 | |
| |
| 16 May 2011 | #1 |
| | BSOD-Possibly due to Virus Attack Dear All, Two days ago, I was struck with The famous BSOD error which has screwed up a lot of my time. I desperately need help. I tried my self and seems like I have been hit by some kind of Malware TrojanDownloader:Win32/KaraganyA which was allowed by my MSE, which is really bad. Anyways I have tried various registry cleaning softwares but nothing has worked for me. Could anybody please assist me by reading my dump file and telling me what should I do to restore my system, it is extremely important, Please Please help me. My system Specification OS Name - Microsoft Windows 7 Ultimate Version - 6.1.7600 Build 7600 OS Manufacturer - Microsoft Corporation System Model - Aspire 5740 System Type - X86-based PC Processor Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz, 2128 Mhz, 2 Core(s), 4 Logical Processor(s) BIOS Version/Date- Phoenix Technologies LTD V1.09, 11/26/2009 SMBIOS Version 2.6 Windows Directory C:\Windows System Directory C:\Windows\system32 Boot Device \Device\HarddiskVolume1 Installed Physical Memory (RAM) 3.00 GB Unfortunately, I do not have a restore point on my machine  . Kindly assist me and of you need more information please get back to me. |
My System Specs | |
| 16 May 2011 | #2 |
| | The BSOD displays this error message 0X0000008E (0XC0000005, 0X8CA82487, 0XB08DF434, 0X00000000) |
| My System Specs |
| 16 May 2011 | #3 |
| | Hi amandev and Welcome to the Forum. If you are pretty sure you've got malware it's essential you get rid of that first. Download, install and update Malwarebytes' Free. Then run a full scan in Safe Mode. Also: Dr. Web, How To Remove Virus "TrojanDownloader:Win32/Karagany.A" Ignore: 2. Download Security Space Pro (32-bit) or Security Space Pro (64-bit), save it in desktop. It's the CureIt! scan you are after. STOP 0x0000008E: KERNEL_MODE_EXCEPTION_NOT_HANDLED Usual causes: Insufficient disk space, Device driver, Video card, BIOS, Breakpoint in startup without having a debugger attached, Hardware incompatibility, Faulty system service, 3rd party remote control, Memory Your latest dump file lists ataport.SYS as the probable cause. This is a Windows System file and for it to be the cause of your crash is highly unlikely. Old and incompatible drivers can and do cause issues with Windows 7, often giving false error codes. As a Priority: PC Tools is known to be a cause of BSOD's on many Windows 7 systems. Uninstall PC Tools, including ThreatFire. Download Microsoft Security Essentials as its replacement. Make sure your Windows firewall is switched on! sptd.sys Sun Jul 26 21:12:28 2009 The sptd.sys driver is notorious for causing BSOD's with Windows 7. It's a driver used and installed along with Daemon Tools and Alcohol 120 which you'll also have to uninstall. Then use the correct (32bit or 64bit) download from Duplex Secure - Downloads to uninstall the SPTD.SYS driver. Make sure to select the uninstall button! DO NOT SELECT INSTALL!! Outdated Drivers. Update: AGRSM.sys Mon Nov 10 14:56:37 2008 TOSHIBA V92 Software Modem orAgere Systems Softor Creatix V.92 Data Fax Modem part of LSI Logic athr.sys Tue Jun 09 19:04:52 2009 Atheros Extensible Wireless LAN driver for CB42/CB43/MB42/MB43 Network Adapter - D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B) discontinued 2008 Atheros DKbFltr.sys Thu Mar 26 03:10:12 2009 Dritek Keyboard Filter driver Drivers with Updates: k57nd60x.sys Thu Aug 06 12:44:50 2009 Broadcom Ethernet Bugcheck Analysis: Code: *******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 8cb04487, b7f55434, 0}
Unable to load image \SystemRoot\system32\DRIVERS\MpFilter.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for MpFilter.sys
*** ERROR: Module load completed but symbols could not be loaded for MpFilter.sys
Probably caused by : ataport.SYS ( ataport!IdePortDispatchDeviceControl+b )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8cb04487, The address that the exception occurred at
Arg3: b7f55434, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
ataport!IdePortDispatchDeviceControl+b
8cb04487 80b98600000000 cmp byte ptr [ecx+86h],0
TRAP_FRAME: b7f55434 -- (.trap 0xffffffffb7f55434)
ErrCode = 00000000
eax=8893d338 ebx=00000000 ecx=00000000 edx=877d2008 esi=8893d338 edi=8893d338
eip=8cb04487 esp=b7f554a8 ebp=b7f554a8 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282
ataport!IdePortDispatchDeviceControl+0xb:
8cb04487 80b98600000000 cmp byte ptr [ecx+86h],0 ds:0023:00000086=??
