 |
Windows 7: Random BSOD, Malware Suspected
|
09 Mar 2013
|
| |
Microsoft Windows 7 Home Premium 64-bit SP1 420 posts Toronto, ON, Canada |
Random BSOD, Malware Suspected
Hello,
I just had a BSOD. Everything was working fine for a few hours, then *blam*. I suspect malicious software for some reason, so can anybody help me try to find the reason? Just did an SFC scan, it's clean.
Thanks!
P.S. Look at my recent post HERE | My System Specs |
| Computer type Laptop
System Manufacturer/Model Number Hewlett-Packard Pavilion g6-1A44CA Notebook PC
OS Microsoft Windows 7 Home Premium 64-bit SP1
CPU AMD Phenom(tm) II P960 Quad-Core Processor
Motherboard Hewlett-Packard 1697
Memory 4GB DIMM 1066Mhz Micron Technology, 2GB DIMM 1066Mhz Ramaxel
Graphics Card AMD M880G with ATI Mobility Radeon HD 4250
Sound Card AMD HDMI Output
Monitor(s) Displays Philips 40PFL4707/F7 40" LED TV
Screen Resolution 1680x1050
Keyboard Dell SK-8115
Mouse Logitech M325, Synaptics TouchPad
Hard Drives Hitachi HTS547575A9E384 SATA Disk Device (698.64GB)
Internet Speed Rogers Express (25Mbps Down, 2Mbps Up)
Other Info Optical Drive: HP CDDVDW TS-L633R
Network Interfaces: Realtek PCIe FE Family Controller, Ralink RT5390 802.11b/g/n WiFi Adapter
BIOS: Default System BIOS
|
09 Mar 2013
|
| |
Windows 7 Home Premium 64 Bit SP 1 21,457 posts |
From your TDSSKiller log .... Code: 13:17:45.0261 5460 Detected object count: 2
13:17:45.0261 5460 Actual detected object count: 2
13:17:54.0554 5460 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:17:54.0554 5460 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:17:54.0554 5460 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
13:17:54.0554 5460 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip Dont skip but kill. That is why TDSSKiller for..... to kill them.
Run it again and kill.
If there are more issues even after killing, let us know. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Self Assembled
OS Windows 7 Home Premium 64 Bit SP 1
CPU Intel Core i3 2120 @ 3.30GHz
Motherboard Gigabyte Technology Co., Ltd. H61M-DS2 DVI
Memory Corsair 2GB x2 (Single-Channel DDR3 @ 665MHz)
Graphics Card 2047MB GeForce GTS 450 (ZOTAC International)
Sound Card Onboard (Realtek High Definition Audio)
Monitor(s) Displays LG Flatron E2040T
Screen Resolution 1600x900
Keyboard Logitech MK220
Mouse Logitech MK220
PSU uMAX 750 watt.
Case iBall
Cooling Air/ Fans
Hard Drives Western Digital 1 TB
Seagate 500 GB
Internet Speed BSNL Broadband
Antivirus Microsoft Security Essentials
Browser Waterfox
Other Info Dell Studio 15" Laptop
|
09 Mar 2013
|
| |
Microsoft Windows 7 Home Premium 64-bit SP1 420 posts Toronto, ON, Canada |
Thanks, but never mind. The 2 files are perfectly fine, but just unsigned. VirusTotal scanned them and there were negative.
I now need BSOD help  | | My System Specs | | Computer type Laptop
System Manufacturer/Model Number Hewlett-Packard Pavilion g6-1A44CA Notebook PC
OS Microsoft Windows 7 Home Premium 64-bit SP1
CPU AMD Phenom(tm) II P960 Quad-Core Processor
Motherboard Hewlett-Packard 1697
Memory 4GB DIMM 1066Mhz Micron Technology, 2GB DIMM 1066Mhz Ramaxel
Graphics Card AMD M880G with ATI Mobility Radeon HD 4250
Sound Card AMD HDMI Output
Monitor(s) Displays Philips 40PFL4707/F7 40" LED TV
Screen Resolution 1680x1050
Keyboard Dell SK-8115
Mouse Logitech M325, Synaptics TouchPad
Hard Drives Hitachi HTS547575A9E384 SATA Disk Device (698.64GB)
Internet Speed Rogers Express (25Mbps Down, 2Mbps Up)
Other Info Optical Drive: HP CDDVDW TS-L633R
Network Interfaces: Realtek PCIe FE Family Controller, Ralink RT5390 802.11b/g/n WiFi Adapter
BIOS: Default System BIOS
|
09 Mar 2013
|
| |
Microsoft Windows 7 Home Premium 64-bit SP1 420 posts Toronto, ON, Canada |
Just did 3 scans in avast!: a rootkit scan, an autorun scan, and a memory scan. All 3 came back clean. | | My System Specs | | Computer type Laptop
