New
#31
Thanks, Corrine; I appreciate the input. That is what I was hoping for.
Ah, i must have gotten it off that then, also i did not know that Corrine thanks for the info
all appears to be well so far... had a few issues with windows installer closing everytime i tried to install something but a restarts fixed that. i have'nt had anymore BSODS so i assume it was either down to my ram slots, or that Trojan i got. can trojan.agent.ck's do that? also my fans in my computer seem to have went alot quieter they where really noisy before
Hi, ratchetclan4.
Indeed, the results of a malware infection can cause BSOD's.
haven't had one for two days and now its reoccured
On Thu 13/01/2011 20:14:08 GMT your computer crashed
crash dump file: C:\Windows\Minidump\011311-26364-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x71F00)
Bugcheck code: 0x3B (0xC0000005, 0xFFFFF800018C2139, 0xFFFFF8800BD24020, 0x0)
Error: SYSTEM_SERVICE_EXCEPTION
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.
On Thu 13/01/2011 20:14:08 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: dxgkrnl.sys (dxgkrnl!g_TdrForceTimeout+0x12D04)
Bugcheck code: 0x3B (0xC0000005, 0xFFFFF800018C2139, 0xFFFFF8800BD24020, 0x0)
Error: SYSTEM_SERVICE_EXCEPTION
file path: C:\Windows\system32\drivers\dxgkrnl.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: DirectX Graphics Kernel
Bug check description: This indicates that an exception happened while executing a routine that transitions from non-privileged code to privileged code.
Your dump blames dxgkrnl.sys, Windows system Direct X driver, for the crash. Usually when I find bugcheck 3B blaming Direct X, I find a third party firewall and/or a third party antivirus or outdated video, sound LAN wireless or Ethernet drivers. In this case, I see very outdated driver. I can't say this driver is the cause; but I can say it is not contributing to the stability of your system. Update this driver.If you cannot update it and if you do not use Ethernet, rename the driver from .sys to .old. Reboot and the driver will not load.nvm62x64.sys Fri Oct 17 17:01:06 2008 - nVidia Ethernet Networking Driver (nForce chipset driver). Drivers - Download NVIDIA Drivers.
Do you have any type of third party security program such a gaming security program, a keylogger protection program, a wi-fi or horspot protection program? I ask for two reasons: (1) the nature of your dump and (2) I see a driver, erqnxkdo.sys, that I cannot account for. It is shown as an unloaded module which means it was involved in the crash. I cannot find where this driver loads from on your system nor can I find it's date. This is indicative of some security programs, Daemon Tools - which produce one time drivers - and malware.
Code:Windows 7 Kernel Version 7600 MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7600.16385.amd64fre.win7_rtm.090713-1255 Machine Name: Kernel base = 0xfffff800`01849000 PsLoadedModuleList = 0xfffff800`01a86e50 Debug session time: Thu Jan 13 15:14:08.454 2011 (GMT-5) System Uptime: 0 days 1:11:38.578 Loading Kernel Symbols ............................................................... ................................................................ ..................... Loading User Symbols Loading unloaded module list ...... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 3B, {c0000005, fffff800018c2139, fffff8800bd24020, 0} Probably caused by : dxgkrnl.sys ( dxgkrnl!DxgkWaitForVerticalBlankEvent+548 ) Followup: MachineOwner --------- 2: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_SERVICE_EXCEPTION (3b) An exception happened while executing a system service routine. Arguments: Arg1: 00000000c0000005, Exception code that caused the bugcheck Arg2: fffff800018c2139, Address of the exception record for the exception that caused the bugcheck Arg3: fffff8800bd24020, Address of the context record for the exception that caused the bugcheck Arg4: 0000000000000000, zero. Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. FAULTING_IP: nt!KiCommitThreadWait+2b9 fffff800`018c2139 48894808 mov qword ptr [rax+8],rcx CONTEXT: fffff8800bd24020 -- (.cxr 0xfffff8800bd24020) rax=ffeff88001e5f1a8 rbx=fffff88001e5f1a0 rcx=fffffa8004885140 rdx=00000000000007ff rsi=fffffa8003e31c20 rdi=0000000000000000 rip=fffff800018c2139 rsp=fffff8800bd24a00 rbp=0000000000000000 r8=fffff80001849000 r9=0000000000000000 r10=fffffffffffffffb r11=0000000000000246 r12=0000000000000000 r13=0000000000000000 r14=fffff88001e5e380 r15=0000000000000061 iopl=0 nv up ei pl nz na pe nc cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010202 nt!KiCommitThreadWait+0x2b9: fffff800`018c2139 48894808 mov qword ptr [rax+8],rcx ds:002b:ffeff880`01e5f1b0=???????????????? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x3B PROCESS_NAME: dwm.exe CURRENT_IRQL: 2 LAST_CONTROL_TRANSFER: from fffff800018c41af to fffff800018c2139 STACK_TEXT: fffff880`0bd24a00 fffff800`018c41af : 00000000`00000000 80000000`00000001 00000000`00000061 80000000`00000001 : nt!KiCommitThreadWait+0x2b9 fffff880`0bd24a90 fffff880`0448f5bc : fffffa80`03e31b00 fffffa80`00000006 fffff880`0bd24c00 fffffa80`06cb4000 : nt!KeWaitForSingleObject+0x19f fffff880`0bd24b30 fffff960`0018ba26 : 00000000`00000000 fffff880`0bd24c28 000007fe`00000000 00000000`000007ea : dxgkrnl!DxgkWaitForVerticalBlankEvent+0x548 fffff880`0bd24bf0 fffff800`018ba153 : fffffa80`03e31b60 fffffa80`03e30320 fffffa80`00000000 fffffa80`03e30320 : win32k!NtGdiDdDDIWaitForVerticalBlankEvent+0x12 fffff880`0bd24c20 000007fe`fe00138a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`038cf6e8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7fe`fe00138a FOLLOWUP_IP: dxgkrnl!DxgkWaitForVerticalBlankEvent+548 fffff880`0448f5bc f0838628130000ff lock add dword ptr [rsi+1328h],0FFFFFFFFh SYMBOL_STACK_INDEX: 2 SYMBOL_NAME: dxgkrnl!DxgkWaitForVerticalBlankEvent+548 FOLLOWUP_NAME: MachineOwner MODULE_NAME: dxgkrnl IMAGE_NAME: dxgkrnl.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc590 STACK_COMMAND: .cxr 0xfffff8800bd24020 ; kb FAILURE_BUCKET_ID: X64_0x3B_dxgkrnl!DxgkWaitForVerticalBlankEvent+548 BUCKET_ID: X64_0x3B_dxgkrnl!DxgkWaitForVerticalBlankEvent+548 Followup: MachineOwner --------- 2: kd> lmtsmn start end module name fffff880`00f92000 fffff880`00fe9000 ACPI ACPI.sys Mon Jul 13 19:19:34 2009 (4A5BC106) fffff880`03032000 fffff880`030bc000 afd afd.sys Mon Jul 13 19:21:40 2009 (4A5BC184) fffff880`045a7000 fffff880`045bd000 AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0) fffff880`033c5000 fffff880`033da000 amdppm amdppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD) fffff880`0113f000 fffff880`0114a000 amdxata amdxata.sys Tue May 19 13:56:59 2009 (4A12F2EB) fffff880`00d98000 fffff880`00da1000 atapi atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113) fffff880`00da1000 fffff880`00dcb000 ataport ataport.SYS Mon Jul 13 19:19:52 2009 (4A5BC118) fffff880`015e2000 fffff880`015e9000 Beep Beep.SYS Mon Jul 13 20:00:13 2009 (4A5BCA8D) fffff880`0338e000 fffff880`0339f000 blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF) fffff880`0854c000 fffff880`0856a000 bowser bowser.sys Mon Jul 13 19:23:50 2009 (4A5BC206) fffff960`00600000 fffff960`00627000 cdd cdd.dll Mon Jul 13 21:25:40 2009 (4A5BDE94) fffff880`01200000 fffff880`0122a000 cdrom cdrom.sys Mon Jul 13 19:19:54 2009 (4A5BC11A) fffff880`00cbe000 fffff880`00d7e000 CI CI.dll Mon Jul 13 21:32:13 2009 (4A5BE01D) fffff880`01450000 fffff880`01480000 CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E) fffff880`00c60000 fffff880`00cbe000 CLFS CLFS.SYS Mon Jul 13 19:19:57 2009 (4A5BC11D) fffff880`014c5000 fffff880`01538000 cng cng.sys Mon Jul 13 19:49:40 2009 (4A5BC814) fffff880`04597000 fffff880`045a7000 CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1) fffff880`084e2000 fffff880`084f0000 crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD) fffff880`032ed000 fffff880`03370000 csc csc.sys Mon Jul 13 19:24:26 2009 (4A5BC22A) fffff880`03370000 fffff880`0338e000 dfsc dfsc.sys Mon Jul 13 19:23:44 2009 (4A5BC200) fffff880`0300b000 fffff880`0301a000 discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E) fffff880`0143a000 fffff880`01450000 disk disk.sys Mon Jul 13 19:19:57 2009 (4A5BC11D) fffff880`0493a000 fffff880`0495c000 drmk drmk.sys Mon Jul 13 21:01:25 2009 (4A5BD8E5) fffff880`084f0000 fffff880`084fa000 dump_diskdump dump_diskdump.sys Mon Jul 13 20:01:00 2009 (4A5BCABC) fffff880`08539000 fffff880`0854c000 dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F) fffff880`084fa000 fffff880`08539000 dump_nvstor64 dump_nvstor64.sys Tue Aug 04 20:31:07 2009 (4A78D2CB) fffff880`04962000 fffff880`0496e000 Dxapi Dxapi.sys Mon Jul 13 19:38:28 2009 (4A5BC574) fffff880`0445d000 fffff880`04551000 dxgkrnl dxgkrnl.sys Mon Jul 13 19:38:56 2009 (4A5BC590) fffff880`04551000 fffff880`04597000 dxgmms1 dxgmms1.sys Mon Jul 13 19:38:32 2009 (4A5BC578) fffff880`01196000 fffff880`011aa000 fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481) fffff880`0114a000 fffff880`01196000 fltmgr fltmgr.sys Mon Jul 13 19:19:59 2009 (4A5BC11F) fffff880`01549000 fffff880`01553000 Fs_Rec Fs_Rec.sys Mon Jul 13 19:19:45 2009 (4A5BC111) fffff880`01400000 fffff880`0143a000 fvevol fvevol.sys Mon Jul 13 19:22:15 2009 (4A5BC1A7) fffff880`0168b000 fffff880`016d5000 fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164) fffff800`01800000 fffff800`01849000 hal hal.dll Mon Jul 13 21:27:36 2009 (4A5BDF08) fffff880`034bb000 fffff880`034df000 HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5) fffff880`048a1000 fffff880`048fd000 HdAudio HdAudio.sys Mon Jul 13 20:06:59 2009 (4A5BCC23) fffff880`0499b000 fffff880`049b4000 HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD) fffff880`049b4000 fffff880`049bc080 HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9) fffff880`0498d000 fffff880`0499b000 hidusb hidusb.sys Mon Jul 13 20:06:22 2009 (4A5BCBFE) fffff880`015d9000 fffff880`015e2000 hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA) fffff880`045ed000 fffff880`045fc000 kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116) fffff880`049bd000 fffff880`049cb000 kbdhid kbdhid.sys Mon Jul 13 20:00:20 2009 (4A5BCA94) fffff800`01764000 fffff800`0176e000 kdcom kdcom.dll Mon Jul 13 21:31:07 2009 (4A5BDFDB) fffff880`0356c000 fffff880`035af000 ks ks.sys Mon Jul 13 20:00:31 2009 (4A5BCA9F) fffff880`013e0000 fffff880`013fa000 ksecdd ksecdd.sys Mon Jul 13 19:20:54 2009 (4A5BC156) fffff880`01660000 fffff880`0168b000 ksecpkg ksecpkg.sys Mon Jul 13 19:50:34 2009 (4A5BC84A) fffff880`0495c000 fffff880`04961200 ksthunk ksthunk.sys Mon Jul 13 20:00:19 2009 (4A5BCA93) fffff880`04823000 fffff880`04838000 lltdio lltdio.sys Mon Jul 13 20:08:50 2009 (4A5BCC92) fffff880`04800000 fffff880`04823000 luafv luafv.sys Mon Jul 13 19:26:13 2009 (4A5BC295) fffff880`00c3f000 fffff880`00c4c000 mcupdate_AuthenticAMD mcupdate_AuthenticAMD.dll Mon Jul 13 21:29:09 2009 (4A5BDF65) fffff880`049cb000 fffff880`049d9000 monitor monitor.sys Mon Jul 13 19:38:52 2009 (4A5BC58C) fffff880`0355d000 fffff880`0356c000 mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116) fffff880`049d9000 fffff880`049e6000 mouhid mouhid.sys Mon Jul 13 20:00:20 2009 (4A5BCA94) fffff880`00d7e000 fffff880`00d98000 mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A) fffff880`011aa000 fffff880`011db000 MpFilter MpFilter.sys Tue Sep 14 20:19:28 2010 (4C901110) fffff880`08d81000 fffff880`08d91000 MpNWMon MpNWMon.sys Tue Sep 14 20:19:30 2010 (4C901112) fffff880`0856a000 fffff880`08582000 mpsdrv mpsdrv.sys Mon Jul 13 20:08:25 2009 (4A5BCC79) fffff880`08582000 fffff880`085ae000 mrxsmb mrxsmb.sys Mon Jul 13 19:23:59 2009 (4A5BC20F) fffff880`085ae000 fffff880`085fb000 mrxsmb10 mrxsmb10.sys Mon Jul 13 19:24:08 2009 (4A5BC218) fffff880`08400000 fffff880`08423000 mrxsmb20 mrxsmb20.sys Mon Jul 13 19:24:05 2009 (4A5BC215) fffff880`00c00000 fffff880`00c0b000 Msfs Msfs.SYS Mon Jul 13 19:19:47 2009 (4A5BC113) fffff880`00ff2000 fffff880`00ffc000 msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE) fffff880`01000000 fffff880`0105e000 msrpc msrpc.sys Mon Jul 13 19:21:32 2009 (4A5BC17C) fffff880`03000000 fffff880`0300b000 mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE) fffff880`017e9000 fffff880`017fb000 mup mup.sys Mon Jul 13 19:23:45 2009 (4A5BC201) fffff880`016e8000 fffff880`017da000 ndis ndis.sys Mon Jul 13 19:21:40 2009 (4A5BC184) fffff880`045e1000 fffff880`045ed000 ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8) fffff880`0488b000 fffff880`0489e000 ndisuio ndisuio.sys Mon Jul 13 20:09:25 2009 (4A5BCCB5) fffff880`04400000 fffff880`0442f000 ndiswan ndiswan.sys Mon Jul 13 20:10:11 2009 (4A5BCCE3) fffff880`035c1000 fffff880`035d6000 NDProxy NDProxy.SYS Mon Jul 13 20:10:05 2009 (4A5BCCDD) fffff880`03146000 fffff880`03155000 netbios netbios.sys Mon Jul 13 20:09:26 2009 (4A5BCCB6) fffff880`030bc000 fffff880`03101000 netbt netbt.sys Mon Jul 13 19:21:28 