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: WmiPrvSE.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 84e4048c to 8cb04487
STACK_TEXT:
b7f554a8 84e4048c 8893d338 879d4eb0 87a68658 ataport!IdePortDispatchDeviceControl+0xb
b7f554c0 850e3a3d 8a595b40 8a595c64 00000000 nt!IofCallDriver+0x63
b7f55534 84fbcd8d 8aac9930 8799c948 b7f55564 nt!RawQueryFsSizeInfo+0xbe
b7f55558 84fbe0d5 8a595b40 00000018 97032373 nt!RawQueryVolumeInformation+0x7e
b7f555a0 84e4048c 87a685a0 8a595b40 8a595b40 nt!RawDispatch+0xd9
b7f555b8 855ab3e8 879d2648 00000000 8aac9930 nt!IofCallDriver+0x63
b7f555e4 84e4048c 879d2648 8a595b40 8a595b40 fltmgr!FltpDispatch+0xe2
b7f555fc 850423be 8a595c64 8a595b40 20206f49 nt!IofCallDriver+0x63
b7f5561c 85055cda 879d2648 8aac9930 00000001 nt!IopSynchronousServiceTail+0x1f8
b7f556a8 84e4741a 80000a01 b7f55798 b7f55780 nt!NtQueryVolumeInformationFile+0x440
b7f556a8 84e45e75 80000a01 b7f55798 b7f55780 nt!KiFastCallEntry+0x12a
b7f55734 855c9ead 80000ad0 b7f55798 b7f55780 nt!ZwQueryVolumeInformationFile+0x11
b7f55754 855e2560 80000ad0 b7f55798 b7f55780 fltmgr!FltQueryVolumeInformation+0x2f
WARNING: Stack unwind information not available. Following frames may be wrong.
b7f557d8 855e7a4e b7f5589c 00000008 00000001 MpFilter+0x9560
b7f55880 855bfbf5 b7f5589c 00000005 00000008 MpFilter+0xea4e
b7f558b4 855c0417 87a855b0 00000005 32ae30df fltmgr!FltpDoInstanceSetupNotification+0x69
b7f55900 855c07d1 88a0ee08 87a00ac8 00000005 fltmgr!FltpInitInstance+0x25d
b7f55970 855c08d7 88a0ee08 87a00ac8 00000005 fltmgr!FltpCreateInstanceFromName+0x285
b7f559dc 855c9cde 88a0ee08 87a00ac8 00000005 fltmgr!FltpEnumerateRegistryInstances+0xf9
b7f55a2c 855be7f4 87a00ac8 8a61f540 8aba8598 fltmgr!FltpDoFilterNotificationForNewVolume+0xe0
b7f55a70 84e4048c 879d2648 87a00ac8 8aba85f4 fltmgr!FltpCreate+0x206
b7f55a88 85044afd 97032db3 b7f55c30 00000000 nt!IofCallDriver+0x63
b7f55b60 8502557b 8893d338 a587e588 877bfd20 nt!IopParseDevice+0xed7
b7f55bdc 8504b729 00000000 b7f55c30 00000040 nt!ObpLookupObjectName+0x4fa
b7f55c38 85043a7b 0103e31c 8787e588 00000001 nt!ObOpenObjectByName+0x165
b7f55cb4 8504f392 0103e378 80100080 0103e31c nt!IopCreateFile+0x673
b7f55d00 84e4741a 0103e378 80100080 0103e31c nt!NtCreateFile+0x34
b7f55d00 77c96344 0103e378 80100080 0103e31c nt!KiFastCallEntry+0x12a
0103e2dc 00000000 00000000 00000000 00000000 0x77c96344
STACK_COMMAND: kb
FOLLOWUP_IP:
ataport!IdePortDispatchDeviceControl+b
