- Local time
- 5:03 PM
- Messages
- 86
System Nec Versa L2100 OS Windows 7 (of course!)
It gets BSOD "Internal Power Failure" only when shutting down.
When I try Windows Update via control panel it says Unknown Error but I cannot find currently the exact error number and Microsoft didn't had a solution for it.
I've read that rootkit TDSS happens to make exactly these two problems in another forum but the laptop was completely different IBM.
I've reinstalled the chipset drivers with no luck. The drivers are only for Vista but work.
TDSS Killer tool happened to detect the rootkit in the HDD and the log said it cleaned it however after the restart I get BSOD with no text about the cause and it just restarts and cannot start again.
TDSS rootkit/bootkit infects the MBR of the hdd. I installed a new MBR with bootsect and bootcfg all possible subcommands to these two commands with no change.
If I start automatic system repair it hangs and I waited for it for like 20 minutes with no luck ( ASR still sucks even in Windows 7
)...
A fresh install with format of the drive and currently there are not problems so far.
Are there any additional commands which could help clean effectively without getting a new BSOD for no reason...
I also did rebuildbcd and fixboot and fixmbr and I watch the results which where successful.
I've attached a BSOD memory dump and they are all the same pointing to a single system file ntkrnlpa.exe. The TDSS killer tool reported the harddisk itself as infected and not files in it!
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Momchil\Desktop\051211-26754-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0x8303a000 PsLoadedModuleList = 0x83182810
Debug session time: Thu May 12 08:44:34.399 2011 (UTC + 3:00)
System Uptime: 0 days 0:39:48.708
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Loading Kernel Symbols
...............................................................
................................................................
.................................
Loading User Symbols
Loading unloaded module list
........
It gets BSOD "Internal Power Failure" only when shutting down.
When I try Windows Update via control panel it says Unknown Error but I cannot find currently the exact error number and Microsoft didn't had a solution for it.
I've read that rootkit TDSS happens to make exactly these two problems in another forum but the laptop was completely different IBM.
I've reinstalled the chipset drivers with no luck. The drivers are only for Vista but work.
TDSS Killer tool happened to detect the rootkit in the HDD and the log said it cleaned it however after the restart I get BSOD with no text about the cause and it just restarts and cannot start again.
TDSS rootkit/bootkit infects the MBR of the hdd. I installed a new MBR with bootsect and bootcfg all possible subcommands to these two commands with no change.
If I start automatic system repair it hangs and I waited for it for like 20 minutes with no luck ( ASR still sucks even in Windows 7
)...A fresh install with format of the drive and currently there are not problems so far.
Are there any additional commands which could help clean effectively without getting a new BSOD for no reason...
I also did rebuildbcd and fixboot and fixmbr and I watch the results which where successful.
I've attached a BSOD memory dump and they are all the same pointing to a single system file ntkrnlpa.exe. The TDSS killer tool reported the harddisk itself as infected and not files in it!
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Momchil\Desktop\051211-26754-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0x8303a000 PsLoadedModuleList = 0x83182810
Debug session time: Thu May 12 08:44:34.399 2011 (UTC + 3:00)
System Uptime: 0 days 0:39:48.708
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Loading Kernel Symbols
...............................................................
................................................................
.................................
Loading User Symbols
Loading unloaded module list
........
My Computer
- OS
- 32 bit Windows 7