2009 (4A5BC178) fffff880`01600000 fffff880`01660000 NETIO NETIO.SYS Thu Apr 08 22:43:59 2010 (4BBE946F) fffff880`0343b000 fffff880`034ae000 netr6164 netr6164.sys Thu Oct 15 23:15:23 2009 (4AD7E54B) fffff880`08d91000 fffff880`08da6000 NisDrvWFP NisDrvWFP.sys Tue Sep 14 20:20:25 2010 (4C901149) fffff880`00c0b000 fffff880`00c1c000 Npfs Npfs.SYS Mon Jul 13 19:19:48 2009 (4A5BC114) fffff880`031f2000 fffff880`031fe000 nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E) fffff800`01849000 fffff800`01e26000 nt ntkrnlmp.exe Mon Jul 13 19:40:48 2009 (4A5BC600) fffff880`0123d000 fffff880`013e0000 Ntfs Ntfs.sys Mon Jul 13 19:20:47 2009 (4A5BC14F) fffff880`014bb000 fffff880`014c4000 Null Null.SYS Mon Jul 13 19:19:37 2009 (4A5BC109) fffff880`043fe000 fffff880`043ff180 nvBridge nvBridge.kmd Sat Oct 16 13:06:16 2010 (4CB9DB88) fffff880`03824000 fffff880`043fda80 nvlddmkm nvlddmkm.sys Sat Oct 16 13:12:46 2010 (4CB9DD0E) fffff880`034df000 fffff880`03542d80 nvm62x64 nvm62x64.sys Fri Oct 17 17:01:06 2008 (48F8FD12) fffff880`00dcb000 fffff880`00df6000 nvstor nvstor.sys Wed May 20 02:45:37 2009 (4A13A711) fffff880`01100000 fffff880`0113f000 nvstor64 nvstor64.sys Tue Aug 04 20:31:07 2009 (4A78D2CB) fffff880`04838000 fffff880`0488b000 nwifi nwifi.sys Mon Jul 13 20:07:23 2009 (4A5BCC3B) fffff880`0310a000 fffff880`03130000 pacer pacer.sys Mon Jul 13 20:09:41 2009 (4A5BCCC5) fffff880`033da000 fffff880`033f7000 parport parport.sys Mon Jul 13 20:00:40 2009 (4A5BCAA8) fffff880`00e40000 fffff880`00e55000 partmgr partmgr.sys Mon Jul 13 19:19:58 2009 (4A5BC11E) fffff880`00e00000 fffff880`00e33000 pci pci.sys Mon Jul 13 19:19:51 2009 (4A5BC117) fffff880`00ec6000 fffff880`00ecd000 pciide pciide.sys Mon Jul 13 19:19:49 2009 (4A5BC115) fffff880`00ecd000 fffff880`00edd000 PCIIDEX PCIIDEX.SYS Mon Jul 13 19:19:48 2009 (4A5BC114) fffff880`01538000 fffff880`01549000 pcw pcw.sys Mon Jul 13 19:19:27 2009 (4A5BC0FF) fffff880`088de000 fffff880`08984000 peauth peauth.sys Mon Jul 13 21:01:19 2009 (4A5BD8DF) fffff880`048fd000 fffff880`0493a000 portcls portcls.sys Mon Jul 13 20:06:27 2009 (4A5BCC03) fffff880`00c4c000 fffff880`00c60000 PSHED PSHED.dll Mon Jul 13 21:32:23 2009 (4A5BE027) fffff880`045bd000 fffff880`045e1000 rasl2tp rasl2tp.sys Mon Jul 13 20:10:11 2009 (4A5BCCE3) fffff880`0442f000 fffff880`0444a000 raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9) fffff880`03800000 fffff880`03821000 raspptp raspptp.sys Mon Jul 13 20:10:18 2009 (4A5BCCEA) fffff880`03543000 fffff880`0355d000 rassstp rassstp.sys Mon Jul 13 20:10:25 2009 (4A5BCCF1) fffff880`031a1000 fffff880`031f2000 rdbss rdbss.sys Mon Jul 13 19:24:09 2009 (4A5BC219) fffff880`0444a000 fffff880`04455000 rdpbus rdpbus.sys Mon Jul 13 20:17:46 2009 (4A5BCEAA) fffff880`015f7000 fffff880`01600000 RDPCDD RDPCDD.sys Mon Jul 13 20:16:34 2009 (4A5BCE62) fffff880`0122a000 fffff880`01233000 rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62) fffff880`01233000 fffff880`0123c000 rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63) fffff880`0159f000 fffff880`015d9000 rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A) fffff880`049e6000 fffff880`049fe000 rspndr rspndr.sys Mon Jul 13 20:08:50 2009 (4A5BCC92) fffff880`08984000 fffff880`0898f000 secdrv secdrv.SYS Wed Sep 13 09:18:38 2006 (4508052E) fffff880`03200000 fffff880`0320c000 serenum serenum.