8cb04487 80b98600000000 cmp byte ptr [ecx+86h],0
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: ataport!IdePortDispatchDeviceControl+b
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ataport
IMAGE_NAME: ataport.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bbf16
FAILURE_BUCKET_ID: 0x8E_ataport!IdePortDispatchDeviceControl+b
BUCKET_ID: 0x8E_ataport!IdePortDispatchDeviceControl+b
Followup: MachineOwner Code: 8ca05000 8ca4d000 ACPI ACPI.sys Tue Jul 14 00:11:11 2009 (4A5BBF0F)
91e32000 91e8c000 afd afd.sys Tue Jul 14 00:12:34 2009 (4A5BBF62)
935e3000 935f5000 AgileVpn AgileVpn.sys Tue Jul 14 00:55:00 2009 (4A5BC954)
95230000 95336000 AGRSM AGRSM.sys Mon Nov 10 14:56:37 2008 (49184BA5)
8cb39000 8cb42000 amdxata amdxata.sys Fri Mar 19 16:19:01 2010 (4BA3A3F5)
8caf5000 8cafe000 atapi atapi.sys Tue Jul 14 00:11:15 2009 (4A5BBF13)
8cafe000 8cb21000 ataport ataport.SYS Tue Jul 14 00:11:18 2009 (4A5BBF16)
93409000 93519000 athr athr.sys Tue Jun 09 19:04:52 2009 (4A2EA444)
8ca79000 8ca84000 BATTC BATTC.SYS Tue Jul 14 00:19:15 2009 (4A5BC0F3)
8cff1000 8cff8000 Beep Beep.SYS Tue Jul 14 00:45:00 2009 (4A5BC6FC)
91c8c000 91c9a000 blbdrive blbdrive.sys Tue Jul 14 00:23:04 2009 (4A5BC1D8)
854b0000 854b8000 BOOTVID BOOTVID.dll Tue Jul 14 02:04:34 2009 (4A5BD9A2)
939ce000 939e7000 bowser bowser.sys Wed Feb 23 05:05:24 2011 (4D649594)
825d0000 825ee000 cdd cdd.dll unavailable (00000000)
8ce11000 8ce30000 cdrom cdrom.sys Tue Jul 14 00:11:24 2009 (4A5BBF1C)
854fa000 855a5000 CI CI.dll Tue Jul 14 02:09:28 2009 (4A5BDAC8)
8cfc2000 8cfe7000 CLASSPNP CLASSPNP.SYS Tue Jul 14 00:11:20 2009 (4A5BBF18)
854b8000 854fa000 CLFS CLFS.SYS Tue Jul 14 00:11:10 2009 (4A5BBF0E)
93523000 93526700 CmBatt CmBatt.sys Tue Jul 14 00:19:18 2009 (4A5BC0F6)
8cd9e000 8cdfb000 cng cng.sys Tue Jul 14 00:32:55 2009 (4A5BC427)
8ca71000 8ca79000 compbatt compbatt.sys Tue Jul 14 00:19:18 2009 (4A5BC0F6)
935d6000 935e3000 CompositeBus CompositeBus.sys Tue Jul 14 00:45:26 2009 (4A5BC716)
9537d000 9538a000 crashdmp crashdmp.sys Tue Jul 14 00:45:50 2009 (4A5BC72E)
91c10000 91c74000 csc csc.sys Tue Jul 14 00:15:08 2009 (4A5BBFFC)
91c74000 91c8c000 dfsc dfsc.sys Tue Jul 14 00:14:16 2009 (4A5BBFC8)
91fb9000 91fc5000 discache discache.sys Tue Jul 14 00:24:04 2009 (4A5BC214)
8cfb1000 8cfc2000 disk disk.sys Tue Jul 14 00:11:28 2009 (4A5BBF20)
9353f000 93549000 DKbFltr DKbFltr.sys Thu Mar 26 03:10:12 2009 (49CAF214)
93929000 93942000 drmk drmk.sys Tue Jul 14 01:36:05 2009 (4A5BD2F5)
