BC Advisor
  • 8,572 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:04:39 AM

Posted 14 December 2012 - 05:10 PM

I suggest you run TDSSkiller (Kaspersky) and let's see where we are then.

#5 Arnee

Arnee
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:39 AM

Posted 02 January 2013 - 09:30 PM

Allan,
So Holidays are over, and finally had time to try this fix, and IT WORKED!!! THANK YOU! What do you suggest I do to avoid this in the future with regard to anti-virus, etc? Thanks again!

#6 Allan

Allan

  • BC Advisor
  • 8,572 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:04:39 AM

Posted 03 January 2013 - 08:06 AM

You're welcome - glad it worked. Do you have a GOOD anti virus app installed and always resident? If not, you need to install one immediately. You can also run periodic scans with the free version of MalwareBytes.

Most important in computer safety / security is common sense. Do not open links in emails unless you are 100% certain you know what they are, the same with clicking on links in web pages, do not visit questionable websites, do not let someone else use your computer if you aren't present, make frequent backups of your system with disc imaging software, etc.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users