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1) fffff880`03155000 fffff880`03172000 serial serial.sys Mon Jul 13 20:00:40 2009 (4A5BCAA8) fffff880`017e2000 fffff880`017e9000 speedfan speedfan.sys Sun Sep 24 09:26:48 2006 (45168798) fffff880`017da000 fffff880`017e2000 spldr spldr.sys Mon May 11 12:56:27 2009 (4A0858BB) fffff880`08ce9000 fffff880`08d81000 srv srv.sys Mon Jul 13 19:25:11 2009 (4A5BC257) fffff880`08423000 fffff880`0848c000 srv2 srv2.sys Mon Jul 13 19:25:02 2009 (4A5BC24E) fffff880`0898f000 fffff880`089bc000 srvnet srvnet.sys Mon Jul 13 19:24:58 2009 (4A5BC24A) fffff880`0109e000 fffff880`01100000 storport storport.sys Mon Jul 13 20:01:18 2009 (4A5BCACE) fffff880`045fc000 fffff880`045fd480 swenum swenum.sys Mon Jul 13 20:00:18 2009 (4A5BCA92) fffff880`01800000 fffff880`019fd000 tcpip tcpip.sys Thu Apr 08 22:45:54 2010 (4BBE94E2) fffff880`08871000 fffff880`08883000 tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD) fffff880`03025000 fffff880`03032000 TDI TDI.SYS Mon Jul 13 19:21:18 2009 (4A5BC16E) fffff880`00c1c000 fffff880`00c3a000 tdx tdx.sys Mon Jul 13 19:21:15 2009 (4A5BC16B) fffff880`0318d000 fffff880`031a1000 termdd termdd.sys Mon Jul 13 20:16:36 2009 (4A5BCE64) fffff960`00480000 fffff960`0048a000 TSDDD TSDDD.dll unavailable (00000000) fffff880`0339f000 fffff880`033c5000 tunnel tunnel.sys Mon Jul 13 20:09:37 2009 (4A5BCCC1) fffff880`0848e000 fffff880`084e2000 udfs udfs.sys Mon Jul 13 19:23:37 2009 (4A5BC1F9) fffff880`035af000 fffff880`035c1000 umbus umbus.sys Mon Jul 13 20:06:56 2009 (4A5BCC20) fffff880`0496e000 fffff880`0498b000 usbccgp usbccgp.sys Mon Jul 13 20:06:45 2009 (4A5BCC15) fffff880`0498b000 fffff880`0498cf00 USBD USBD.SYS Mon Jul 13 20:06:23 2009 (4A5BCBFF) fffff880`0326d000 fffff880`0327e000 usbehci usbehci.sys Mon Jul 13 20:06:30 2009 (4A5BCC06) fffff880`0327e000 fffff880`032d8000 usbhub usbhub.sys Mon Jul 13 20:07:09 2009 (4A5BCC2D) fffff880`0320c000 fffff880`03217000 usbohci usbohci.sys Mon Jul 13 20:06:30 2009 (4A5BCC06) fffff880`03217000 fffff880`0326d000 USBPORT USBPORT.SYS Mon Jul 13 20:06:31 2009 (4A5BCC07) fffff880`00e33000 fffff880`00e40000 vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB) fffff880`015e9000 fffff880`015f7000 vga vga.sys Mon Jul 13 19:38:47 2009 (4A5BC587) fffff880`011db000 fffff880`01200000 VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B) fffff880`016d5000 fffff880`016e5000 vmstorfl vmstorfl.sys Mon Jul 13 19:42:54 2009 (4A5BC67E) fffff880`00e55000 fffff880`00e6a000 volmgr volmgr.sys Mon Jul 13 19:19:57 2009 (4A5BC11D) fffff880`00e6a000 fffff880`00ec6000 volmgrx volmgrx.sys Mon Jul 13 19:20:33 2009 (4A5BC141) fffff880`01553000 fffff880`0159f000 volsnap volsnap.sys Mon Jul 13 19:20:08 2009 (4A5BC128) fffff880`034ae000 fffff880`034bb000 vwifibus vwifibus.sys Mon Jul 13 20:07:21 2009 (4A5BCC39) fffff880`03130000 fffff880`03146000 vwififlt vwififlt.sys Mon Jul 13 20:07:22 2009 (4A5BCC3A) fffff880`03172000 fffff880`0318d000 wanarp wanarp.sys Mon Jul 13 20:10:21 2009 (4A5BCCED) fffff880`014ab000 fffff880`014bb000 watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F) fffff880`00edf000 fffff880`00f83000 Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F) fffff880`00f83000 fffff880`00f92000 WDFLDR WDFLDR.SYS Mon Jul 13 19:19:54 2009 (4A5BC11A) fffff880`03101000 fffff880`0310a000 wfplwf wfplwf.sys Mon Jul 13 20:09:26 2009 (4A5BCCB6) fffff960`00000000 fffff960`0030f000 win32k win32k.sys Mon Jul 13 19:40:16 2009 (4A5BC5E0) fffff880`00fe9000 fffff880`00ff2000 WMILIB WMILIB.SYS Mon Jul 13 19:19:51 2009 (4A5BC117) Unloaded modules: fffff880`08800000 fffff880`08871000 spsys.sys Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`01480000 fffff880`0148e000 crashdmp.sys Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`0148e000 fffff880`01498000 dump_storpor Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`0105e000 fffff880`0109d000 dump_nvstor6 Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`01498000 fffff880`014ab000 dump_dumpfve Timestamp: unavailable (00000000) Checksum: 00000000 fffff880`014ab000 fffff880`014bb000 erqnxkdo.sys Timestamp: unavailable (00000000) Checksum: 00000000
erqnxkdo.sys i did a search for and i cannot find on my system also i tried
the .old thing to the nvidia ethernet driver but somehow its made the driver again
i do not have any third party programs like that installed
below is what i see in add/remove programs
Code:UTorrent adobe air adobe flash player 10 activeX adobe flash player 10 plugin adobe reader X asio4all audacity 1.3.12 (unicode) Call of duty: Black ops conduit engine ea download manager ea download manager UI edimax rt6x wireless lan card fl studio 9 garrys mod guitar pro 5.0 hardcore - fl studio plugin hijackthis IL download manager Java 6 update 23 malware bytes anti malware medal of honor messenger plus! Live Microsoft .NET Framework 4 client profile Microsoft .NET Framework 4 Extended Microsoft games for windows - LIVE Microsoft games for windows - LIVE redistributable microsoft security essentials microsoft silverlight Microsoft Visual C++ 2005 redistribuatble Microsoft Visual C++ 2008 redistrubatble x86 9.0.30729.17 Microsoft Visual C++ 2005 redistrubatble x86 9.0.30729.4148 Mozilla Firefox (3.6.13) Nvidia 3d Vision Driver 260.99 Nvidia graphics driver 260.99 Nvidia physX system software 9.10.0514 Poizone - Fl studio plugin Punkbuster services rockstar games social club sawer - fl studio plugin skype toolbars skype 5.1 speedfan steam toxic biohazard - fl studio plugin utorrentbar toolbar whocrashed 3.01 windows live essentials 2011 winrar 4.00 beta 4 (64-bit)
Hmm, I don't see anything in your list that would suspect as owning that driver. However, I am not familiar with several of the items on your list. Did you run a deepscan with Malwarebytes? I certaily don't want that driver to be from a nasty lurking about on your system.
By deepscan im guessing you mean fullscan? yes i have done when i found that assassins creed trojan
but im doing another scan right now
Done
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5485
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
14/01/2011 21:27:53
mbam-log-2011-01-14 (21-27-48).txt
Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 375414
Time elapsed: 37 minute(s), 28 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)