9538a000 95395000 dump_dumpata dump_dumpata.sys Tue Jul 14 00:11:16 2009 (4A5BBF14)
9539f000 953b0000 dump_dumpfve dump_dumpfve.sys Tue Jul 14 00:12:47 2009 (4A5BBF6F)
95395000 9539f000 dump_msahci dump_msahci.sys Tue Jul 14 00:45:50 2009 (4A5BC72E)
953b0000 953ba000 Dxapi Dxapi.sys Tue Jul 14 00:25:25 2009 (4A5BC265)
92d41000 92df8000 dxgkrnl dxgkrnl.sys Tue Nov 02 02:37:53 2010 (4CCF7981)
91cbb000 91cf4000 dxgmms1 dxgmms1.sys Thu Feb 03 03:34:49 2011 (4D4A2259)
8cb42000 8cb53000 fileinfo fileinfo.sys Tue Jul 14 00:21:51 2009 (4A5BC18F)
855a5000 855d9000 fltmgr fltmgr.sys Tue Jul 14 00:11:13 2009 (4A5BBF11)
8cc0e000 8cc17000 Fs_Rec Fs_Rec.sys Tue Jul 14 00:11:14 2009 (4A5BBF12)
8cf7f000 8cfb1000 fvevol fvevol.sys Sat Sep 26 03:24:21 2009 (4ABD7B55)
8d158000 8d189000 fwpkclnt fwpkclnt.sys Tue Jul 14 00:12:03 2009 (4A5BBF43)
85214000 8524b000 hal halmacpi.dll Tue Jul 14 00:11:03 2009 (4A5BBF07)
91d3f000 91d5e000 HDAudBus HDAudBus.sys Tue Jul 14 00:50:55 2009 (4A5BC85F)
938aa000 938fa000 HdAudio HdAudio.sys Tue Jul 14 00:51:46 2009 (4A5BC892)
92400000 9240a080 HECI HECI.sys Thu Sep 17 20:54:12 2009 (4AB293E4)
9d4df000 9d564000 HTTP HTTP.sys Tue Jul 14 00:12:53 2009 (4A5BBF75)
8d1e9000 8d1f1000 hwpolicy hwpolicy.sys Tue Jul 14 00:11:01 2009 (4A5BBF05)
93527000 9353f000 i8042prt i8042prt.sys Tue Jul 14 00:11:23 2009 (4A5BBF1B)
92424000 92d41000 igdkmd32 igdkmd32.sys Wed Aug 25 20:31:24 2010 (4C756F8C)
9359c000 935bab00 Impcd Impcd.sys Mon Oct 26 20:39:02 2009 (4AE608E6)
95343000 9537d000 IntcDAud IntcDAud.sys Fri Oct 30 14:55:29 2009 (4AEAFE61)
935bb000 935cd000 intelppm intelppm.sys Tue Jul 14 00:11:03 2009 (4A5BBF07)
91d5e000 91da3000 k57nd60x k57nd60x.sys Thu Aug 06 12:44:50 2009 (4A7AC232)
93549000 93556000 kbdclass kbdclass.sys Tue Jul 14 00:11:15 2009 (4A5BBF13)
88953000 8895b000 kdcom kdcom.dll Tue Jul 14 02:08:58 2009 (4A5BDAAA)
93813000 93847000 ks ks.sys Thu Mar 04 03:57:52 2010 (4B8F2FC0)
8cd8b000 8cd9e000 ksecdd ksecdd.sys Tue Jul 14 00:11:56 2009 (4A5BBF3C)
8cf2d000 8cf52000 ksecpkg ksecpkg.sys Fri Dec 11 04:04:22 2009 (4B21C4C6)
9521b000 9522b000 lltdio lltdio.sys Tue Jul 14 00:53:18 2009 (4A5BC8EE)
95200000 9521b000 luafv luafv.sys Tue Jul 14 00:15:44 2009 (4A5BC020)
85427000 8549f000 mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Tue Jul 14 02:06:41 2009 (4A5BDA21)
95336000 95343000 modem modem.sys Tue Jul 14 00:55:24 2009 (4A5BC96C)
