Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Suspected Malware Causing BSOD

04 Jul 2013   #1
Icezed

Windows 7 Professional X64 SP1
 
 
Suspected Malware Causing BSOD

I'm posting this thread according to Arc's and cottonball's guide in my previous thread in BSOD section to provide reports from Farbar Recovery Scan Tool and Farbar service scanner. You can check the reports in the attached file.




Attached Files
File Type: txt FRST.txt (156.5 KB, 2 views)
File Type: txt Addition.txt (14.5 KB, 3 views)
File Type: txt FSS.txt (2.4 KB, 3 views)
My System SpecsSystem Spec
.
04 Jul 2013   #2
cottonball

Windows 7 Home Premium
 
 

Icezed,

My apology for the delay...did not see your post.

BugCheck Analysis is just not my thing, however, can see how an entry for ataport! leads one to look at atapi.sys Also, atapi.sys has been a common target of the TDSS TDL4 (Alureon) RootKit.

In this particular case, TDSSKiller, a prime candidate for finding the rootkit and resolving the bluescreen issue, detected nothing, as you mentioned, in both normal and safe mode.

The Farbar Recovery Scan Tool (FRST), another outstanding tool for detecting RootKits and hard to detect malware, did not identify anything pertinent to ataport or atapi.sys

We can run more tools, like GMER and Malwarebytes Anti-Malware, if you wish, but, personally, do not expect these additional tools to find entries related to ATA Port's interface.

The Additions.txt produced by FRST does show an entry under Faulty Device Manager Devices, as well as Event Log errors.

The use of sxstrace.exe is indicated, WinMgmt based entries are identified, and, interestingly enough, one of the Event Log errors is:
Error: (07/04/2013 00:46:55 AM) (Source: Microsoft Security Client Setup) (User: Icezed-PC)
Description: HRESULT:0x8004FF66
Description:Windows did not pass genuine validation....etc.

This is rather unusual for a new computer!

Also, not sure that pursuing all these issues is going to get us ahead...

Was this computer built by someone you paid to do so, or is it a brand name machine that came out of a box? If brand name, can it be restored to factory defaults?

Also see where Arc suggested to go for a Clean Reinstall - Factory OEM Windows 7




Will qualify these comments with the assertion that I am not an expert at anything. Just like bustin' malware.

If someone sees something else here, please jump in!
My System SpecsSystem Spec
05 Jul 2013   #3
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Icezed

Run a MGAdiag report and post the log inside this thread http://www.sevenforums.com/windows-updates-activation

Please download MGADiag and save it to your desktop.

Double click icon on your desktop.

Click on the button

Click on the button

Paste the log inside the box . Highlight all of the text then code wrap by pressing on the # icon on the top .
My System SpecsSystem Spec
.

Reply

 Suspected Malware Causing BSOD




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Suspected Malware or Virus
I am running Windows Premium 7 Home Edition and have the paid version of Kapersky installed and running. I have been trying to install Super Anti Spy to get an independent scan of my computer as I am having problems. Every time I try to download, I get the screen as shown in the attached. Can...
System Security
Suspected Video driver conflicts causing BSOD or hard crash
It doesn't always blue screen, some times during a video it freezes and the audio skips, or the screen will look as if my LCD was broken or pixelated while also frozen, or it will just go back and restart. When it does freeze i notice that my H-DISC light is lit up, not blinking but constant on....
BSOD Help and Support
Random BSOD, Malware Suspected
Hello, I just had a BSOD. Everything was working fine for a few hours, then *blam*. I suspect malicious software for some reason, so can anybody help me try to find the reason? Just did an SFC scan, it's clean. Thanks! P.S. Look at my recent post HERE
BSOD Help and Support
Suspected Malware
Hello, Recently, I have been suspicious that there is some malware on my computer. Today, I ran TDSSKiller, a rootkit detections software, and it came up with this log (attached). There are 2 suspicious items, but they are part of programs that I normally use. Is there anything that I should do?...
System Security
Suspected Malware from a divix download prompt through WMP
http://s29.photobucket.com/albums/c265/StinkyPink/?action=view&current=popup.jpg Ever since i went through with this download that i was prompted to do through Windows media player for DIVIX i get this extremely annoying popup that takes one of my displays and plays random videos from the web. ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:51.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App