Welcome :) .
I would start off by thoroughly scanning the machine, you have some unknown entries
in the loaded modules list.
Please scan for possible infection and file corruption.
(*Kaspersky Rescue CD from a USB thumbdrive)
The MSINFO32 file is corrupt, please upload a new instance.
Start> Run> Type MSINFO32 then hit [Enter].
In MSINFO32 go to, File> Save> name it your user-name.
Once the file is saved right click it and choose Sent to → Compressed (zipped) folder.
Attach the file in your next post.
Very outdated drivers, please update or remove:
Possible infection.
Code:
tmpD9CA.tmp Sat Jul 26 16:29:37 2008
fffff8800675c000 fffff88006777000 ________________________________________ ????????????????????????????????????????
fffff88002800000 fffff88002810000 __________ ??????????
fffff880029cf000 fffff880029fb000 4 4
fffff880`07b85000 fffff880`07b91000 Unknown_Module_fffff880_07b85000
Bugcheck:
Code:
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff800036e3731, Address of the instruction which caused the bugcheck
Arg3: fffff88009f160b0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Code:
STACK_TEXT:
fffff880`09f16a90 fffff800`036ce0d2 : nt!KiInsertTimerTable+0x171
fffff880`09f16af0 00fff800`036de392 : nt!KiCommitThreadWait+0x332
fffff880`09f16b80 00000000`05bcf72c : 0x00fff800`036de392
fffff880`09f16b88 00000000`000002d8 : 0x5bcf72c
fffff880`09f16b90 ff000000`000000a4 : 0x2d8
fffff880`09f16b98 00fff800`039d1f16 : 0xff000000`000000a4
fffff880`09f16ba0 ff000000`74462450 : 0x00fff800`039d1f16
fffff880`09f16ba8 00fff880`09f16c30 : 0xff000000`74462450
fffff880`09f16bb0 00000000`74462450 : 0x00fff880`09f16c30
fffff880`09f16bb8 00000000`059cf170 : 0x74462450
fffff880`09f16bc0 00000000`059cfd20 : 0x59cf170
fffff880`09f16bc8 00000000`7ef5f000 : 0x59cfd20
fffff880`09f16bd0 00000000`00000000 : 0x7ef5f000
Code:
THREAD fffffa80072b79f0 Cid 09f8.1240 Teb: 000000007ef5f000 Win32Thread: ff00000000000000 WAIT: (DelayExecution) UserMode Non-Alertable
We see a fair amount of activity comming from user-mode, which leads to a thread wait
(delay executaion).
Code:
fffff880`09f16ae8 fffff800`036ce0d2 nt!KiCommitThreadWait+0x332
fffff880`09f16be8 fffff800`039d0e9e nt!NtDelayExecution+0x59
Code:
!for_each_module s -a @#Base @#End "wait"
fffff800`03b882a6 77 61 69 74 69 6e 67 2c-20 63 6f 6d 6d 61 6e 64 waiting, command
fffff800`03c443fa 77 61 69 74 20 6f 70 65-72 61 74 69 6f 6e 2c 20 wait operation,
fffff880`00ef8630 77 61 69 74 69 6e 67 20-66 6f 72 20 63 6f 6e 74 waiting for cont
fffff880`00ef906f 77 61 69 74 69 6e 67 20-6f 6e 20 57 44 46 57 4f waiting on WDFWO
fffff880`00efa130 77 61 69 74 69 6e 67 20-66 6f 72 20 74 68 65 20 waiting for the
fffff880`00efa1d0 77 61 69 74 69 6e 67 20-66 6f 72 20 71 75 65 75 waiting for queu
fffff880`00efa200 77 61 69 74 69 6e 67 20-66 6f 72 20 71 75 65 75 waiting for queu
fffff880`00efa230 77 61 69 74 69 6e 67 20-66 6f 72 20 71 75 65 75 waiting for queu
fffff880`00efa280 77 61 69 74 69 6e 67 20-66 6f 72 20 61 6c 6c 20 waiting for all
fffff880`00efa2e0 77 61 69 74 69 6e 67 20-66 6f 72 20 61 6c 6c 20 waiting for all
fffff880`00fbb51f 77 61 69 74 69 6e 67 20-66 6f 72 20 25 77 5a 27 waiting for %wZ'
fffff880`03ef7e54 77 61 69 74 20 71 75 65-75 65 20 28 25 30 38 78 wait queue (%08x
fffff880`03f2011f 77 61 69 74 69 6e 67 20-66 6f 72 20 74 65 72 6d waiting for term
fffff880`07b432c8 77 61 69 74 20 6d 75 73-74 20 68 61 76 65 20 61 wait must have a
fffff880`07b43313 77 61 69 74 00 cc cc cc-cc cc cc cc cc 6f 62 6a wait.........obj
fffff880`07b4332f 77 61 69 74 20 66 61 69-6c 65 64 00 cc cc cc cc wait failed.....
fffff880`07b73bb8 77 61 69 74 20 6d 75 73-74 20 68 61 76 65 20 61 wait must have a
fffff880`07b73c03 77 61 69 74 00 cc cc cc-cc cc cc cc cc 6f 62 6a wait.........obj
fffff880`07b73c1f 77 61 69 74 20 66 61 69-6c 65 64 00 cc cc cc cc wait failed.....
Code:
lm a fffff880`00ef906f
start end module name
fffff880`00ef7000 fffff880`00fb9000 Wdf01000
Code:
lm a fffff880`07b73bb8
start end module name
fffff880`07b4c000 fffff880`07b82000 WUDFRd
Code:
lm a fffff880`07b73c03
start end module name
fffff880`07b4c000 fffff880`07b82000 WUDFRd
Code:
lm a fffff880`03ef7e54
start end module name
fffff880`03ef2000 fffff880`03f7b000 afd
- Update the network drivers mentioned above.
Keep us posted :) .