Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Blue screen of the death after virus desinfection

12 May 2011   #1
Murena

windows 7 édition familiale premium 32 bits
 
 
Blue screen of the death after virus desinfection

Hello,

yesterday my laptop get infected. I fought against the infection by running pograms such as ad-aware, spybot, malwarebyte and superantispyware multiple time. Finally after several hour, these programms were not finding any malware anymore but I still have a problem. When I switch on my computer, after about 5 minutes, it crashes except in safe mode. I had already 2 blue srceen running ad-aware then malwarebyte when I was infected but now it crashes all the time.

I have windows 7 32 bits. Originaly, it was windows vista but I upgraded it.

Thanks a lot for your help.


My System SpecsSystem Spec
.
12 May 2011   #2
yowanvista

Windows 10 Pro x64, Arch Linux
 
 

Run this tool in safemode with networking How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?
Remove Avast and use MSE
Code:
Unable to load image \SystemRoot\system32\DRIVERS\iaStor.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, 88e53b40, 907d8754, 0}

Unable to load image \SystemRoot\System32\Drivers\aswSnx.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for aswSnx.SYS
*** ERROR: Module load completed but symbols could not be loaded for aswSnx.SYS
Probably caused by : iaStor.sys ( iaStor+41b40 )

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 88e53b40, The address that the exception occurred at
Arg3: 907d8754, Trap Frame
Arg4: 00000000

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
iaStor+41b40
88e53b40 8b4704          mov     eax,dword ptr [edi+4]

TRAP_FRAME:  907d8754 -- (.trap 0xffffffff907d8754)
ErrCode = 00000000
eax=a4f9c720 ebx=00000000 ecx=0000000e edx=a4f9c6b0 esi=a4f9c6b0 edi=00000000
eip=88e53b40 esp=907d87c8 ebp=907d87d8 iopl=0         nv up ei ng nz na po cy
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010283
iaStor+0x41b40:
88e53b40 8b4704          mov     eax,dword ptr [edi+4] ds:0023:00000004=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x8E

PROCESS_NAME:  maconfservice.

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82e48593 to 88e53b40

STACK_TEXT:  
WARNING: Stack unwind information not available. Following frames may be wrong.
907d87d8 82e48593 86c74030 a4f9c720 854f5008 iaStor+0x41b40
907d87f0 88f4540f 907d889c b8dfc420 b8dfc444 nt!IofCallDriver+0x63
907d881c 8e71ebac 854f5008 8549aec8 1e0a2cf0 fltmgr!FltIsVolumeWritable+0x77
907d8880 88f3bbf5 000000a4 00000005 01000008 aswSnx+0x2bac
907d88b4 88f3c417 854ba890 00000005 188ea173 fltmgr!FltpDoInstanceSetupNotification+0x69
907d8900 88f3c7d1 86c3f118 854f5008 00000005 fltmgr!FltpInitInstance+0x25d
907d8970 88f3c8d7 86c3f118 854f5008 00000005 fltmgr!FltpCreateInstanceFromName+0x285
907d89dc 88f45cde 86c3f118 854f5008 00000005 fltmgr!FltpEnumerateRegistryInstances+0xf9
907d8a2c 88f3a7f4 854f5008 ae7cc320 8539cf80 fltmgr!FltpDoFilterNotificationForNewVolume+0xe0
907d8a70 82e48593 a9daac00 854f5008 8539cfdc fltmgr!FltpCreate+0x206
907d8a88 830582a9 b06f4d46 907d8c30 00000000 nt!IofCallDriver+0x63
907d8b60 83037ac5 86c74030 a52c16e0 a8364570 nt!IopParseDevice+0xed7
907d8bdc 83047ed6 00000000 907d8c30 00000040 nt!ObpLookupObjectName+0x4fa
907d8c38 8303e9b4 03f7f1bc 852c16e0 00000001 nt!ObOpenObjectByName+0x165
907d8cb4 83062218 03f7f218 c0100080 03f7f1bc nt!IopCreateFile+0x673
907d8d00 82e4f1ea 03f7f218 c0100080 03f7f1bc nt!NtCreateFile+0x34
907d8d00 774870b4 03f7f218 c0100080 03f7f1bc nt!KiFastCallEntry+0x12a
03f7f220 00000000 00000000 00000000 00000000 0x774870b4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
iaStor+41b40
88e53b40 8b4704          mov     eax,dword ptr [edi+4]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  iaStor+41b40

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: iaStor

IMAGE_NAME:  iaStor.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a287809

FAILURE_BUCKET_ID:  0x8E_iaStor+41b40

BUCKET_ID:  0x8E_iaStor+41b40

Followup: MachineOwner
---------
My System SpecsSystem Spec
12 May 2011   #3
Neoseer88

Windows 7 Ultimate 64 bit
 
 

I got this problem too a few days ago, my computer was also infected by a trojan and a virustool. Microsoft Security Essentials found it and removed it, after that Blue Screens all the time and malware popup in safe mode(with network), so I decided to get a clean install of Windows 7 now it's working again.