System Manufacturer/Model Number Hewlett-Packard Pavilion g6-1A44CA Notebook PC
OS Microsoft Windows 7 Home Premium 64-bit SP1
CPU AMD Phenom(tm) II P960 Quad-Core Processor
Motherboard Hewlett-Packard 1697
Memory 4GB DIMM 1066Mhz Micron Technology, 2GB DIMM 1066Mhz Ramaxel
Graphics Card AMD M880G with ATI Mobility Radeon HD 4250
Sound Card AMD HDMI Output
Monitor(s) Displays Philips 40PFL4707/F7 40" LED TV
Screen Resolution 1680x1050
Keyboard Dell SK-8115
Mouse Logitech M325, Synaptics TouchPad
Hard Drives Hitachi HTS547575A9E384 SATA Disk Device (698.64GB)
Internet Speed Rogers Express (25Mbps Down, 2Mbps Up)
Other Info Optical Drive: HP CDDVDW TS-L633R
Network Interfaces: Realtek PCIe FE Family Controller, Ralink RT5390 802.11b/g/n WiFi Adapter
BIOS: Default System BIOS
|
09 Mar 2013
|
| |
Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit 4,181 posts |
| | My System Specs | | System Manufacturer/Model Number Custom Built
OS Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
CPU Intel Core i7 CPU 950 @ 3.07GHz
Motherboard ASUS P6T DELUXE V2
Memory OCZ 6GB (3 x 2GB) 240-Pin DDR3 SDRAM DDR3 1600 OCZ3X1600R2
Graphics Card ATI Radeon HD 5700 Series
Sound Card OnBoard
Keyboard Microsoft Wireless Laser Keyboard 7000
Mouse Microsoft Wireless Laser Mouse 7000
PSU CORSAIR 850w
Case NZXT LEXA
Cooling Intel Stock Heatsink Fan
Hard Drives WD6400AACS-00M3B0 (640GB SATA )
|
09 Mar 2013
|
| |
Microsoft Windows 7 Home Premium 64-bit SP1 420 posts Toronto, ON, Canada |
I believe that I have done a Malwarebytes scan pretty recently, but I will do another one | | My System Specs | | Computer type Laptop
System Manufacturer/Model Number Hewlett-Packard Pavilion g6-1A44CA Notebook PC
OS Microsoft Windows 7 Home Premium 64-bit SP1
CPU AMD Phenom(tm) II P960 Quad-Core Processor
Motherboard Hewlett-Packard 1697
Memory 4GB DIMM 1066Mhz Micron Technology, 2GB DIMM 1066Mhz Ramaxel
Graphics Card AMD M880G with ATI Mobility Radeon HD 4250
Sound Card AMD HDMI Output
Monitor(s) Displays Philips 40PFL4707/F7 40" LED TV
Screen Resolution 1680x1050
Keyboard Dell SK-8115
Mouse Logitech M325, Synaptics TouchPad
Hard Drives Hitachi HTS547575A9E384 SATA Disk Device (698.64GB)
Internet Speed Rogers Express (25Mbps Down, 2Mbps Up)
Other Info Optical Drive: HP CDDVDW TS-L633R
Network Interfaces: Realtek PCIe FE Family Controller, Ralink RT5390 802.11b/g/n WiFi Adapter
BIOS: Default System BIOS
|
09 Mar 2013
|
| |
Microsoft Windows 7 Home Premium 64-bit SP1 420 posts Toronto, ON, Canada |
I just did a full scan and there was 1 infected file. However, it was a false-positive. | | My System Specs | | Computer type Laptop
System Manufacturer/Model Number Hewlett-Packard Pavilion g6-1A44CA Notebook PC
OS Microsoft Windows 7 Home Premium 64-bit SP1
CPU AMD Phenom(tm) II P960 Quad-Core Processor
Motherboard Hewlett-Packard 1697
Memory 4GB DIMM 1066Mhz Micron Technology, 2GB DIMM 1066Mhz Ramaxel
Graphics Card AMD M880G with ATI Mobility Radeon HD 4250
Sound Card AMD HDMI Output
Monitor(s) Displays Philips 40PFL4707/F7 40" LED TV
Screen Resolution 1680x1050
Keyboard Dell SK-8115
Mouse Logitech M325, Synaptics TouchPad
Hard Drives Hitachi HTS547575A9E384 SATA Disk Device (698.64GB)
Internet Speed Rogers Express (25Mbps Down, 2Mbps Up)
Other Info Optical Drive: HP CDDVDW TS-L633R
Network Interfaces: Realtek PCIe FE Family Controller, Ralink RT5390 802.11b/g/n WiFi Adapter
BIOS: Default System BIOS
|
10 Mar 2013
|
| |
Windows 7 Home Premium 64 Bit SP 1 21,457 posts |
Your crash dumps are not showing any finite probable cause. In such a situation, it is better to enable Driver Verifier to monitor the drivers. Driver Verifier - Enable and Disable
Run Driver Verifier for 24 hours or the occurrence of the next crash, whichever is earlier.  Information Why Driver Verifier:
It puts a stress on the drivers, ans so it makes the unstable drivers crash. Hopefully the driver that crashes is recorded in the memory dump.
