Blue Screen of death

View previous topic View next topic Go down

Blue Screen of death

Post by tomzog on 3rd March 2010, 3:24 pm

I have been working on my sisters computer and found at least 465 tojans, malware, fakealerts etc and now I am getting the bsod which read stop 0x0000007e, 0xc0000005, 0xb6a9e474, 0xf8a89420, 0xf8a8911c. I am at a lost on what to do next.

Thanks

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 9th March 2010, 2:52 am

jsut to let everyone know my sisters computer is running smoothly. I took care of all the problems she had.

Thanks

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 9th March 2010, 3:50 am

Do you want to check anyway? There could be some bad stuff on there still, that could cause some bad issues, like making the computer to not boot anymore.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 12th March 2010, 4:13 pm

Let me know what else I can do. I don't need my sister giving it back to me.

Thanks

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 12th March 2010, 5:30 pm

Hello! We need to do some diagnostics to get started.

1. Please download [You must be registered and logged in to see this link.] by noahdfear.
  • Save it to your desktop.
  • Double-click profiles.exe and post its log when you reply


2. Download [You must be registered and logged in to see this link.] by ad13 and save it to your Desktop.
  • Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  • When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  • Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.


3. Please download [You must be registered and logged in to see this link.] by me, and save to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.zip, and extract the file to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.cmd to start.
  • It will finish quickly and launch a log.
  • Post the contents of it in your next reply.


4. In your next reply, please post the following logs for my review:
  • Profiles log (1)
  • Win32kDiag log (2)
  • Cheetah log (3)


Thanks! Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 12th March 2010, 7:29 pm

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
DefaultUserProfile REG_SZ Default User
AllUsersProfile REG_SZ All Users

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-907219651-3613633487-2847416929-1005
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Lex

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-907219651-3613633487-2847416929-500
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Administrator

SystemRoot REG_SZ C:\WINDOWS

Running from: C:\Documents and Settings\Lex\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Lex\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Finished!

Cheetah-Anti-Rogue v1.3.27
by DragonMaster Jay

Microsoft Windows XP [Version 5.1.2600]
Date: 03/12/2010 - Time: 14:23:48 - Arch.: x86


-- Malware removal tools check --
CCleaner
Malwarebytes' Anti-Malware
SUPERAntiSpyware


-- Known infection --



Extra message: Detection only.


EOF

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 12th March 2010, 8:25 pm

Please open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 14th March 2010, 7:00 pm

Malwarebytes' Anti-Malware 1.44
Database version: 3867
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/14/2010 2:58:50 PM
mbam-log-2010-03-14 (14-58-50).txt

Scan type: Quick Scan
Objects scanned: 132900
Time elapsed: 7 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 15th March 2010, 1:59 am

Download WhoCrashed [You must be registered and logged in to see this link.]
This program checks for any drivers which may have been causing your computer to crash....

Click on the file you just downloaded and run it.
Put a tick in Accept then click on Next
Put a tick in the Don't create a start menu folder then click Next
Put a tick in Create a Desktop Icon then click on Install and make sure there is a tick in Launch Whocrashed before clicking Finish
Click Analyze
It will want to download the Debugger and install it Say Yes

WhoCrashed will create report but you have to scroll down to see it
Copy and paste it into your next reply


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 15th March 2010, 7:50 pm

Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.


No valid crash dumps have been found on your computer


--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled and no valid crash dumps have been found on your computer. In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 16th March 2010, 1:39 am

Please download the latest version of Kaspersky GetSystemInfo (GSI) from [You must be registered and logged in to see this link.] and save it to your Desktop.
Please close all other applications running on your system.

Please double click GetSystemInfo.exe to open it.

Click the Settings button.



Set it to Maximum



IMPORTANT! Then please click Customize - choose Driver / Ports tab and uncheck Scan Ports.


Click Create Report to run it.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop. Please upload the folder to [You must be registered and logged in to see this link.] and click the Submit button.

Please copy and paste the url of the GSI Parser report (not the log) in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 16th March 2010, 9:52 pm

I am kind of lost on this program. I know what the url is, but where would I find it on the program? Would it be the auto analysis?

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 17th March 2010, 1:43 am

Should be in the Address Bar.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 17th March 2010, 4:28 pm

I hope this is right

[You must be registered and logged in to see this link.]

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 17th March 2010, 8:38 pm

Please go [You must be registered and logged in to see this link.]. Copy and paste the following file path in to the box.

C:\WINDOWS\system32\DelTMID.exe

Do the same for this file:

C:\WINDOWS\system32\Ptsaci40.dll

Then click submit.

Please post the results (web address to the page) to your next reply.

Note: it might ask you to see the past analysis. Instead, click on "Reanalise File Now."


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 18th March 2010, 3:27 am

it won't let me do anything unless I browse for a file

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 18th March 2010, 1:56 pm

Ok.

Using the browse file option, please find those files, and upload for analysis.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 18th March 2010, 6:41 pm

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 20th March 2010, 6:10 pm

Please download Stealth MBR Rootkit Detector by GMER from [You must be registered and logged in to see this link.], and save to your Desktop.
  • Double-click mbr.exe to start the program.
  • When done scanning, it will save a log on the Desktop called mbr.log.
  • Please post the contents of that log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 20th March 2010, 11:26 pm

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 21st March 2010, 3:28 am

Computer is clean. How is it running?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 22nd March 2010, 8:43 pm

It is running great!!!

I will send a donation when I get a chance

Thanks

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 22nd March 2010, 9:06 pm

You're welcome. Would you like to know how to prevent malware?

See [You must be registered and logged in to see this link.] for more info about malware and prevention.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 22nd March 2010, 9:15 pm

I am thinking about the academy. I do have alot of time on my hands since I am semi-retired and waiting for my disability to come through. I do work on family computers when it comes to any malware and sometimes any hardware, and I did learn quite alot from you. I do need to put a hard drive in my sisters comuter since she only has 15% free space left.

Thanks

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue Screen of death

Post by Dr Jay on 22nd March 2010, 11:35 pm

I would encourage it. It is fun, but still a little hard.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue Screen of death

Post by tomzog on 22nd March 2010, 11:56 pm

There sure is quite alot involved in doing it, but I learned alot and I did have some fun it doing it. I will honestly consider doing it. It's better then wiping out hard drives

tomzog
Novice
Novice

Posts Posts : 14
Joined Joined : 2010-03-03
Gender Gender : Male
OS OS : windows xp
Points Points : 24938
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum