BSOD during Nod32 scan Unknown Image

Page 1 of 2 12 LastLast

  1. Posts : 9
    Windows 7 Home Premium 64bit
       #1

    BSOD during Nod32 scan Unknown Image


    A few days ago my internet was shutting off. By shutting off I mean the network icon in windows showed a not connected icon. My router and cable modem still showed connection and activity. I ran Malwarebyte and Avast scans; Memory, Full, Boot-time. Nothing was found. The Root-kit scan for Avast would only scan my running processes found listed in Task Manager while on my Notebook the Root-kit scans the whole system. I thought something was fishy when I compared my two systems Avast scans. I posted at Avast about this with them telling me to run some scan programs they use if Avast fails; GMER and Combofix. None of these scans picked up anything except Combofix. It found a locked registry file and orphaned registry file which I was instructed to remove using a drop script. Everything seemed fine. I uninstalled Avast then installed Eset Nod32 trial in case Avast is malfunctioning or just unable to find a virus. Nod32 found 3 win32 toolbar virus in 3 folders within the the Windows folder, it cleaned these out. I then ran Sophos Anti-Rootkit scan due to Avast's own scan's issues as detailed above. Clean as well.


    Last night I did my weekly Virus and mal/spy ware scans. Just before Nod32 finished it's scan I went to the corner store and came back to a BSOD. I checked the dump file which listed ntoskrnl.exe and 0x109. Now Ive had issues with Nvidia GPU drivers for any driver newer than 306.97; TDRs twice (310.70) and gfx artifacts (310.90). At the time I was using 313.96 beta. I uninstalled and reverted back to 306.97. I ran mem test using 1 of my 2 ram dimms, this did 12 passes without errors. I plan to run the other one tonight while I sleep.


    Here is what is caught my eye and seems odd to me. This morning I loaded up the same dump file which still lists the same bug 0x109 but now lists Unknown Image instead of ntoskrnl.exe. I do not know how to read dump files. I just look up the error and file listed to give me an idea of what is wrong so I can run some basic tests. Maybe someone here can help me out with figuring out what is wrong.
      My Computer


  2. Posts : 9
    Windows 7 Home Premium 64bit
    Thread Starter
       #2

    Here is the SF dump zip as requested.
    Last edited by bogartbc; 09 Feb 2013 at 23:00.
      My Computer


  3. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #3

    Code:
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 109, {a3a039d8a57db850, b3b7465ef7fbf496, fffff88002f4d5c0, 2}
    
    Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )
    
    Followup: MachineOwner
    ---------
    According to Carrona.org, STOP 0x00000109: CRITICAL_STRUCTURE_CORRUPTION
    Usual causes:
    Device driver, Breakpoint set with no debugger attached, Hardware (Memory in particular)

    Your crash dumps are not showing any finite probable cause. In such a situation, it is better to enable Driver Verifier to monitor the drivers.
    Driver Verifier - Enable and Disable
    Run Driver Verifier for 24 hours or the occurrence of the next crash, whichever is earlier.

       Information
    Why Driver Verifier:
    It puts a stress on the drivers, ans so it makes the unstable drivers crash. Hopefully the driver that crashes is recorded in the memory dump.

    How Can we know that DV is enabled:
    It will make the system bit of slow, laggy.

       Warning
    Before enabling DV, make it sure that you have earlier System restore points made in your computer. You can check it easily by using CCleaner looking at Tools > System Restore.

    If there is no points, make a System Restore Point manually before enabling DV.

       Tip



    Test your RAM modules for possible errors.
    How to Test and Diagnose RAM Issues with Memtest86+
    Run memtest for at least 8 passes, preferably overnight.

    Let us know the results, with the subsequent crash dumps, if any.
      My Computer


  4. Posts : 9
    Windows 7 Home Premium 64bit
    Thread Starter
       #4

    I enabled Driver Verifier, the PC went to a BSOD within a few minutes. I ran Memtest before you asked as it is always the first thing suggested. I have done this test before when dealing with a GPU issue. I ran each dimm separately in the same slot 0. Both Dimms did over 8 passes, 12 and 14, without errors or the program freezing. Both were still running tests when I came back to the PC. Just glancing ast the dump shows it was my Nvidia driver. However you may see something which I do not so I won't get ahead of this process by attempting any fixes.
      My Computer


  5. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #5

    Code:
    fffff880`0a6066e8  fffff880`02fb4510Unable to load image ehdrv.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for ehdrv.sys
    *** ERROR: Module load completed but symbols could not be loaded for ehdrv.sys
     ehdrv+0x19510
    Description here: Driver Reference Table - ehdrv.sys

    Uninstall ESET/Nod32. Use Microsoft Security Essentials as your antivirus with windows inbuilt firewall, and free MBAM as the on demand scanner.
    Download, install and update those, and then run full system scans with both of them, one by one.

    Let us know the results.
      My Computer


  6. Posts : 9
    Windows 7 Home Premium 64bit
    Thread Starter
       #6

    Both Scan came up empyt, nothing was found.
      My Computer


  7. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #7

    Good news :)

    If there is any further BSODs, let us know.
      My Computer


  8. Posts : 9
    Windows 7 Home Premium 64bit
    Thread Starter
       #8

    I started getting a few BSoDs tonight. I was updating my router's firmware, restoring factory defaults and restoring my settings. I had a few issues reconnecting to the net and accessing my router. I tried restarting to see if it helped clear up my connection issues. The first restart I had two Bsods, Windows logs only recorded one. The first was bad pool header, the second was a memory management. The 3rd started logged fine. I fiddled around with the router some more and got access to the net. Avast Free updated and I restarted again to complete the update. Again I had two Bsod with only 1 being recorded, I missed the ifno for the 4th one, 3rd try windows loaded. I fixed my router issues and restored my settings from a backup and fixed my dns due to flushing it. I was curious so I restarted again but had no Bsod. Im not sure whats up with it only crashing when I had router/net issues and not when it was running fine.

    Here is the SF winrar, sorry my winzip trial ran out. I also attached a .tmp dump found in my main driver directory. The time stamp leads me to believe it is related to one of the Bsods.
      My Computer


  9. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #9

    Code:
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 50, {fffff8a000f7a1b8, 1, fffff88004136c4d, 0}
    
    *** WARNING: Unable to verify timestamp for aswSP.SYS
    *** ERROR: Module load completed but symbols could not be loaded for aswSP.SYS
    
    Could not read faulting driver name
    Probably caused by : aswSP.SYS ( aswSP+1dc4d )
    
    Followup: MachineOwner
    ---------
    Uninstall Avast using Avast Uninstall Utility. Use Microsoft Security Essentials as your antivirus with windows inbuilt firewall, and free MBAM as the on demand scanner.

    Download, install and update those, and then run full system scans with both of them, one by one.

    Let us know the results.
      My Computer


  10. Posts : 9
    Windows 7 Home Premium 64bit
    Thread Starter
       #10

    Whats with my luck and virus scanners hah. Did you check both dump logs dated March 11 or just one? Im curious if both bsods logs recorded avast as a problem
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:46.
Find Us