P.s. My brothers pc got infected too but with a different trojan. Installed Windows 7 on his pc too.

After some searching on the internet I came up on a website it was saying that my pc could be possibly infected by a rootkit.

Hope you'll solve your problem ASAP. Wish you the best luck in it!
My System SpecsSystem Spec
.

12 May 2011   #4
Murena

windows 7 édition familiale premium 32 bits
 
 

Thanks a lot for your help.

So I ran TDSSKiller and he found this: HardDisk0 (Rootkit.Win32.TDSS.tdl4).
He cured it and I reboot the computer. Since then, I haven't had any BSOD anymore. I uninstall avast, spybot and ad-aware and install MSE and performed a scan. According to MSE, there is no infection. Am I cured?

Also, I have an offer for one year of trend micro or 6 months of Mcaffee but I decided to keep Avast because I was satisfied with it. But, is one of this program better than MSE? My laptop is quite old, so, if the antivirus is light, it's better.

PS: thank you for your support Neoseer88.
My System SpecsSystem Spec
13 May 2011   #5
yowanvista

Windows 10 Pro x64, Arch Linux
 
 

Quote   Quote: Originally Posted by Murena View Post
Thanks a lot for your help.

So I ran TDSSKiller and he found this: HardDisk0 (Rootkit.Win32.TDSS.tdl4).
He cured it and I reboot the computer. Since then, I haven't had any BSOD anymore. I uninstall avast, spybot and ad-aware and install MSE and performed a scan. According to MSE, there is no infection. Am I cured?

Also, I have an offer for one year of trend micro or 6 months of Mcaffee but I decided to keep Avast because I was satisfied with it. But, is one of this program better than MSE? My laptop is quite old, so, if the antivirus is light, it's better.

PS: thank you for your support Neoseer88.
Yes your computer is now cured, keep MSE as it is enough for basic protection
My System SpecsSystem Spec
Reply

 Blue screen of the death after virus desinfection




Thread Tools




Similar help and support threads
Thread Forum
Blue screen of death virus
Started out that I could access programs temporarily before the computer would freeze and blue screen of death would appear. Now as soon as I try accessing any file folder the blue screen appears. I've run cmd prompt in safe mode to scan for viruses and have deleted a few thinking I have...
System Security
Geforce 7300 LE - Blue screen of death - Multiple lines down screen.
Today I booted my computer up to be promoted with a black screen, I gave it a good half an hour before forcing it to shutdown, to which when I booted it back up. Was then promoted with a blue screen about the video card not being able to lead, that happened twice. I then booted it into safe...
Graphic Cards
HELP - Virus = Blue screen of death
Hi, I desperately need help. My computer has a virus and as a Diploma Architecture student with only weeks to go until my final hand in, I am close to having a panic attack. I opened a file that I'd downloaded and it immediately crashed my laptop - I'd scanned the file with Microsoft Security...
System Security
Blue Screen of Death.
The details: I am running a 64 bit windows, OEM, just bought the system about a week ago, the OS is the same age, and I just reinstalled it 3 days ago for the second time. What happens is at least once to twice per day it gives me a BSOD that crashes the system so hard it reboots. Sometimes reboots...
BSOD Help and Support
Black Screen of Death/Blue Screen of Death
Hello everyone. I have a Toshiba Satellite L450D-13X computer for the kids, and for the price it's a good laptop. Have had no issues with it until two weeks ago when the screen froze for the boys whilst playing a game and downloading a program from the net. Had to do a force shutdown and since...
BSOD Help and Support
Help Blue Screen of Death
Hi - I'm new to the forum and was hoping if someone could help me with a problem I have. When I am using Itunes or Spotify, after a while I get a blue screen error. The pc freezes and then crashes. When I restart I get the following error: Problem signature: Problem Event Name: ...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 22:17.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App