How Can we know that DV is enabled:
It will make the system bit of slow, laggy.  Warning Before enabling DV, make it sure that you have earlier System restore points made in your computer. You can check it easily by using CCleaner looking at Tools > System Restore.
If there is no points, make a System Restore Point manually before enabling DV.  Tip Test your RAM modules for possible errors. How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight.
Let us know the results, with the subsequent crash dumps, if any. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Self Assembled
OS Windows 7 Home Premium 64 Bit SP 1
CPU Intel Core i3 2120 @ 3.30GHz
Motherboard Gigabyte Technology Co., Ltd. H61M-DS2 DVI
Memory Corsair 2GB x2 (Single-Channel DDR3 @ 665MHz)
Graphics Card 2047MB GeForce GTS 450 (ZOTAC International)
Sound Card Onboard (Realtek High Definition Audio)
Monitor(s) Displays LG Flatron E2040T
Screen Resolution 1600x900
Keyboard Logitech MK220
Mouse Logitech MK220
PSU uMAX 750 watt.
Case iBall
Cooling Air/ Fans
Hard Drives Western Digital 1 TB
Seagate 500 GB
Internet Speed BSNL Broadband
Antivirus Microsoft Security Essentials
Browser Waterfox
Other Info Dell Studio 15" Laptop
|
10 Mar 2013
|
| |
Microsoft Windows 7 Home Premium 64-bit SP1 420 posts Toronto, ON, Canada |
Just BSOD'd right after restart for Driver Verifier  The driver is amd_sata.sys.
I tried updating my drivers, but all my AMD drivers are up to date.
I'll try uninstalling the SATA driver now.
EDIT: I can't uninstall the SATA driver. IDK what to do now :P | | My System Specs | | Computer type Laptop
System Manufacturer/Model Number Hewlett-Packard Pavilion g6-1A44CA Notebook PC
OS Microsoft Windows 7 Home Premium 64-bit SP1
CPU AMD Phenom(tm) II P960 Quad-Core Processor
Motherboard Hewlett-Packard 1697
Memory 4GB DIMM 1066Mhz Micron Technology, 2GB DIMM 1066Mhz Ramaxel
Graphics Card AMD M880G with ATI Mobility Radeon HD 4250
Sound Card AMD HDMI Output
Monitor(s) Displays Philips 40PFL4707/F7 40" LED TV
Screen Resolution 1680x1050
Keyboard Dell SK-8115
Mouse Logitech M325, Synaptics TouchPad
Hard Drives Hitachi HTS547575A9E384 SATA Disk Device (698.64GB)
Internet Speed Rogers Express (25Mbps Down, 2Mbps Up)
Other Info Optical Drive: HP CDDVDW TS-L633R
Network Interfaces: Realtek PCIe FE Family Controller, Ralink RT5390 802.11b/g/n WiFi Adapter
BIOS: Default System BIOS
|
10 Mar 2013
|
| |
Windows 7 Home Premium 64 Bit SP 1 21,457 posts |
It is Paragon Image Mounter (UIM) Plugin driver. Code: *******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C4, {e1, fffff98001508f9c, 0, 0}
*** WARNING: Unable to verify timestamp for uim_vimx64.sys
*** ERROR: Module load completed but symbols could not be loaded for uim_vimx64.sys
Probably caused by : uim_vimx64.sys ( uim_vimx64+1827e )
Followup: MachineOwner
--------- Description here: Driver Reference Table - uim_vimx64.sys
I have seen a good number of issues caused by it .... Better you uninstall it.
Do you say that you have not installed Paragon? By any chance? | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Self Assembled
OS Windows 7 Home Premium 64 Bit SP 1
CPU Intel Core i3 2120 @ 3.30GHz
Motherboard Gigabyte Technology Co., Ltd. H61M-DS2 DVI
Memory Corsair 2GB x2 (Single-Channel DDR3 @ 665MHz)
Graphics Card 2047MB GeForce GTS 450 (ZOTAC International)
Sound Card Onboard (Realtek High Definition Audio)
Monitor(s) Displays LG Flatron E2040T
Screen Resolution 1600x900
Keyboard Logitech MK220
Mouse Logitech MK220
PSU uMAX 750 watt.
Case iBall
Cooling Air/ Fans
Hard Drives Western Digital 1 TB
Seagate 500 GB
Internet Speed BSNL Broadband
Antivirus Microsoft Security Essentials
Browser Waterfox
Other Info Dell Studio 15" Laptop
Random BSOD, Malware Suspected problems? All times are GMT -5. The time now is 05:25 PM. |  |
Malwarebytes : Malwarebytes Anti-Malware removes malware including viruses, spyware, worms and trojans, plus it protects your computer
Note
Suspected Malware 