953f5000 95400000 monitor monitor.sys Tue Jul 14 00:25:58 2009 (4A5BC286)
9358f000 9359c000 mouclass mouclass.sys Tue Jul 14 00:11:15 2009 (4A5BBF13)
8cadf000 8caf5000 mountmgr mountmgr.sys Tue Jul 14 00:11:27 2009 (4A5BBF1F)
855d9000 855ff680 MpFilter MpFilter.sys Tue Sep 14 22:23:59 2010 (4C8FE7EF)
939e7000 939f9000 mpsdrv mpsdrv.sys Tue Jul 14 00:52:52 2009 (4A5BC8D4)
9b612000 9b635000 mrxsmb mrxsmb.sys Wed Feb 23 05:05:29 2011 (4D649599)
9b635000 9b670000 mrxsmb10 mrxsmb10.sys Wed Feb 23 05:05:39 2011 (4D6495A3)
9b670000 9b68b000 mrxsmb20 mrxsmb20.sys Wed Feb 23 05:05:33 2011 (4D64959D)
8cb21000 8cb2b000 msahci msahci.sys Tue Jul 14 00:45:50 2009 (4A5BC72E)
85400000 8540b000 Msfs Msfs.SYS Tue Jul 14 00:11:26 2009 (4A5BBF1E)
8ca58000 8ca60000 msisadrv msisadrv.sys Tue Jul 14 00:11:09 2009 (4A5BBF0D)
8cd60000 8cd8b000 msrpc msrpc.sys Tue Jul 14 00:11:59 2009 (4A5BBF3F)
91faf000 91fb9000 mssmbios mssmbios.sys Tue Jul 14 00:19:25 2009 (4A5BC0FD)
8d1d9000 8d1e9000 mup mup.sys Tue Jul 14 00:14:14 2009 (4A5BBFC6)
8ce38000 8ceef000 ndis ndis.sys Tue Jul 14 00:12:24 2009 (4A5BBF58)
935f5000 93600000 ndistapi ndistapi.sys Tue Jul 14 00:54:24 2009 (4A5BC930)
939a2000 939b2000 ndisuio ndisuio.sys Tue Jul 14 00:53:51 2009 (4A5BC90F)
91dbb000 91ddd000 ndiswan ndiswan.sys Tue Jul 14 00:54:34 2009 (4A5BC93A)
93899000 938aa000 NDProxy NDProxy.SYS Tue Jul 14 00:54:27 2009 (4A5BC933)
91efe000 91f0c000 netbios netbios.sys Tue Jul 14 00:53:54 2009 (4A5BC912)
91e8c000 91ebe000 netbt netbt.sys Tue Jul 14 00:12:18 2009 (4A5BBF52)
8ceef000 8cf2d000 NETIO NETIO.SYS Fri Apr 09 03:32:21 2010 (4BBE91B5)
8540b000 85419000 Npfs Npfs.SYS Tue Jul 14 00:11:31 2009 (4A5BBF23)
91fa5000 91faf000 nsiproxy nsiproxy.sys Tue Jul 14 00:12:08 2009 (4A5BBF48)
84e04000 85214000 nt ntkrpamp.exe Sat Apr 09 04:57:09 2011 (4D9FD915)
8cc31000 8cd60000 Ntfs Ntfs.sys Fri Mar 11 03:29:11 2011 (4D799707)
8ce30000 8ce37000 Null Null.SYS Tue Jul 14 00:11:12 2009 (4A5BBF10)
9395c000 939a2000 nwifi nwifi.sys Tue Jul 14 00:51:59 2009 (4A5BC89F)
91ece000 91eed000 pacer pacer.sys Tue Jul 14 00:53:58 2009 (4A5BC916)
8ca60000 8ca71000 partmgr partmgr.sys Tue Jul 14 00:11:35 2009 (4A5BBF27)
857b4000 857de000 pci pci.sys Tue Jul 14 00:11:16 2009 (4A5BBF14)
8cb2b000 8cb39000 PCIIDEX PCIIDEX.SYS Tue Jul 14 00:11:15 2009 (4A5BBF13)
8cb53000 8cb90000 PCTCore PCTCore.sys Wed Dec 08 21:20:21 2010 (4CFFF695)
8cb90000 8cbe7000 pctDS pctDS.sys Fri Jun 04 03:06:26 2010 (4C085FA2)
