New
#1
BSOD after virus infection and removal
Yesterday I had a virus infection on my computer, which brought up a fake "Anti virus Protection" tool. I've had these in the past, and I usually just restore from my Acronis True Image backup, which is scheduled to run each day and backup my entire C drive.
The problem this time is that even after restoring (tried yesterday's backup, and the day before's backup), as soon as I boot I get google redirects, and then eventually BSOD.
My question is - how is the virus persisting even after the restore ? Is it able to stay in memory, or is it present on one of my other hard drives (which are not touched by the restore) ? And if the BSODs are due to corrupt system files or drivers, surely the restore should have recovered those - so I presume they are getting reinfected.
I've since tried running rkill.com and then MalwareBytes, whilst in safe mode, and it removed a number of infections from the computer. But Im still getting a BSOD a minute after booting normally into windows (safe mode is fine). The error is IRQ_NOT_LESS_OR_EQUAL and using BlueScreenView shows:
==================================================
Dump File : 082511-39249-01.dmp
Crash Time : 25/08/2011 08:47:14
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 00000070`000000dc
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff800`02eb2045
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70740
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\tmp\082511-39249-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 274,200
==================================================