Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: IRQL_NOT_LESS_OR_EQUAL caused by a virus .exe  (Read 38510 times)

0 Members and 1 Guest are viewing this topic.

Valeras

    Topic Starter


    Rookie

    • Experience: Familiar
    • OS: Windows 7
    Re: IRQL_NOT_LESS_OR_EQUAL caused by a virus .exe
    « Reply #45 on: September 15, 2011, 04:24:23 PM »
    Logs From OTL


    ========== OTL ==========
    ========== FILES ==========
    File\Folder C:\found.009 not found.
    ========== COMMANDS ==========
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully
     
    OTL by OldTimer - Version 3.2.28.0 log created on 09152011_172403


    Combofix was detected as a malware.

    Valeras

      Topic Starter


      Rookie

      • Experience: Familiar
      • OS: Windows 7
      Re: IRQL_NOT_LESS_OR_EQUAL caused by a virus .exe
      « Reply #46 on: September 15, 2011, 09:04:51 PM »
      1) I got a bosd while running scans using malware anti malbytes

      ==================================================
      Dump File         : 091511-45645-01.dmp
      Crash Time        : 9/15/2011 6:44:21 PM
      Bug Check String  : PAGE_FAULT_IN_NONPAGED_AREA
      Bug Check Code    : 0x00000050
      Parameter 1       : fffff8a0`067b0000
      Parameter 2       : 00000000`00000000
      Parameter 3       : fffff880`0165fa38
      Parameter 4       : 00000000`00000000
      Caused By Driver  : ntoskrnl.exe
      Caused By Address : ntoskrnl.exe+7cc40
      File Description  : NT Kernel & System
      Product Name      : Microsoft® Windows® Operating System
      Company           : Microsoft Corporation
      File Version      : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
      Processor         : x64
      Crash Address     : ntoskrnl.exe+7cc40
      Stack Address 1   :
      Stack Address 2   :
      Stack Address 3   :
      Computer Name     :
      Full Path         : C:\Windows\Minidump\091511-45645-01.dmp
      Processors Count  : 3
      Major Version     : 15
      Minor Version     : 7601
      Dump File Size    : 274,576
      ==================================================


      2) The Attachment of the DDS test is here




      [regaining space - attachment deleted by admin]

      SuperDave

      • Malware Removal Specialist
      • Moderator


      • Genius
      • Thanked: 1020
      • Certifications: List
      • Experience: Expert
      • OS: Windows 10
      Re: IRQL_NOT_LESS_OR_EQUAL caused by a virus .exe
      « Reply #47 on: September 16, 2011, 04:39:18 PM »
      I strongly recommend that you remove Ask from your computer because it;

      •Promotes its toolbars on sites targeted to kids.

      •Promotes its toolbars through ads that appear to be part of other companies' sites.

      •Promotes its toolbars through other companies' spyware.

      •Installs without any disclosure whatsoever and without any consent whatsoever.

      •Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

      •Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

      See Here for more info.

      If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

      AskBarDis or anything related to Ask

      Then please find and delete this folder in bold (if present):
      C:\Program Files\AskBarDis. or anything related to Ask.
      *****************************************************
      I see you are running Poker Stars. Poker Stars has a history of distributing spyware in their products. However, security experts still question this program as good or bad. I recommend to remove it to prevent spyware, but it is up to you to decide if you want to keep it.

      If you would like to uninstall it, do so as follows:

      Press Start, and navigate to the Control Panel. When in the control panel enter Add or Remove programs. Search for and locate PokerStars, and either click Change/Remove or Remove.
      ******************************************************
      Update Your Java (JRE)

      Old versions of Java have vulnerabilities that malware can use to infect your system.


      First Verify your Java Version

      If there are any other version(s) installed then update now.

      Get the new version (if needed)

      If your version is out of date install the newest version of the Sun Java Runtime Environment.

      Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

      Be sure to close ALL open web browsers before starting the installation.

      Remove any old versions

      1. Download JavaRa and unzip the file to your Desktop.
      2. Open JavaRA.exe and choose Remove Older Versions
      3. Once complete exit JavaRA.

      Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
      *****************************************************
      P2P - I see you have P2P software installed on your machine. (µTorrent, Ares 2.1.5, FrostWire 4.21.6 and FrostWire 5.0.8) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

      Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

      I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
      ***************************************************
      Quote
      Combofix was detected as a malware.
      You need to turn off your protection. Please try it again.

      Quote
      I got a bosd while running scans using malware anti malbytes
      Re-boot in Safe Mode and try running MBAM.
      Windows 8 and Windows 10 dual boot with two SSD's

      Valeras

        Topic Starter


        Rookie

        • Experience: Familiar
        • OS: Windows 7
        Re: IRQL_NOT_LESS_OR_EQUAL caused by a virus .exe
        « Reply #48 on: December 24, 2011, 11:55:10 AM »
        sorry for the delay again, im running the tests atm