9d4d6000 9d4de260 PCTSDInj32 PCTSDInj32.sys Wed Sep 01 01:31:04 2010 (4C7D9EC8)
8cc00000 8cc0e000 pcw pcw.sys Tue Jul 14 00:11:10 2009 (4A5BBF0E)
9b6a3000 9b73a000 peauth peauth.sys Tue Jul 14 01:35:44 2009 (4A5BD2E0)
938fa000 93929000 portcls portcls.sys Tue Jul 14 00:51:00 2009 (4A5BC864)
8549f000 854b0000 PSHED PSHED.dll Tue Jul 14 02:09:36 2009 (4A5BDAD0)
91da3000 91dbb000 rasl2tp rasl2tp.sys Tue Jul 14 00:54:33 2009 (4A5BC939)
91ddd000 91df5000 raspppoe raspppoe.sys Tue Jul 14 00:54:53 2009 (4A5BC94D)
91fc5000 91fdc000 raspptp raspptp.sys Tue Jul 14 00:54:47 2009 (4A5BC947)
91fdc000 91ff3000 rassstp rassstp.sys Tue Jul 14 00:54:57 2009 (4A5BC951)
91f64000 91fa5000 rdbss rdbss.sys Tue Jul 14 00:14:26 2009 (4A5BBFD2)
9241a000 92424000 rdpbus rdpbus.sys Tue Jul 14 01:02:40 2009 (4A5BCB20)
8cff8000 8d000000 RDPCDD RDPCDD.sys Tue Jul 14 01:01:40 2009 (4A5BCAE4)
8cbe7000 8cbef000 rdpencdd rdpencdd.sys Tue Jul 14 01:01:39 2009 (4A5BCAE3)
8cbef000 8cbf7000 rdprefmp rdprefmp.sys Tue Jul 14 01:01:41 2009 (4A5BCAE5)
8cf52000 8cf7f000 rdyboost rdyboost.sys Tue Jul 14 00:22:02 2009 (4A5BC19A)
939b2000 939c5000 rspndr rspndr.sys Tue Jul 14 00:53:20 2009 (4A5BC8F0)
91f5e000 91f64000 SASDIFSV SASDIFSV.SYS Wed Feb 17 18:19:19 2010 (4B7C3327)
91f3c000 91f5e000 SASKUTIL SASKUTIL.SYS Mon May 10 18:15:22 2010 (4BE83F2A)
91f2f000 91f3c000 SCDEmu SCDEmu.SYS Sun Nov 02 08:44:10 2008 (490D685A)
8578e000 857b4000 SCSIPORT SCSIPORT.SYS Tue Jul 14 00:45:55 2009 (4A5BC733)
9b73a000 9b744000 secdrv secdrv.SYS Wed Sep 13 14:18:32 2006 (45080528)
8d1d1000 8d1d9000 spldr spldr.sys Mon May 11 17:13:47 2009 (4A084EBB)
9b765000 9b7cf000 spsys spsys.sys Mon May 11 17:37:10 2009 (4A085436)
85684000 85785000 sptd sptd.sys Sun Jul 26 21:12:28 2009 (4A6CB8AC)
9d484000 9d4d6000 srv srv.sys Wed Feb 23 05:06:08 2011 (4D6495C0)
9d435000 9d484000 srv2 srv2.sys Wed Feb 23 05:05:54 2011 (4D6495B2)
9b744000 9b765000 srvnet srvnet.sys Wed Feb 23 05:05:46 2011 (4D6495AA)
93400000 93401380 swenum swenum.sys Tue Jul 14 00:45:08 2009 (4A5BC704)
93556000 9358c480 SynTP SynTP.sys Fri Sep 18 03:29:36 2009 (4AB2F090)
8d00f000 8d158000 tcpip tcpip.sys Mon Jun 14 04:36:59 2010 (4C15A3DB)
9b7cf000 9b7dc000 tcpipreg tcpipreg.sys Tue Jul 14 00:54:14 2009 (4A5BC926)
91e27000 91e32000 TDI TDI.SYS Tue Jul 14 00:12:12 2009 (4A5BBF4C)
91e10000 91e27000 tdx tdx.sys Tue Jul 14 00:12:10 2009 (4A5BBF4A)
91f1f000 91f2f000 termdd termdd.sys Tue Jul 14 01:01:35 2009 (4A5BCADF)
