Random BSOD, Malware Suspected

Page 1 of 3 123 LastLast

  1. Posts : 418
    N/A
       #1

    Random BSOD, Malware Suspected


    Hello,
    I just had a BSOD. Everything was working fine for a few hours, then *blam*. I suspect malicious software for some reason, so can anybody help me try to find the reason? Just did an SFC scan, it's clean.
    Thanks!
    P.S. Look at my recent post HERE
      My Computer


  2. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #2

    From your TDSSKiller log ....
    Code:
    13:17:45.0261 5460  Detected object count: 2
    13:17:45.0261 5460  Actual detected object count: 2
    13:17:54.0554 5460  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
    13:17:54.0554 5460  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
    13:17:54.0554 5460  IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
    13:17:54.0554 5460  IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
    Dont skip but kill. That is why TDSSKiller for..... to kill them.

    Run it again and kill.

    If there are more issues even after killing, let us know.
      My Computer


  3. Posts : 418
    N/A
    Thread Starter
       #3

    Thanks, but never mind. The 2 files are perfectly fine, but just unsigned. VirusTotal scanned them and there were negative.

    I now need BSOD help :)
      My Computer


  4. Posts : 418
    N/A
    Thread Starter
       #4

    Just did 3 scans in avast!: a rootkit scan, an autorun scan, and a memory scan. All 3 came back clean.
      My Computer


  5. Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       #5

    Might want to scan with Malwarebytes

    Malwarebytes : Malwarebytes Anti-Malware removes malware including viruses, spyware, worms and trojans, plus it protects your computer

       Note
    Choose free version . When you're installing don't start the trial
      My Computer


  6. Posts : 418
    N/A
    Thread Starter
       #6

    I believe that I have done a Malwarebytes scan pretty recently, but I will do another one
    :)
      My Computer


  7. Posts : 418
    N/A
    Thread Starter
       #7

    I just did a full scan and there was 1 infected file. However, it was a false-positive.
      My Computer


  8. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #8

    Your crash dumps are not showing any finite probable cause. In such a situation, it is better to enable Driver Verifier to monitor the drivers.
    Driver Verifier - Enable and Disable
    Run Driver Verifier for 24 hours or the occurrence of the next crash, whichever is earlier.

       Information
    Why Driver Verifier:
    It puts a stress on the drivers, ans so it makes the unstable drivers crash. Hopefully the driver that crashes is recorded in the memory dump.

    How Can we know that DV is enabled:
    It will make the system bit of slow, laggy.

       Warning
    Before enabling DV, make it sure that you have earlier System restore points made in your computer. You can check it easily by using CCleaner looking at Tools > System Restore.

    If there is no points, make a System Restore Point manually before enabling DV.

       Tip



    Test your RAM modules for possible errors.
    How to Test and Diagnose RAM Issues with Memtest86+
    Run memtest for at least 8 passes, preferably overnight.

    Let us know the results, with the subsequent crash dumps, if any.
      My Computer


  9. Posts : 418
    N/A
    Thread Starter
       #9

    Just BSOD'd right after restart for Driver Verifier The driver is amd_sata.sys.
    I tried updating my drivers, but all my AMD drivers are up to date.
    I'll try uninstalling the SATA driver now.
    EDIT: I can't uninstall the SATA driver. IDK what to do now :P
      My Computer


  10. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       #10

    It is Paragon Image Mounter (UIM) Plugin driver.
    Code:
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck C4, {e1, fffff98001508f9c, 0, 0}
    
    *** WARNING: Unable to verify timestamp for uim_vimx64.sys
    *** ERROR: Module load completed but symbols could not be loaded for uim_vimx64.sys
    Probably caused by : uim_vimx64.sys ( uim_vimx64+1827e )
    
    Followup: MachineOwner
    ---------
    Description here: Driver Reference Table - uim_vimx64.sys

    I have seen a good number of issues caused by it .... Better you uninstall it.
    Do you say that you have not installed Paragon? By any chance?
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:45.
Find Us