Hi Antonino,
It might be MBR rootkit, I reccomend restoring MBR according to this.
Thanks
Hi Zbynek,
here the compressed (rar) file of my C:\Windows\Minidump.
ninus_@hotmail.com_24051335.7z
Hi Antonino,
BSOD is probably caused by overheating issue (I reccomend fix it ASAP before something broke permanently).
To analyze Rootkit please provide us with GMER scan result (http://kb.avg.com/articles/en_US/How_to/GMER-Scan-Result/).
Thanks
I have a kernel rootkit…!!! AVG scan kill every hidden process that recognize, but, after the boot time the problem is still present. My PC has an high cpu load, temperatures over 90 °C (Notebook) and when I try to scan for virus, malware, spyware, rootkit, it crash in BSOD… I have tried other scanner for rootkit, but only AVG found something, but the correction not apply so good. How can I do without to reinstall windows from scratch and save my docs, programs, configs… my last five years of life on pc?
Hi Antonino,
Provided result seems ok, I am afraight it might be caused by something else.
Plesae provide us (http://kb.avg.com/articles/en_US/How_to/How-to-upload-a-file-to-our-FTP-server/) with Minidump (C:\WINDOWS\Minidump).
Thanks
I would recommend backup all important data, format hard drive completely and install it from scratch to make sure no infection survive it.
Thanks
Hi Antonino,
It might be MBR rootkit, I reccomend restoring MBR according to this.
Thanks
Hi Antonino,
Those BSOD are caused by usbhub.sys drived similar issue I found here (http://www.eightforums.com/drivers-hardware/38466-blue-screen-usbhub-sys.html).
Thanks
Hi Zbynek,
here the compressed (rar) file of my C:\Windows\Minidump.
ninus_@hotmail.com_24051335.7z
Hello Zbynek ,
I've had this type of BSOD before it happened to have what I call a "kernel rootkit" … I don't think that what you tell me is correlated with the strange behavior of my current PC, because before it didn't behave in this way:
when I try to scan with AVG , GMER , and any other antivirus / antimalware , my PC goes to BSOD without recording the relevant information as it says at the end of the screen , see the file I've attached here … not just … . , but the CPU load is 90% (which I reduced to about 40% , but I can't explain how) and what's more interesting is that it increases rapidly the temperature to about 90 ° C, even if I open notepad !!
I'm sorry, I can't provide any reports to help in the investigation … I have only been able to take some photos with my smartphone of the first AVG scans , when it recognised something.
I think that AVG is disabled by the virus , and so any other antivirus / antimalware .
Is it possible that I can't do anything ?
I just know that the virus is activated at every boot , but it is not in the MBR , so it will be some automatic start or it replaced the kernel with one infected , or perform some action in the registry or is a superhidden file … the fact is that work undisturbed and recognizes when an antivirus / anti-malware also tries to update its online database by removing the internet connection!!!
Is this caused by a bad driver like usbhub.sys?
ninus_@hotmail.com_26051542.7z
(smartphones snapshoot of BSOD .The minidump files weren't created because the PC was frozen)
ninus_@hotmail.com_26051623.7z
(smartphone photo of early AVG scan… the file spem.sys not exist in my pc… maybe…)
Thanks