825a0000 825a9000 TSDDD TSDDD.dll Tue Jul 14 01:01:40 2009 (4A5BCAE4)
91c9a000 91cbb000 tunnel tunnel.sys Tue Jul 14 00:54:03 2009 (4A5BC91B)
93847000 93855000 umbus umbus.sys Tue Jul 14 00:51:38 2009 (4A5BC88A)
953ba000 953d1000 usbccgp usbccgp.sys Fri Mar 25 03:06:23 2011 (4D8C06AF)
9358d000 9358e700 USBD USBD.SYS Fri Mar 25 03:06:06 2011 (4D8C069E)
9240b000 9241a000 usbehci usbehci.sys Fri Mar 25 03:06:12 2011 (4D8C06A4)
93855000 93899000 usbhub usbhub.sys Fri Mar 25 03:06:43 2011 (4D8C06C3)
91cf4000 91d3f000 USBPORT USBPORT.SYS Fri Mar 25 03:06:22 2011 (4D8C06AE)
953d1000 953f4b80 usbvideo usbvideo.sys Thu Mar 04 04:04:40 2010 (4B8F3158)
8ca4d000 8ca58000 vdrvroot vdrvroot.sys Tue Jul 14 00:46:19 2009 (4A5BC74B)
8cc17000 8cc23000 vga vga.sys Tue Jul 14 00:25:50 2009 (4A5BC27E)
857de000 857ff000 VIDEOPRT VIDEOPRT.SYS Tue Jul 14 00:25:49 2009 (4A5BC27D)
8d189000 8d191380 vmstorfl vmstorfl.sys Tue Jul 14 00:28:44 2009 (4A5BC32C)
8ca84000 8ca94000 volmgr volmgr.sys Tue Jul 14 00:11:25 2009 (4A5BBF1D)
8ca94000 8cadf000 volmgrx volmgrx.sys Tue Jul 14 00:11:41 2009 (4A5BBF2D)
8d192000 8d1d1000 volsnap volsnap.sys Tue Jul 14 00:11:34 2009 (4A5BBF26)
93519000 93523000 vwifibus vwifibus.sys Tue Jul 14 00:52:02 2009 (4A5BC8A2)
91eed000 91efe000 vwififlt vwififlt.sys Tue Jul 14 00:52:03 2009 (4A5BC8A3)
91f0c000 91f1f000 wanarp wanarp.sys Tue Jul 14 00:55:02 2009 (4A5BC956)
8cc23000 8cc30000 watchdog watchdog.sys Tue Jul 14 00:24:10 2009 (4A5BC21A)
85605000 85676000 Wdf01000 Wdf01000.sys Tue Jul 14 00:11:36 2009 (4A5BBF28)
85676000 85684000 WDFLDR WDFLDR.SYS Tue Jul 14 00:11:25 2009 (4A5BBF1D)
91ec7000 91ece000 wfplwf wfplwf.sys Tue Jul 14 00:53:51 2009 (4A5BC90F)
82340000 8258b000 win32k win32k.sys Thu Mar 03 03:31:07 2011 (4D6F0B7B)
935cd000 935d6000 wmiacpi wmiacpi.sys Tue Jul 14 00:19:16 2009 (4A5BC0F4)
85785000 8578e000 WMILIB WMILIB.SYS Tue Jul 14 00:11:22 2009 (4A5BBF1A)
91ebe000 91ec7000 ws2ifsl ws2ifsl.sys Tue Jul 14 00:55:01 2009 (4A5BC955)
93942000 9395c000 WudfPf WudfPf.sys Tue Jul 14 00:50:13 2009 (4A5BC835)
Unloaded modules:
9b68b000 9b6a3000 parport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00018000
939c5000 939ce000 vwifimp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00009000
8d1f1000 8d1fe000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000D000
8d000000 8d00b000 dump_pciidex
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000B000
8cfe7000 8cff1000 dump_msahci.
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000A000
8ce00000 8ce11000 dump_dumpfve
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00011000 HTH. Last edited by fimble; 16 May 2011 at 07:28 PM.. |
| My System Specs |
| . |
| |
| 16 May 2011 | #4 |
| | If you can't run Malwarebytes in Safe Mode, boot BitDefender's Rescue CD to run a full scan: FREE Bootable AntiVirus Rescue CDs Download List Sometimes the damage from serious infection is irreparable and requires a clean reinstall or running Factory Recovery if you have factory OEM. However you can try repairing damaged System files running SFC -SCANNOW Command, if necessary from the System Recovery Options Command Line: SFC -SCANNOW Run in Command Prompt at Boot If you regain enough functionality to stay on the Desktop and have a Windows 7 DVD you can run a Repair Install although you'll need one with SP1 if you have it installed, otherwise you can uninstall Windows 7 Service Pack 1 (SP1). Copy out your files to quarantine now using this method or Paragon Rescue CD: Copy & Paste - in Windows Recovery Console System Repair Disc - Create |
| My System Specs |
| 17 May 2011 | #5 |
| | My windows does not work any more Hello Guys, I scanned using the malware software and also used Doctor Cure, they found a couple of infected files and removed them. Mow I am unable to boot the windows, both in safe mode as well as normal mode Since I cannot start my windows, I coont even access the dumpfile anymore. Kindly advise me, what should I do next. |
| My System Specs |
| 17 May 2011 | #6 |
| | Hi amandev, Run a start up repair by repeatedly tapping F8 at the boot screen and initially selecting System Recovery Options. See This Post for further details. |
| My System Specs |
| 17 May 2011 | #7 |
| | I tried it as well - Does not work Hello guys, I tried the system repair already, it does not work . |
| My System Specs |
| 17 May 2011 | #8 |
| | It gives an error message that the Windows was unable to repair the system |
| My System Specs |
| 17 May 2011 | #9 |
| | Honestly, I suspect your best bet is to completely wipe the hard drive and start over. Create an Ubuntu Live CD, boot it up, and select "Try Ubuntu". Back up all your data to an external hard drive or network drive (such as Windows Live Skydrive), and then run the Clean All command. When done, reinstall Windows. |
| My System Specs |
| 18 May 2011 | #10 |
| | Dear All, I need some technical help now. My windows 7 Ultimate has failed and I cannot make it boot, i wish to try to repair it using a windows 7 DVD. Fortunately, I found a iso file of my windows using ubuntu and I quickly created a DVD out of it. It seems to be ok and when I try to install using ubuntu wine it shows not enough diskspace which makes sense because wine tries to install in its own disk space but I do not want that, i want to use this disk to repair my windows somehow. Unfortunately, due to some reasons the DVD I created is not a bootable drive and it does not begin automatically at the startup, using wine I can begin the setup.exe and it starts but not automatically as I wish it to be inorder to become repairing my windows. I tried making bootable usb also but I think there is some file missing in the iso file I have. Is there anyway I could add some file into the present DVD I created in order to make it bootable ? In my windows folder I have BOOT EFI SOURCES SUPPORT UPGRADE AUTORUN.INF BOOTMGR and SETUP.exe I think i will try it once again but chances are quite glim. If anybody can help me with some information it would be very helpful. Also in the Windows repair option I could go to x:/windows/windows32/ I do not know what is x here but if using this command prompt I could force my machine to run the setup.exe from the DVD this could also be one good solution to make windows start the intallation procedure. |
| My System Specs |
 |
BSOD-Possibly due to Virus Attack problems?
| Thread Tools | |
| Similar help and support threads for: BSOD-Possibly due to Virus Attack | ||||
| Thread | Forum | |||
| How can a phishing attack possibly work with e-mail filtration? | System Security | |||
| Recently conquered Virus/Malware attack, now BSOD returns! | BSOD Help and Support | |||
| Virus attack or what??? Please help me | System Security | |||
| Random BSOD after possible virus attack | BSOD Help and Support | |||
| Virus Attack? | System Security | |||
All times are GMT -5. The time now is 05:15 PM.
